Search results for "Anomaly detection"
showing 10 items of 82 documents
Data Mining Approach for Detection of DDoS Attacks Utilizing SSL/TLS Protocol
2015
Denial of Service attacks remain one of the most serious threats to the Internet nowadays. In this study, we propose an algorithm for detection of Denial of Service attacks that utilize SSL/TLS protocol. These protocols encrypt the data of network connections on the application layer which makes it impossible to detect attackers activity based on the analysis of packet payload. For this reason, we concentrate on statistics that can be extracted from packet headers. Based on these statistics, we build a model of normal user behavior by using several data mining algorithms. Once the model has been built, it is used to detect DoS attacks. The proposed framework is tested on the data obtained w…
Anomaly Detection in Traffic Surveillance Videos Using Deep Learning
2022
In the recent past, a huge number of cameras have been placed in a variety of public and private areas for the purposes of surveillance, the monitoring of abnormal human actions, and traffic surveillance. The detection and recognition of abnormal activity in a real-world environment is a big challenge, as there can be many types of alarming and abnormal activities, such as theft, violence, and accidents. This research deals with accidents in traffic videos. In the modern world, video traffic surveillance cameras (VTSS) are used for traffic surveillance and monitoring. As the population is increasing drastically, the likelihood of accidents is also increasing. The VTSS is used to detect abno…
Anomaly Detection from Network Logs Using Diffusion Maps
2011
The goal of this study is to detect anomalous queries from network logs using a dimensionality reduction framework. The fequencies of 2-grams in queries are extracted to a feature matrix. Dimensionality reduction is done by applying diffusion maps. The method is adaptive and thus does not need training before analysis. We tested the method with data that includes normal and intrusive traffic to a web server. This approach finds all intrusions in the dataset. peerReviewed
Weather sensor fault detection in meteorological masts
2020
Wind power has become the world’s fastest growing renewable technology. The world-wide wind power installed capacity has exceeded 597 GW, and the new installations during the last three years was an average of 50 GW per year. A major issue with wind power system and with meteorological masts is the relatively high cost of operation and maintenance (OM). Wind turbines and sensor towers are hard-to-access structures, and they are often located in remote areas. That’s why continuous monitoring of wind turbine health using automated failure detection algorithms can improve turbine reliability and reduce maintenance costs by detecting failures before they reach a catastrophic stage and by elimin…
Système de détection d'anomalies d'aspect par la technique PTM
2011
This documentation details the creation of a support system for the detecting visual sur- face anomalies . This work is based on a technique called Polynomial Texture Mapping (PTM). This technique allows to highlight appearance anomalies by varying the position of the light source. It also makes possible the calculation of the surface topography. This system was designed during the first quarter of 2011 in the SYMME laboratory (Laboratory for Materials and Mechatronics), and is a part of the European research program INTERREG IV. This program aims to enhance a strength of economic activity on both sides of the border France - Switzerland : the realization of high-value products (watches, au…
Anomaly Detection and Classification of Household Electricity Data : A Time Window and Multilayer Hierarchical Network Approach
2022
With the increasing popularity of the smart grid, huge volumes of data are gathered from numerous sensors. How to classify, store, and analyze massive datasets to facilitate the development of the smart grid has recently attracted much attention. In particular, with the popularity of household smart meters and electricity monitoring sensors, a large amount of data can be obtained to analyze household electricity usage so as to better diagnose the leakage and theft behaviors, identify man-made tampering and data fraud, and detect powerline loss. In this paper, the time window method is first proposed to obtain the features and potential periodicity of household electricity data. Combining th…
Probabilistic Transition-Based Approach for Detecting Application-Layer DDoS Attacks in Encrypted Software-Defined Networks
2017
With the emergence of cloud computing, many attacks, including Distributed Denial-of-Service (DDoS) attacks, have changed their direction towards cloud environment. In particular, DDoS attacks have changed in scale, methods, and targets and become more complex by using advantages provided by cloud computing. Modern cloud computing environments can benefit from moving towards Software-Defined Networking (SDN) technology, which allows network engineers and administrators to respond quickly to the changing business requirements. In this paper, we propose an approach for detecting application-layer DDoS attacks in cloud environment with SDN. The algorithm is applied to statistics extracted from…
Dimensionality reduction framework for detecting anomalies from network logs
2012
Dynamic web services are vulnerable to multitude of intrusions that could be previously unknown. Server logs contain vast amounts of information about network traffic, and finding attacks from these logs improves the security of the services. In this research features are extracted from HTTP query parameters using 2-grams. We propose a framework that uses dimensionality reduction and clustering to identify anomalous behavior. The framework detects intrusions from log data gathered from a real network service. This approach is adaptive, works on the application layer and reduces the number of log lines that needs to be inspected. Furthermore, the traffic can be visualized. peerReviewed
Using affinity perturbations to detect web traffic anomalies
2013
The initial training phase of machine learning algorithms is usually computationally expensive as it involves the processing of huge matrices. Evolving datasets are challenging from this point of view because changing behavior requires updating the training. We propose a method for updating the training profile efficiently and a sliding window algorithm for online processing of the data in smaller fractions. This assumes the data is modeled by a kernel method that includes spectral decomposition. We demonstrate the algorithm with a web server request log where an actual intrusion attack is known to happen. Updating the kernel dynamically using a sliding window technique, prevents the proble…
Anomaly-based online intrusion detection system as a sensor for cyber security situational awareness system
2016
Almost all the organisations and even individuals rely on complex structures of data networks and networked computer systems. That complex data ensemble, the cyber domain, provides great opportunities, but at the same time it offers many possible attack vectors that can be abused for cyber vandalism, cyber crime, cyber espionage or cyber terrorism. Those threats produce requirements for cyber security situational awareness and intrusion detection capability. This dissertation concentrates on research and development of anomaly-based network intrusion detection system as a sensor for a situational awareness system. In this dissertation, several models of intrusion detection systems are devel…