Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137312
Xuning Tang, Christopher C. Yang
Social networks are valuable resources for intelligence and law enforcement force in their investigations when they want to identify suspects, terrorist or criminal subgroups and their communication patterns. However, missing information in a terrorist or criminal social network always diminish the effectiveness of investigation. Sharing and integration of social networks from different agencies helps increasing its effectiveness; however, information sharing is usually forbidden due to the concern of privacy protection. In this paper, we introduce the subgraph generalization and mechanism to integrate generalized information to conduct social network analysis.
{"title":"Terrorist and criminal social network data sharing and integration","authors":"Xuning Tang, Christopher C. Yang","doi":"10.1109/ISI.2009.5137312","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137312","url":null,"abstract":"Social networks are valuable resources for intelligence and law enforcement force in their investigations when they want to identify suspects, terrorist or criminal subgroups and their communication patterns. However, missing information in a terrorist or criminal social network always diminish the effectiveness of investigation. Sharing and integration of social networks from different agencies helps increasing its effectiveness; however, information sharing is usually forbidden due to the concern of privacy protection. In this paper, we introduce the subgraph generalization and mechanism to integrate generalized information to conduct social network analysis.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124140752","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137314
S. Phithakkitnukoon, R. Dantu
Internet Telephony has recently gained popularity. Voice over IP (VoIP) has emerged as an alternative to the current public switched telephone network (PSTN) system due to its cost efficiency. Spam inherently becomes a problem in VoIP networks. In this paper, we present our ongoing research in defending VoIP networks against spam by presenting a new defense mechanism using community signals.
互联网电话最近越来越受欢迎。网络电话(VoIP)因其成本效益而成为当前公共交换电话网(PSTN)系统的替代品。在 VoIP 网络中,垃圾邮件必然会成为一个问题。在本文中,我们介绍了我们正在进行的利用社区信号的新防御机制来防御 VoIP 网络垃圾邮件的研究。
{"title":"Defense against SPIT using community signals","authors":"S. Phithakkitnukoon, R. Dantu","doi":"10.1109/ISI.2009.5137314","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137314","url":null,"abstract":"Internet Telephony has recently gained popularity. Voice over IP (VoIP) has emerged as an alternative to the current public switched telephone network (PSTN) system due to its cost efficiency. Spam inherently becomes a problem in VoIP networks. In this paper, we present our ongoing research in defending VoIP networks against spam by presenting a new defense mechanism using community signals.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127702917","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137302
Kimin Seo, J. Choi, Yong-seok Choi, Dong-chan Lee, Sangjin Lee
Numbers of companies are using AMS (Accounting Management System) to manage their accounting data. In the case of large corporations they tend to use ERP (Enterprise Resources Planning), but except them most of companies use AMS to manage their accounting information. In the other words, every company is using some sort of digital data format to manage their accounting data. Therefore, if there is a tool to extract and analyze accounting data to detect any financial fraud, a forensic accountant can use it wisely. This paper introduces about forensic accounting and its related works, and shows a design of forensic accounting tool that could extract accounting data from a company's AMS and analyze them.
{"title":"Research about extracting and analyzing accounting data of company to detect financial fraud","authors":"Kimin Seo, J. Choi, Yong-seok Choi, Dong-chan Lee, Sangjin Lee","doi":"10.1109/ISI.2009.5137302","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137302","url":null,"abstract":"Numbers of companies are using AMS (Accounting Management System) to manage their accounting data. In the case of large corporations they tend to use ERP (Enterprise Resources Planning), but except them most of companies use AMS to manage their accounting information. In the other words, every company is using some sort of digital data format to manage their accounting data. Therefore, if there is a tool to extract and analyze accounting data to detect any financial fraud, a forensic accountant can use it wisely. This paper introduces about forensic accounting and its related works, and shows a design of forensic accounting tool that could extract accounting data from a company's AMS and analyze them.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127508842","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137285
F. Jemili, M. Zaghdoud, M. Ahmed
The goal of a network-based intrusion detection system (IDS) is to identify malicious behaviour that targets a network and its resources. Intrusion detection parameters are numerous and in many cases they present uncertain and imprecise causal relationships which can affect attack types. A Bayesian Network (BN) is known as graphical modeling tool used to model decision problems containing uncertainty. In this paper, a BN is used to buidl automatic intrusion detection system based on signature recognition. A major difficulty of this system is that the uncertainty on parameters can have two origins. The first source of uncertainty
{"title":"Intrusion detection based on “Hybrid” propagation in Bayesian Networks","authors":"F. Jemili, M. Zaghdoud, M. Ahmed","doi":"10.1109/ISI.2009.5137285","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137285","url":null,"abstract":"The goal of a network-based intrusion detection system (IDS) is to identify malicious behaviour that targets a network and its resources. Intrusion detection parameters are numerous and in many cases they present uncertain and imprecise causal relationships which can affect attack types. A Bayesian Network (BN) is known as graphical modeling tool used to model decision problems containing uncertainty. In this paper, a BN is used to buidl automatic intrusion detection system based on signature recognition. A major difficulty of this system is that the uncertainty on parameters can have two origins. The first source of uncertainty","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131901952","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137280
Gary Doss, G. Tejay
Insider threats and attacks are a known problem. Within an enterprise it is very difficult to detect and identify insider attacks and abuse against Information Systems. A study was conducted by observing a group of IS security analysts who detect and identify insider attacks. Commonalities and generalizations were made based on the study to create an insider attack detection model. This model will allow other IS security analysts the ability to increase detection of insider attacks and reduce false positives.
{"title":"Developing insider attack detection model: A grounded approach","authors":"Gary Doss, G. Tejay","doi":"10.1109/ISI.2009.5137280","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137280","url":null,"abstract":"Insider threats and attacks are a known problem. Within an enterprise it is very difficult to detect and identify insider attacks and abuse against Information Systems. A study was conducted by observing a group of IS security analysts who detect and identify insider attacks. Commonalities and generalizations were made based on the study to create an insider attack detection model. This model will allow other IS security analysts the ability to increase detection of insider attacks and reduce false positives.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116036182","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137331
Timothy W. Finin, A. Joshi, H. Kargupta, Y. Yesha, J. Sachs, E. Bertino, Ninghui Li, Chris Clifton, Gene Spafford, B. Thuraisingham, Murat Kantarcioglu, A. Bensoussan, N. Berg, L. Khan, Jiawei Han, ChengXiang Zhai, R. Sandhu, Shouhuai Xu, Jim Massaro, Lada A. Adamic
This paper describes our approach to assured information sharing. The research is being carried out under a MURI 9Multiuniversiyt Research Initiative) project funded by the Air Force Office of Scientific Research (AFOSR). The main objective of our project is: define, design and develop an Assured Information Sharing Lifecycle (AISL) that realizes the DoD's information sharing value chain. In this paper we describe the problem faced by the Department of Defense and our solution to developing an AISL System.
{"title":"Assured Information Sharing Life Cycle","authors":"Timothy W. Finin, A. Joshi, H. Kargupta, Y. Yesha, J. Sachs, E. Bertino, Ninghui Li, Chris Clifton, Gene Spafford, B. Thuraisingham, Murat Kantarcioglu, A. Bensoussan, N. Berg, L. Khan, Jiawei Han, ChengXiang Zhai, R. Sandhu, Shouhuai Xu, Jim Massaro, Lada A. Adamic","doi":"10.1109/ISI.2009.5137331","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137331","url":null,"abstract":"This paper describes our approach to assured information sharing. The research is being carried out under a MURI 9Multiuniversiyt Research Initiative) project funded by the Air Force Office of Scientific Research (AFOSR). The main objective of our project is: define, design and develop an Assured Information Sharing Lifecycle (AISL) that realizes the DoD's information sharing value chain. In this paper we describe the problem faced by the Department of Defense and our solution to developing an AISL System.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116165814","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137320
Peng Su, W. Mao, D. Zeng, Xiaochen Li, Fei-Yue Wang
Cultural modeling is an emergent and promising research area in social computing. It aims at developing behavioral models of groups and analyzing the impact of culture factors on group behavior using computational methods. Machine learning methods in particular classification, play a central role in such applications. In cultural modeling, it is expected that classifiers yield good performance. However, the performance of standard classifiers is often severely hindered in practice due to the imbalanced distribution of class in cultural data. In this paper, we identify class imbalance problem in cultural modeling domain. To handle the problem, we propose a user involved solution employing the receiver operating characteristic (ROC) analysis for classification algorithms with sampling approaches. Finally, we conduct experiment to verify the effectiveness of the proposed solution.
{"title":"Handling Class Imbalance Problem in Cultural Modeling","authors":"Peng Su, W. Mao, D. Zeng, Xiaochen Li, Fei-Yue Wang","doi":"10.1109/ISI.2009.5137320","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137320","url":null,"abstract":"Cultural modeling is an emergent and promising research area in social computing. It aims at developing behavioral models of groups and analyzing the impact of culture factors on group behavior using computational methods. Machine learning methods in particular classification, play a central role in such applications. In cultural modeling, it is expected that classifiers yield good performance. However, the performance of standard classifiers is often severely hindered in practice due to the imbalanced distribution of class in cultural data. In this paper, we identify class imbalance problem in cultural modeling domain. To handle the problem, we propose a user involved solution employing the receiver operating characteristic (ROC) analysis for classification algorithms with sampling approaches. Finally, we conduct experiment to verify the effectiveness of the proposed solution.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126993819","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137326
R. Bares
Necessity is the mother of invention, and necessity has produced many software and hardware tools in the realm of computer networking and security to overcome problems encountered in the private and public sector. Unconventionally installed operating systems including virtual machines, operating systems installed on removable media and external storage drives are some recent inventions. These tools have been very useful to network administrators, but they can also be used in ways not intended by their creators in an attempt to mask the activities of a user. This paper will attempt to evaluate the possibility of using these unconventionally installed operating systems in an attempt to hide one's activities from conventional digital forensic tools. This evaluation will be conducted by repeating a series of tests inside a virtual environment, then overwriting the virtual environment flat file and having the host computer imaged and examined by forensic tools.
{"title":"Hiding in a virtual world: Using unconventionally installed operating systems","authors":"R. Bares","doi":"10.1109/ISI.2009.5137326","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137326","url":null,"abstract":"Necessity is the mother of invention, and necessity has produced many software and hardware tools in the realm of computer networking and security to overcome problems encountered in the private and public sector. Unconventionally installed operating systems including virtual machines, operating systems installed on removable media and external storage drives are some recent inventions. These tools have been very useful to network administrators, but they can also be used in ways not intended by their creators in an attempt to mask the activities of a user. This paper will attempt to evaluate the possibility of using these unconventionally installed operating systems in an attempt to hide one's activities from conventional digital forensic tools. This evaluation will be conducted by repeating a series of tests inside a virtual environment, then overwriting the virtual environment flat file and having the host computer imaged and examined by forensic tools.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126783833","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137276
C. Torpelund-Bruin, Ickjai Lee
We propose efficient and effective sequential-scan algorithms for intelligent emergency planning, spatial analysis and disaster decision support through the use of Voronoi Tessellations. We propose a modified distance transform algorithm to include complex primitives (point, line and area), Minkowski metrics, different weights, obstacles and higher-order Voronoi diagrams. Illustrated examples demonstrate the usefulness and robustness of our proposed computation model.
{"title":"A Voronoi-based model for emergency planning using sequential-scan algorithms","authors":"C. Torpelund-Bruin, Ickjai Lee","doi":"10.1109/ISI.2009.5137276","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137276","url":null,"abstract":"We propose efficient and effective sequential-scan algorithms for intelligent emergency planning, spatial analysis and disaster decision support through the use of Voronoi Tessellations. We propose a modified distance transform algorithm to include complex primitives (point, line and area), Minkowski metrics, different weights, obstacles and higher-order Voronoi diagrams. Illustrated examples demonstrate the usefulness and robustness of our proposed computation model.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133086621","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137305
Cyril Onwubiko
The underpinning of situational awareness in computer networks is to identify adversaries, estimate impact of attacks, evaluate risks, understand situations and make sound decisions on how to protect valued assets swiftly and accurately. SA also underscores situation assessment in order to make accurate forecast in dynamic and complex environments. In this paper, situational awareness in computer network security is investigated. Functional attributes of situational awareness in computer network security are discussed: dynamism and complexity, automation, realtime processing, multisource data fusion, heterogeneity, security visualisation, decision control, risk assessment, resolution, forecasting and prediction.
{"title":"Functional requirements of situational awareness in computer network security","authors":"Cyril Onwubiko","doi":"10.1109/ISI.2009.5137305","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137305","url":null,"abstract":"The underpinning of situational awareness in computer networks is to identify adversaries, estimate impact of attacks, evaluate risks, understand situations and make sound decisions on how to protect valued assets swiftly and accurately. SA also underscores situation assessment in order to make accurate forecast in dynamic and complex environments. In this paper, situational awareness in computer network security is investigated. Functional attributes of situational awareness in computer network security are discussed: dynamism and complexity, automation, realtime processing, multisource data fusion, heterogeneity, security visualisation, decision control, risk assessment, resolution, forecasting and prediction.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115124032","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: