Pub Date : 2017-07-01DOI: 10.1109/ISI.2017.8004889
Xiangfei Kong, W. Mao
Given a collection of event-related documents, event ranking generates a list of ranked events based on the input query. Ranking news events, which takes event related news documents for the generation of ranked events, is both an essential research issue and important component for many security oriented applications, such as public event monitoring, retrieval, detection and mining. Previous related work solely relies on queries of event relevant aspects, and user relevant aspects of queries that are critical for security applications are totally ignored. In this paper, we deal with the problem of news ranking by incorporating user relevant information into the input query, from the cluster of relevant new documents and comments. Given an input query, which contains event related objective aspects(e.g. actors, locations, date) and user related subjective aspects(e.g. public attention and opinion polarity), we develop a Learning-to-Rank framework to integrate aspect-level correlation between query and event. Experiments on a crawled large news corpus show the effectiveness of our proposed approach compared to several baseline models.
{"title":"Ranking events based on user relevant query","authors":"Xiangfei Kong, W. Mao","doi":"10.1109/ISI.2017.8004889","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004889","url":null,"abstract":"Given a collection of event-related documents, event ranking generates a list of ranked events based on the input query. Ranking news events, which takes event related news documents for the generation of ranked events, is both an essential research issue and important component for many security oriented applications, such as public event monitoring, retrieval, detection and mining. Previous related work solely relies on queries of event relevant aspects, and user relevant aspects of queries that are critical for security applications are totally ignored. In this paper, we deal with the problem of news ranking by incorporating user relevant information into the input query, from the cluster of relevant new documents and comments. Given an input query, which contains event related objective aspects(e.g. actors, locations, date) and user related subjective aspects(e.g. public attention and opinion polarity), we develop a Learning-to-Rank framework to integrate aspect-level correlation between query and event. Experiments on a crawled large news corpus show the effectiveness of our proposed approach compared to several baseline models.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122311773","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-01DOI: 10.1109/ISI.2017.8004891
Hongliang Liang, Yan Song, Da Xiao
Malware detection has been a difficult problem for a very long time. Since the wide use of smart devices in recent years, the number of malwares is increasing rapidly. Most existing methods for malware detection rely too much on manual interventions (e.g. pre-defined features and patterns), which can be easily deceived. In this paper, we propose a novel end-to-end deep learning model to detect Android malwares. Our model takes the raw system call sequence, which is generated during the application's runtime, as input and decides whether the sequence is malicious without any manual intervention. We evaluate the model on 14231 Android applications and obtain a detection accuracy of 93.16%, which is 2.81% higher than the contrast experiment in which we implement the method proposed by other researchers.
{"title":"An end-to-end model for Android malware detection","authors":"Hongliang Liang, Yan Song, Da Xiao","doi":"10.1109/ISI.2017.8004891","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004891","url":null,"abstract":"Malware detection has been a difficult problem for a very long time. Since the wide use of smart devices in recent years, the number of malwares is increasing rapidly. Most existing methods for malware detection rely too much on manual interventions (e.g. pre-defined features and patterns), which can be easily deceived. In this paper, we propose a novel end-to-end deep learning model to detect Android malwares. Our model takes the raw system call sequence, which is generated during the application's runtime, as input and decides whether the sequence is malicious without any manual intervention. We evaluate the model on 14231 Android applications and obtain a detection accuracy of 93.16%, which is 2.81% higher than the contrast experiment in which we implement the method proposed by other researchers.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115988177","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-01DOI: 10.1109/ISI.2017.8004896
Wangyan Feng, W. Yan, Shuning Wu, Ningwei Liu
As increasingly more enterprises are deploying cloud file-sharing services, this adds a new channel for potential insider threats to company data and IPs. In this paper, we introduce a two-stage machine learning system to detect anomalies. In the first stage, we project the access logs of cloud file-sharing services onto relationship graphs and use three complementary graph-based unsupervised learning methods: OddBall, PageRank and Local Outlier Factor (LOF) to generate outlier indicators. In the second stage, we ensemble the outlier indicators and introduce the discrete wavelet transform (DWT) method, and propose a procedure to use wavelet coefficients with the Haar wavelet function to identify outliers for insider threat. The proposed system has been deployed in a real business environment, and demonstrated effectiveness by selected case studies.
{"title":"Wavelet transform and unsupervised machine learning to detect insider threat on cloud file-sharing","authors":"Wangyan Feng, W. Yan, Shuning Wu, Ningwei Liu","doi":"10.1109/ISI.2017.8004896","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004896","url":null,"abstract":"As increasingly more enterprises are deploying cloud file-sharing services, this adds a new channel for potential insider threats to company data and IPs. In this paper, we introduce a two-stage machine learning system to detect anomalies. In the first stage, we project the access logs of cloud file-sharing services onto relationship graphs and use three complementary graph-based unsupervised learning methods: OddBall, PageRank and Local Outlier Factor (LOF) to generate outlier indicators. In the second stage, we ensemble the outlier indicators and introduce the discrete wavelet transform (DWT) method, and propose a procedure to use wavelet coefficients with the Haar wavelet function to identify outliers for insider threat. The proposed system has been deployed in a real business environment, and demonstrated effectiveness by selected case studies.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120810081","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-01DOI: 10.1109/ISI.2017.8004915
Lu Luo, Peng Cao, Dazhong Mu
The data hiding technique based on halftone dot features (spatial position or shape) has a special anti-copy function. However, this function has a very strict demand for image acquisition and authenticity identification. We provide a high-resolution imaging control technology of the macro mode for iPhones based on Xcode tool and ZXing Jar. At the same time, an image resolution estimation algorithm is proposed based on the method of least squares.
{"title":"Research on high-resolution imaging technology to extract the halftone-dot-information by iPhone","authors":"Lu Luo, Peng Cao, Dazhong Mu","doi":"10.1109/ISI.2017.8004915","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004915","url":null,"abstract":"The data hiding technique based on halftone dot features (spatial position or shape) has a special anti-copy function. However, this function has a very strict demand for image acquisition and authenticity identification. We provide a high-resolution imaging control technology of the macro mode for iPhones based on Xcode tool and ZXing Jar. At the same time, an image resolution estimation algorithm is proposed based on the method of least squares.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134116308","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-01DOI: 10.1109/ISI.2017.8004914
Jin-Seong Kim, I. Jung
Android app is often used at multiple devices of one user. Sometimes, an app recognizes another device to be the same device which it has known, and bypasses its authentication process. As a result, an attacker can get the same privilege as the original device owner has for the app. In this paper, we show how to get the privilege of the device owner in Android app and how to defend against the attack by Same Identifier Attack Defensor.
{"title":"Android app protection using same identifier attack defensor","authors":"Jin-Seong Kim, I. Jung","doi":"10.1109/ISI.2017.8004914","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004914","url":null,"abstract":"Android app is often used at multiple devices of one user. Sometimes, an app recognizes another device to be the same device which it has known, and bypasses its authentication process. As a result, an attacker can get the same privilege as the original device owner has for the app. In this paper, we show how to get the privilege of the device owner in Android app and how to defend against the attack by Same Identifier Attack Defensor.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133599284","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-01DOI: 10.1109/ISI.2017.8004911
Tian Beibei, Zheng Feifei, Cao Yuqi
This paper analyzed the relationship between Networked Readiness Index and Global Competitiveness Index published by the World Economic Forum through regression model. It is verified that the global competitiveness of a country is closely related to its degree of informatization. So in the context of China's “new normal”, keeping rapid development in information technology may help China to keep the rapid development in global competitiveness.
{"title":"Research on the relationship between informatization level and global competitiveness","authors":"Tian Beibei, Zheng Feifei, Cao Yuqi","doi":"10.1109/ISI.2017.8004911","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004911","url":null,"abstract":"This paper analyzed the relationship between Networked Readiness Index and Global Competitiveness Index published by the World Economic Forum through regression model. It is verified that the global competitiveness of a country is closely related to its degree of informatization. So in the context of China's “new normal”, keeping rapid development in information technology may help China to keep the rapid development in global competitiveness.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128188030","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-01DOI: 10.1109/ISI.2017.8004900
Jie Bai, Linjing Li, Lan Lu, Yanwu Yang, D. Zeng
Predicting meme burst is of great relevance to develop security-related detecting and early warning capabilities. In this paper, we propose a feature-based method for real-time meme burst predictions, namely “Semantic, Network, and Time” (SNAT). By considering the potential characteristics of bursty memes, such as the semantics and spatio-temporal characteristics during their propagation, SNAT is capable of capturing meme burst at the very beginning and in real time. Experimental results prove the effectiveness of SNAT in terms of both fixed-time and real-time meme burst prediction tasks.
{"title":"Real-time prediction of meme burst","authors":"Jie Bai, Linjing Li, Lan Lu, Yanwu Yang, D. Zeng","doi":"10.1109/ISI.2017.8004900","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004900","url":null,"abstract":"Predicting meme burst is of great relevance to develop security-related detecting and early warning capabilities. In this paper, we propose a feature-based method for real-time meme burst predictions, namely “Semantic, Network, and Time” (SNAT). By considering the potential characteristics of bursty memes, such as the semantics and spatio-temporal characteristics during their propagation, SNAT is capable of capturing meme burst at the very beginning and in real time. Experimental results prove the effectiveness of SNAT in terms of both fixed-time and real-time meme burst prediction tasks.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129180893","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-01DOI: 10.1109/ISI.2017.8004910
Peng Su, Yuqin Zhao, Jian Yang, Zhenpeng Li
Among the most important and distinctive actionable knowledge are actionable behavioral rules (ABRs). To make ABRM a promising technique for security informatics, we develop new methodologies for it. We also conduct an experiment to validate our approach. The experimental results strongly suggest the validity of our approach.
{"title":"A new approach to security informatics: Actionable behavioral rules mining (ABRM)","authors":"Peng Su, Yuqin Zhao, Jian Yang, Zhenpeng Li","doi":"10.1109/ISI.2017.8004910","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004910","url":null,"abstract":"Among the most important and distinctive actionable knowledge are actionable behavioral rules (ABRs). To make ABRM a promising technique for security informatics, we develop new methodologies for it. We also conduct an experiment to validate our approach. The experimental results strongly suggest the validity of our approach.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114440454","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-01DOI: 10.1109/ISI.2017.8004870
Christopher Schon, N. Adams, M. Evangelou
This paper takes an unsupervised learning approach for monitoring edge activity within an enterprise computer network. Using NetFlow records, features are gathered across the active connections (edges) in 15-minute time windows. Then, edges are grouped into clusters using the k-means algorithm. This process is repeated over contiguous windows. A series of informative indicators are derived by examining the relationship of edges with the observed cluster structure. This leads to an intuitive method for monitoring network behaviour and a temporal description of edge behaviour at global and local levels.
{"title":"Clustering and monitoring edge behaviour in enterprise network traffic","authors":"Christopher Schon, N. Adams, M. Evangelou","doi":"10.1109/ISI.2017.8004870","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004870","url":null,"abstract":"This paper takes an unsupervised learning approach for monitoring edge activity within an enterprise computer network. Using NetFlow records, features are gathered across the active connections (edges) in 15-minute time windows. Then, edges are grouped into clusters using the k-means algorithm. This process is repeated over contiguous windows. A series of informative indicators are derived by examining the relationship of edges with the observed cluster structure. This leads to an intuitive method for monitoring network behaviour and a temporal description of edge behaviour at global and local levels.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132923360","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-01DOI: 10.1109/ISI.2017.8004898
Guandan Chen, Qingchao Kong, W. Mao
Online interaction behavior between web users often makes some events go viral. Popularity prediction of events is a key task in many security related applications. It forecasts how widely events would spread based on the information of evolution at an early stage. Existing methods either rely on careful feature engineering, or solely consider time series, ignoring rich information of user and text content. In this paper, we attempt to extract and fuse the rich information of text content, user and time series in a data-driven fashion. To this end, we design a popularity prediction model based on deep neural networks, which uses three encoders to extract high-level representation of text content, users and time series respectively. In addition, we incorporate attention mechanism to make our model focus on important features. Experiments on real world dataset show the effectiveness of our proposed model.
{"title":"An attention-based neural popularity prediction model for social media events","authors":"Guandan Chen, Qingchao Kong, W. Mao","doi":"10.1109/ISI.2017.8004898","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004898","url":null,"abstract":"Online interaction behavior between web users often makes some events go viral. Popularity prediction of events is a key task in many security related applications. It forecasts how widely events would spread based on the information of evolution at an early stage. Existing methods either rely on careful feature engineering, or solely consider time series, ignoring rich information of user and text content. In this paper, we attempt to extract and fuse the rich information of text content, user and time series in a data-driven fashion. To this end, we design a popularity prediction model based on deep neural networks, which uses three encoders to extract high-level representation of text content, users and time series respectively. In addition, we incorporate attention mechanism to make our model focus on important features. Experiments on real world dataset show the effectiveness of our proposed model.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"81 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134018650","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: