Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356537
K. Slot, J. Cichosz, L. Bronakowski
The following paper examines a possibility of applying phone-pronunciation variability descriptors in emotion classification. The proposed group of descriptors comprises a set of statistical parameters of Poincare maps, which are derived for evolution of formant-frequencies and energy of voiced-speech segments. Poincare maps are represented by means of four different parameters that summarize various aspects of plot's scatter. It has been shown that incorporation of the proposed features into a set of commonly-used emotional-speech descriptors, results in a substantial, ten-percent increase in emotion classification performance - recognition rates are at the order of 80% for six-category, speaker independent experiments.
{"title":"Application of voiced-speech variability descriptors to emotion recognition","authors":"K. Slot, J. Cichosz, L. Bronakowski","doi":"10.1109/CISDA.2009.5356537","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356537","url":null,"abstract":"The following paper examines a possibility of applying phone-pronunciation variability descriptors in emotion classification. The proposed group of descriptors comprises a set of statistical parameters of Poincare maps, which are derived for evolution of formant-frequencies and energy of voiced-speech segments. Poincare maps are represented by means of four different parameters that summarize various aspects of plot's scatter. It has been shown that incorporation of the proposed features into a set of commonly-used emotional-speech descriptors, results in a substantial, ten-percent increase in emotion classification performance - recognition rates are at the order of 80% for six-category, speaker independent experiments.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"13 1","pages":"1-5"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81187552","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356534
Riyad Alshammari, A. N. Zincir-Heywood
The objective of this work is to assess the robustness of machine learning based traffic classification for classifying encrypted traffic where SSH and Skype are taken as good representatives of encrypted traffic. Here what we mean by robustness is that the classifiers are trained on data from one network but tested on data from an entirely different network. To this end, five learning algorithms — AdaBoost, Support Vector Machine, Naïe Bayesian, RIPPER and C4.5 — are evaluated using flow based features, where IP addresses, source/destination ports and payload information are not employed. Results indicate the C4.5 based approach performs much better than other algorithms on the identification of both SSH and Skype traffic on totally different networks.
{"title":"Machine learning based encrypted traffic classification: Identifying SSH and Skype","authors":"Riyad Alshammari, A. N. Zincir-Heywood","doi":"10.1109/CISDA.2009.5356534","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356534","url":null,"abstract":"The objective of this work is to assess the robustness of machine learning based traffic classification for classifying encrypted traffic where SSH and Skype are taken as good representatives of encrypted traffic. Here what we mean by robustness is that the classifiers are trained on data from one network but tested on data from an entirely different network. To this end, five learning algorithms — AdaBoost, Support Vector Machine, Naïe Bayesian, RIPPER and C4.5 — are evaluated using flow based features, where IP addresses, source/destination ports and payload information are not employed. Results indicate the C4.5 based approach performs much better than other algorithms on the identification of both SSH and Skype traffic on totally different networks.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"93 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89237389","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356521
A. Lawniczak, B. D. Stefano, Hao Wu
We detect & study packet traffic anomalies similar to DDoS attacks using information entropy. We perform network-wide monitoring of information entropy of packet traffic at a small number of selected routers. Our method is based on the fact that DDoS attacks change the “natural” order and randomness of packet traffic passing through monitored routers when an attack is taking place in the network. Through this change we detect the start of the attack and study its evolution. We conduct this study for packet-switching networks using static and dynamic routing.
{"title":"Detection & study of DDoS attacks via entropy in data network models","authors":"A. Lawniczak, B. D. Stefano, Hao Wu","doi":"10.1109/CISDA.2009.5356521","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356521","url":null,"abstract":"We detect & study packet traffic anomalies similar to DDoS attacks using information entropy. We perform network-wide monitoring of information entropy of packet traffic at a small number of selected routers. Our method is based on the fact that DDoS attacks change the “natural” order and randomness of packet traffic passing through monitored routers when an attack is taking place in the network. Through this change we detect the start of the attack and study its evolution. We conduct this study for packet-switching networks using static and dynamic routing.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"1 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84895908","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356565
A. Trifilo, S. Burschka, E. Biersack
Network Protocol Reverse Engineering (NPRE) has played an increasing role in honeypot operations. It allows to automatically generate Statemodels and scripts being able to act as realistic counterpart for capturing unknown malware. This work proposes a novel approach in the field of NPRE. By passively listening to network traces, our system automatically derives the protocol state machines of the peers involved allowing the analyst to understand its intrinsic logic. We present a new methodology to extract the relevant fields from arbitrary binary protocols to construct a state model. We prove our methodology by deriving the state machine of documented protocols ARP, DHCP and TCP. We then apply it to Kademlia, the results show the usefulness to support binary reverse engineering processes and detect a new undocumented feature.
{"title":"Traffic to protocol reverse engineering","authors":"A. Trifilo, S. Burschka, E. Biersack","doi":"10.1109/CISDA.2009.5356565","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356565","url":null,"abstract":"Network Protocol Reverse Engineering (NPRE) has played an increasing role in honeypot operations. It allows to automatically generate Statemodels and scripts being able to act as realistic counterpart for capturing unknown malware. This work proposes a novel approach in the field of NPRE. By passively listening to network traces, our system automatically derives the protocol state machines of the peers involved allowing the analyst to understand its intrinsic logic. We present a new methodology to extract the relevant fields from arbitrary binary protocols to construct a state model. We prove our methodology by deriving the state machine of documented protocols ARP, DHCP and TCP. We then apply it to Kademlia, the results show the usefulness to support binary reverse engineering processes and detect a new undocumented feature.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"70 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89135717","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356560
S. Suresh
This paper presents an adaptive neural flight control design for helicopters performing nonlinear maneuver. The control strategy uses a neural controller aiding an existing conventional controller. The neural controller uses a real-time learning dynamic radial basis function network, which uses Lyapunov based on-line update rule integrated with the neuron growth criterion. The real-time learning dynamic radial basis function network does not require a priori training and also find a compact network for implementation. The proposed adaptive law provide necessary global stability and better tracking performance. The simulation studies are carried-out using a nonlinear desktop simulation model. The performances of the proposed adaptive control mechanism clearly show that it is very effective when the helicopter is performing nonlinear maneuver.
{"title":"Adaptive neural flight control system for helicopter","authors":"S. Suresh","doi":"10.1109/CISDA.2009.5356560","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356560","url":null,"abstract":"This paper presents an adaptive neural flight control design for helicopters performing nonlinear maneuver. The control strategy uses a neural controller aiding an existing conventional controller. The neural controller uses a real-time learning dynamic radial basis function network, which uses Lyapunov based on-line update rule integrated with the neuron growth criterion. The real-time learning dynamic radial basis function network does not require a priori training and also find a compact network for implementation. The proposed adaptive law provide necessary global stability and better tracking performance. The simulation studies are carried-out using a nonlinear desktop simulation model. The performances of the proposed adaptive control mechanism clearly show that it is very effective when the helicopter is performing nonlinear maneuver.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"125 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77587579","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356530
J. Diesner, Kathleen M. Carley
Anaphora resolution (AR) identifies the entities that pronouns refer to. Coreference resolution (CR) associates the various instances of an entity with each other. Given our data, our findings suggest that deduplicating and normalizing text data by using AR and CR impacts the literal mention, frequency, identity, and existence of about 75% of the entities in texts. Results are more moderate on the relation level: 13% of the links are modified and 8% are removed. Performing social network analysis on the relations extracted from texts leads to findings contrary to the results from corpus statistics: AR and CR cause different directions in the change of network analytical measures, AR alters these measures more strongly than CR does, and each technique identifies a different set of most crucial nodes. Bringing the results from corpus statistics and social network analysis together suggests that CR is more effective in normalizing entities, while AR is a more powerful technique for splitting up generic nodes into named entities with adjusted weights. Data changes due to AR and CR are qualitatively and quantitatively meaningful: the statistical properties of entities and relations change along with their identities. Consequently, the relational data represent the underlying social structure more truthfully. Our results can support analysts in eliminating some misinterpretations of graphs distilled from texts and in selected those nodes from social networks on which reference resolution should be performed.
{"title":"He says, she says. Pat says, Tricia says. How much reference resolution matters for entity extraction, relation extraction, and social network analysis","authors":"J. Diesner, Kathleen M. Carley","doi":"10.1109/CISDA.2009.5356530","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356530","url":null,"abstract":"Anaphora resolution (AR) identifies the entities that pronouns refer to. Coreference resolution (CR) associates the various instances of an entity with each other. Given our data, our findings suggest that deduplicating and normalizing text data by using AR and CR impacts the literal mention, frequency, identity, and existence of about 75% of the entities in texts. Results are more moderate on the relation level: 13% of the links are modified and 8% are removed. Performing social network analysis on the relations extracted from texts leads to findings contrary to the results from corpus statistics: AR and CR cause different directions in the change of network analytical measures, AR alters these measures more strongly than CR does, and each technique identifies a different set of most crucial nodes. Bringing the results from corpus statistics and social network analysis together suggests that CR is more effective in normalizing entities, while AR is a more powerful technique for splitting up generic nodes into named entities with adjusted weights. Data changes due to AR and CR are qualitatively and quantitatively meaningful: the statistical properties of entities and relations change along with their identities. Consequently, the relational data represent the underlying social structure more truthfully. Our results can support analysts in eliminating some misinterpretations of graphs distilled from texts and in selected those nodes from social networks on which reference resolution should be performed.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"88 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90095128","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356547
J. Rhinelander, P. X. Liu
The use of support vector (SV) methods has been successful in many areas involving pattern recognition. Video surveillance requires pattern recognition algorithms that are efficient in their operation, and requires the use of online processing for the detection and identification of events, objects, and behaviours. To successfully use SV methods in video surveillance, on-line training methods must be employed; NORMA [1] is one such training method. A video surveillance system represents a dynamic system with non-stationary characteristics. It is the purpose of our work to enhance NORMA to better adapt to sudden changes (switches) in the surveillance environment. We show that the decision hypothesis that NORMA generates is more accurate when a switch in the data is explicitly detected and managed. Our preliminary testing involves simulated data, real world benchmark data, and real video data captured from a digital camera.
{"title":"Tracking a moving hypothesis for visual data with explicit switch detection","authors":"J. Rhinelander, P. X. Liu","doi":"10.1109/CISDA.2009.5356547","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356547","url":null,"abstract":"The use of support vector (SV) methods has been successful in many areas involving pattern recognition. Video surveillance requires pattern recognition algorithms that are efficient in their operation, and requires the use of online processing for the detection and identification of events, objects, and behaviours. To successfully use SV methods in video surveillance, on-line training methods must be employed; NORMA [1] is one such training method. A video surveillance system represents a dynamic system with non-stationary characteristics. It is the purpose of our work to enhance NORMA to better adapt to sudden changes (switches) in the surveillance environment. We show that the decision hypothesis that NORMA generates is more accurate when a switch in the data is explicitly detected and managed. Our preliminary testing involves simulated data, real world benchmark data, and real video data captured from a digital camera.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"38 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83579047","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356555
R. Mullen, D. Monekosso, S. Barman, Paolo Remagnino
We investigate the use of artificial local forces governed by physics laws for the spatial formation and coordination of a swarm of VTOL UAVs for ground area surveillance applications. Varying parameter effects are investigated through simulation and a learning algorithm is introduced to optimise the swarms behaviour with respect to self-organising into the optimum formation for a given sized ROI to cover collectively.
{"title":"Autonomous control laws for mobile robotic surveillance swarms","authors":"R. Mullen, D. Monekosso, S. Barman, Paolo Remagnino","doi":"10.1109/CISDA.2009.5356555","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356555","url":null,"abstract":"We investigate the use of artificial local forces governed by physics laws for the spatial formation and coordination of a swarm of VTOL UAVs for ground area surveillance applications. Varying parameter effects are investigated through simulation and a learning algorithm is introduced to optimise the swarms behaviour with respect to self-organising into the optimum formation for a given sized ROI to cover collectively.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"23 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88092422","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356562
Bohdan L. Kaluzny, R. H. A. D. Shaw, A. Ghanmi, Beomjoon Kim
This paper presents an aircraft load allocation optimisation model, which uses a hybrid of simulated annealing and genetic algorithm methods to solve a multi-objective optimisation problem associated with allocating a set of cargo items across a heterogeneous fleet of available airlift assets. It represents candidate solutions using macrochromosomes comprised of an ordered list of available transport assets followed by an ordered list of cargo items. A bin packing heuristic is used to map each individual to a point in asset-utilization space where a novel convex hull based fitness function is used to evaluate the relative quality of each individual and drive an elitist application of genetic operators on the population-including a novel extinction operation that infrequently culls solutions comprising of aircraft chalks that cannot be load balanced. Proof of concept computational results are presented.
{"title":"An optimisation model for airlift load planning: Galahad and the quest for the ‘holy grail’","authors":"Bohdan L. Kaluzny, R. H. A. D. Shaw, A. Ghanmi, Beomjoon Kim","doi":"10.1109/CISDA.2009.5356562","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356562","url":null,"abstract":"This paper presents an aircraft load allocation optimisation model, which uses a hybrid of simulated annealing and genetic algorithm methods to solve a multi-objective optimisation problem associated with allocating a set of cargo items across a heterogeneous fleet of available airlift assets. It represents candidate solutions using macrochromosomes comprised of an ordered list of available transport assets followed by an ordered list of cargo items. A bin packing heuristic is used to map each individual to a point in asset-utilization space where a novel convex hull based fitness function is used to evaluate the relative quality of each individual and drive an elitist application of genetic operators on the population-including a novel extinction operation that infrequently culls solutions comprising of aircraft chalks that cannot be load balanced. Proof of concept computational results are presented.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"46 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79117895","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-07-08DOI: 10.1109/CISDA.2009.5356561
T. Flanagan, C. Thornton, J. Denzinger
We present a general scheme for testing multiagent systems, respectively policies used by them, for unwanted emergent behavior using learning of cooperative behavior via particle swarm systems. By using particle swarm systems in this setting, we are able to create agents interacting/attacking the tested agents that can use parameterised high-level actions. We also can evaluate the quality of an attack using several measures that can be prioritised and used in a multi-objective manner in the search. This solves some general problems of other testing approaches using learning. We instantiate this general scheme to test harbour patrol and interception policies for two Canadian harbours, showing that our approach is able to find problems in these policies.
{"title":"Testing harbour patrol and interception policies using particle-swarm-based learning of cooperative behavior","authors":"T. Flanagan, C. Thornton, J. Denzinger","doi":"10.1109/CISDA.2009.5356561","DOIUrl":"https://doi.org/10.1109/CISDA.2009.5356561","url":null,"abstract":"We present a general scheme for testing multiagent systems, respectively policies used by them, for unwanted emergent behavior using learning of cooperative behavior via particle swarm systems. By using particle swarm systems in this setting, we are able to create agents interacting/attacking the tested agents that can use parameterised high-level actions. We also can evaluate the quality of an attack using several measures that can be prioritised and used in a multi-objective manner in the search. This solves some general problems of other testing approaches using learning. We instantiate this general scheme to test harbour patrol and interception policies for two Canadian harbours, showing that our approach is able to find problems in these policies.","PeriodicalId":6407,"journal":{"name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","volume":"74 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88955616","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: