Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356537
K. Slot, J. Cichosz, L. Bronakowski
The following paper examines a possibility of applying phone-pronunciation variability descriptors in emotion classification. The proposed group of descriptors comprises a set of statistical parameters of Poincare maps, which are derived for evolution of formant-frequencies and energy of voiced-speech segments. Poincare maps are represented by means of four different parameters that summarize various aspects of plot's scatter. It has been shown that incorporation of the proposed features into a set of commonly-used emotional-speech descriptors, results in a substantial, ten-percent increase in emotion classification performance - recognition rates are at the order of 80% for six-category, speaker independent experiments.
{"title":"Application of voiced-speech variability descriptors to emotion recognition","authors":"K. Slot, J. Cichosz, L. Bronakowski","doi":"10.1109/CISDA.2009.5356537","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356537","url":null,"abstract":"The following paper examines a possibility of applying phone-pronunciation variability descriptors in emotion classification. The proposed group of descriptors comprises a set of statistical parameters of Poincare maps, which are derived for evolution of formant-frequencies and energy of voiced-speech segments. Poincare maps are represented by means of four different parameters that summarize various aspects of plot's scatter. It has been shown that incorporation of the proposed features into a set of commonly-used emotional-speech descriptors, results in a substantial, ten-percent increase in emotion classification performance - recognition rates are at the order of 80% for six-category, speaker independent experiments.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"13 1","pages":"1-5"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81187552","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356534
Riyad Alshammari, A. N. Zincir-Heywood
The objective of this work is to assess the robustness of machine learning based traffic classification for classifying encrypted traffic where SSH and Skype are taken as good representatives of encrypted traffic. Here what we mean by robustness is that the classifiers are trained on data from one network but tested on data from an entirely different network. To this end, five learning algorithms — AdaBoost, Support Vector Machine, Naïe Bayesian, RIPPER and C4.5 — are evaluated using flow based features, where IP addresses, source/destination ports and payload information are not employed. Results indicate the C4.5 based approach performs much better than other algorithms on the identification of both SSH and Skype traffic on totally different networks.
{"title":"Machine learning based encrypted traffic classification: Identifying SSH and Skype","authors":"Riyad Alshammari, A. N. Zincir-Heywood","doi":"10.1109/CISDA.2009.5356534","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356534","url":null,"abstract":"The objective of this work is to assess the robustness of machine learning based traffic classification for classifying encrypted traffic where SSH and Skype are taken as good representatives of encrypted traffic. Here what we mean by robustness is that the classifiers are trained on data from one network but tested on data from an entirely different network. To this end, five learning algorithms — AdaBoost, Support Vector Machine, Naïe Bayesian, RIPPER and C4.5 — are evaluated using flow based features, where IP addresses, source/destination ports and payload information are not employed. Results indicate the C4.5 based approach performs much better than other algorithms on the identification of both SSH and Skype traffic on totally different networks.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"93 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89237389","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356521
A. Lawniczak, B. D. Stefano, Hao Wu
We detect & study packet traffic anomalies similar to DDoS attacks using information entropy. We perform network-wide monitoring of information entropy of packet traffic at a small number of selected routers. Our method is based on the fact that DDoS attacks change the “natural” order and randomness of packet traffic passing through monitored routers when an attack is taking place in the network. Through this change we detect the start of the attack and study its evolution. We conduct this study for packet-switching networks using static and dynamic routing.
{"title":"Detection & study of DDoS attacks via entropy in data network models","authors":"A. Lawniczak, B. D. Stefano, Hao Wu","doi":"10.1109/CISDA.2009.5356521","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356521","url":null,"abstract":"We detect & study packet traffic anomalies similar to DDoS attacks using information entropy. We perform network-wide monitoring of information entropy of packet traffic at a small number of selected routers. Our method is based on the fact that DDoS attacks change the “natural” order and randomness of packet traffic passing through monitored routers when an attack is taking place in the network. Through this change we detect the start of the attack and study its evolution. We conduct this study for packet-switching networks using static and dynamic routing.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"1 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84895908","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356565
A. Trifilo, S. Burschka, E. Biersack
Network Protocol Reverse Engineering (NPRE) has played an increasing role in honeypot operations. It allows to automatically generate Statemodels and scripts being able to act as realistic counterpart for capturing unknown malware. This work proposes a novel approach in the field of NPRE. By passively listening to network traces, our system automatically derives the protocol state machines of the peers involved allowing the analyst to understand its intrinsic logic. We present a new methodology to extract the relevant fields from arbitrary binary protocols to construct a state model. We prove our methodology by deriving the state machine of documented protocols ARP, DHCP and TCP. We then apply it to Kademlia, the results show the usefulness to support binary reverse engineering processes and detect a new undocumented feature.
{"title":"Traffic to protocol reverse engineering","authors":"A. Trifilo, S. Burschka, E. Biersack","doi":"10.1109/CISDA.2009.5356565","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356565","url":null,"abstract":"Network Protocol Reverse Engineering (NPRE) has played an increasing role in honeypot operations. It allows to automatically generate Statemodels and scripts being able to act as realistic counterpart for capturing unknown malware. This work proposes a novel approach in the field of NPRE. By passively listening to network traces, our system automatically derives the protocol state machines of the peers involved allowing the analyst to understand its intrinsic logic. We present a new methodology to extract the relevant fields from arbitrary binary protocols to construct a state model. We prove our methodology by deriving the state machine of documented protocols ARP, DHCP and TCP. We then apply it to Kademlia, the results show the usefulness to support binary reverse engineering processes and detect a new undocumented feature.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"70 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89135717","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356560
S. Suresh
This paper presents an adaptive neural flight control design for helicopters performing nonlinear maneuver. The control strategy uses a neural controller aiding an existing conventional controller. The neural controller uses a real-time learning dynamic radial basis function network, which uses Lyapunov based on-line update rule integrated with the neuron growth criterion. The real-time learning dynamic radial basis function network does not require a priori training and also find a compact network for implementation. The proposed adaptive law provide necessary global stability and better tracking performance. The simulation studies are carried-out using a nonlinear desktop simulation model. The performances of the proposed adaptive control mechanism clearly show that it is very effective when the helicopter is performing nonlinear maneuver.
{"title":"Adaptive neural flight control system for helicopter","authors":"S. Suresh","doi":"10.1109/CISDA.2009.5356560","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356560","url":null,"abstract":"This paper presents an adaptive neural flight control design for helicopters performing nonlinear maneuver. The control strategy uses a neural controller aiding an existing conventional controller. The neural controller uses a real-time learning dynamic radial basis function network, which uses Lyapunov based on-line update rule integrated with the neuron growth criterion. The real-time learning dynamic radial basis function network does not require a priori training and also find a compact network for implementation. The proposed adaptive law provide necessary global stability and better tracking performance. The simulation studies are carried-out using a nonlinear desktop simulation model. The performances of the proposed adaptive control mechanism clearly show that it is very effective when the helicopter is performing nonlinear maneuver.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"125 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77587579","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356547
J. Rhinelander, P. X. Liu
The use of support vector (SV) methods has been successful in many areas involving pattern recognition. Video surveillance requires pattern recognition algorithms that are efficient in their operation, and requires the use of online processing for the detection and identification of events, objects, and behaviours. To successfully use SV methods in video surveillance, on-line training methods must be employed; NORMA [1] is one such training method. A video surveillance system represents a dynamic system with non-stationary characteristics. It is the purpose of our work to enhance NORMA to better adapt to sudden changes (switches) in the surveillance environment. We show that the decision hypothesis that NORMA generates is more accurate when a switch in the data is explicitly detected and managed. Our preliminary testing involves simulated data, real world benchmark data, and real video data captured from a digital camera.
{"title":"Tracking a moving hypothesis for visual data with explicit switch detection","authors":"J. Rhinelander, P. X. Liu","doi":"10.1109/CISDA.2009.5356547","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356547","url":null,"abstract":"The use of support vector (SV) methods has been successful in many areas involving pattern recognition. Video surveillance requires pattern recognition algorithms that are efficient in their operation, and requires the use of online processing for the detection and identification of events, objects, and behaviours. To successfully use SV methods in video surveillance, on-line training methods must be employed; NORMA [1] is one such training method. A video surveillance system represents a dynamic system with non-stationary characteristics. It is the purpose of our work to enhance NORMA to better adapt to sudden changes (switches) in the surveillance environment. We show that the decision hypothesis that NORMA generates is more accurate when a switch in the data is explicitly detected and managed. Our preliminary testing involves simulated data, real world benchmark data, and real video data captured from a digital camera.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"38 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83579047","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356555
R. Mullen, D. Monekosso, S. Barman, Paolo Remagnino
We investigate the use of artificial local forces governed by physics laws for the spatial formation and coordination of a swarm of VTOL UAVs for ground area surveillance applications. Varying parameter effects are investigated through simulation and a learning algorithm is introduced to optimise the swarms behaviour with respect to self-organising into the optimum formation for a given sized ROI to cover collectively.
{"title":"Autonomous control laws for mobile robotic surveillance swarms","authors":"R. Mullen, D. Monekosso, S. Barman, Paolo Remagnino","doi":"10.1109/CISDA.2009.5356555","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356555","url":null,"abstract":"We investigate the use of artificial local forces governed by physics laws for the spatial formation and coordination of a swarm of VTOL UAVs for ground area surveillance applications. Varying parameter effects are investigated through simulation and a learning algorithm is introduced to optimise the swarms behaviour with respect to self-organising into the optimum formation for a given sized ROI to cover collectively.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"23 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88092422","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356530
J. Diesner, Kathleen M. Carley
Anaphora resolution (AR) identifies the entities that pronouns refer to. Coreference resolution (CR) associates the various instances of an entity with each other. Given our data, our findings suggest that deduplicating and normalizing text data by using AR and CR impacts the literal mention, frequency, identity, and existence of about 75% of the entities in texts. Results are more moderate on the relation level: 13% of the links are modified and 8% are removed. Performing social network analysis on the relations extracted from texts leads to findings contrary to the results from corpus statistics: AR and CR cause different directions in the change of network analytical measures, AR alters these measures more strongly than CR does, and each technique identifies a different set of most crucial nodes. Bringing the results from corpus statistics and social network analysis together suggests that CR is more effective in normalizing entities, while AR is a more powerful technique for splitting up generic nodes into named entities with adjusted weights. Data changes due to AR and CR are qualitatively and quantitatively meaningful: the statistical properties of entities and relations change along with their identities. Consequently, the relational data represent the underlying social structure more truthfully. Our results can support analysts in eliminating some misinterpretations of graphs distilled from texts and in selected those nodes from social networks on which reference resolution should be performed.
{"title":"He says, she says. Pat says, Tricia says. How much reference resolution matters for entity extraction, relation extraction, and social network analysis","authors":"J. Diesner, Kathleen M. Carley","doi":"10.1109/CISDA.2009.5356530","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356530","url":null,"abstract":"Anaphora resolution (AR) identifies the entities that pronouns refer to. Coreference resolution (CR) associates the various instances of an entity with each other. Given our data, our findings suggest that deduplicating and normalizing text data by using AR and CR impacts the literal mention, frequency, identity, and existence of about 75% of the entities in texts. Results are more moderate on the relation level: 13% of the links are modified and 8% are removed. Performing social network analysis on the relations extracted from texts leads to findings contrary to the results from corpus statistics: AR and CR cause different directions in the change of network analytical measures, AR alters these measures more strongly than CR does, and each technique identifies a different set of most crucial nodes. Bringing the results from corpus statistics and social network analysis together suggests that CR is more effective in normalizing entities, while AR is a more powerful technique for splitting up generic nodes into named entities with adjusted weights. Data changes due to AR and CR are qualitatively and quantitatively meaningful: the statistical properties of entities and relations change along with their identities. Consequently, the relational data represent the underlying social structure more truthfully. Our results can support analysts in eliminating some misinterpretations of graphs distilled from texts and in selected those nodes from social networks on which reference resolution should be performed.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"88 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90095128","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356564
D. Calitoiu
In this paper we address the general question of what is the best strategy to search efficiently for randomly located objects (target sites). We propose a new agent based algorithm for searching in an unpredictable environment. The originality of our work consists in applying a non-cooperative strategy, namely the distributed Goore Game model, as opposed to applying the classical collaborative and competitive strategies, or individual strategies. This paper covers only the non-destructive search that occurs when the agent visits the same target many times. The nondestructive search can be performed in either of the two cases: if the target becomes temporarily inactive or if it leaves the area. The proposed algorithm has two versions: one when the agent can move with a step equal to unity and the other when the step of the agent follows a Levy flight distribution. The latter version is inspired by the work of A.M. Reynolds, motivated by biological examples.
{"title":"New search algorithm for randomly located objects: A non-cooperative agent based approach","authors":"D. Calitoiu","doi":"10.1109/CISDA.2009.5356564","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356564","url":null,"abstract":"In this paper we address the general question of what is the best strategy to search efficiently for randomly located objects (target sites). We propose a new agent based algorithm for searching in an unpredictable environment. The originality of our work consists in applying a non-cooperative strategy, namely the distributed Goore Game model, as opposed to applying the classical collaborative and competitive strategies, or individual strategies. This paper covers only the non-destructive search that occurs when the agent visits the same target many times. The nondestructive search can be performed in either of the two cases: if the target becomes temporarily inactive or if it leaves the area. The proposed algorithm has two versions: one when the agent can move with a step equal to unity and the other when the step of the agent follows a Levy flight distribution. The latter version is inspired by the work of A.M. Reynolds, motivated by biological examples.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"389 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76449655","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356535
P. Sujit, J. Sousa, F. Pereira
In a search and prosecute mission, multiple heterogeneous unmanned aerial vehicles UAVs that carry different resources need to perform the classify, prosecute and battle damage assessment (BDA) tasks on targets sequentially. Depending on the target resource requirement, it may be necessary to deploy a coalition of UAVs to perform the action. In this paper, we propose coalition formation algorithms that have low computational overhead to determine coalitions for the prosecute and the BDA tasks. We also develop a simultaneous strike mechanism based on Dubins curves for the UAVs to prosecute the target simultaneously. Monte-Carlo simulation results are presented to show how the algorithms work and the effect of increasing the number of BDA tasks on the mission performance.
{"title":"Multiple UAV teams for multiple tasks","authors":"P. Sujit, J. Sousa, F. Pereira","doi":"10.1109/CISDA.2009.5356535","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356535","url":null,"abstract":"In a search and prosecute mission, multiple heterogeneous unmanned aerial vehicles UAVs that carry different resources need to perform the classify, prosecute and battle damage assessment (BDA) tasks on targets sequentially. Depending on the target resource requirement, it may be necessary to deploy a coalition of UAVs to perform the action. In this paper, we propose coalition formation algorithms that have low computational overhead to determine coalitions for the prosecute and the BDA tasks. We also develop a simultaneous strike mechanism based on Dubins curves for the UAVs to prosecute the target simultaneously. Monte-Carlo simulation results are presented to show how the algorithms work and the effect of increasing the number of BDA tasks on the mission performance.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"6 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83539669","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: