Run-time malware detection strategies are efficient and robust, which get more and more attention. In this paper, we use I/O Request Package (IRP) sequences for malware detection. N-gram will be used to analyze IRP se...
详细信息
ISBN:
(纸本)9781509034840
Run-time malware detection strategies are efficient and robust, which get more and more attention. In this paper, we use I/O Request Package (IRP) sequences for malware detection. N-gram will be used to analyze IRP sequences for feature extraction. Integrated Negative selectionalgorithm (NSA) and positive selection algorithm (PSA), through a selection of n-gram sequences which only exist in malware IRP sequences, we have more than 96% true positive rate and 0% false positive rate.
Run-time malware detection strategies are efficient and robust, which get more and more attention. In this paper, we use I/O Request Package(IRP) sequences for malware detection. N-gram will be used to analyze IRP s...
详细信息
Run-time malware detection strategies are efficient and robust, which get more and more attention. In this paper, we use I/O Request Package(IRP) sequences for malware detection. N-gram will be used to analyze IRP sequences for feature extraction. Integrated Negative selectionalgorithm(NSA) and positive selection algorithm(PSA), through a selection of ngram sequences which only exist in malware IRP sequences, we have more than 96% true positive rate and 0% false positive rate.
Efficient fault diagnosis, early anomaly detection, and prevention of equipment failures are crucial for reducing production costs and minimizing unplanned downtime. This paper focuses on developing a self-X system us...
详细信息
Efficient fault diagnosis, early anomaly detection, and prevention of equipment failures are crucial for reducing production costs and minimizing unplanned downtime. This paper focuses on developing a self-X system using artificial immune system algorithms to address the challenges of condition monitoring, quality control, and predictive maintenance in Industry 4.0. The proposed methodology incorporates self-monitoring, self-healing, and self-repairing capabilities into intelligent measuring systems equipped with a tunnel magnetoresistive (TMR) sensor-based angular decoder. In particular, the extension of the self-X hierarchy to the adaptive electronics level, with a focus on healing/adjustments before ADC's irreversible quantization loss is a key objective. The implemented self-X approach enables dynamic offset and gain compensation, improving angle accuracy. The experimental setup involves a reconfigurable analog front end with self-X properties (AFEX), a data acquisition unit, feature extraction, self-monitoring, and self-healing mechanisms. The results demonstrate the successful implementation of gain compensation using a fabricated current-feedback instrumentation amplifier. The experiments show the impact of signal amplitude drop on angle error calculation, with the maximum absolute error observed at 11 mm TMR sensor position. The self-X loop, including electronics, reduced the angle error to approximately 50 % by increasing the gain from 4 to 32. The results obtained from first experiment indicate a maximum absolute error of -6.552 degrees in angle computation, which is not yet competitive to SoA systems and needs further consideration and system fine-tuning to achieve a competitive and self-X sensor system.
The aviation industries are transitioning from conventional aircraft systems to Aviation Cyber-Physical Systems (ACPS) based aircraft. However, like any Cyber-Physical Systems (CPS), the ACPS are vulnerable to cyber-a...
详细信息
ISBN:
(纸本)9781665414906
The aviation industries are transitioning from conventional aircraft systems to Aviation Cyber-Physical Systems (ACPS) based aircraft. However, like any Cyber-Physical Systems (CPS), the ACPS are vulnerable to cyber-attacks that can be mounted by adversaries through the communication network infrastructure. This paper proposes a novel and resilient security protocol for detecting and defending ACPS against sensor spoofing cyber-attacks. First, a communication environment was developed to establish an aircraft Networked Control System (NCS) using the SimEvents toolbox. Then, a cyber-attack detection algorithm based on the positiveselection of the Artificial Immune System (AIS) approach was developed and used to detect and drop suspicious communication packets on the aircraft network traffic. Finally, the NCS and the detection algorithm were integrated and tested on real cyber-security attack scenarios. The algorithm's accuracy was 0.96 based on the True positive and True Negative algorithm detection rate. For further defending the aircraft against cyber-attacks, Nonlinear Autoregressive Exogenous (NARX) algorithm was developed to reconstruct or estimate the network dropped packets. The estimation accuracy of the NARX reached 0.99 using the coefficient of determination (R-value) based on the linear regression approach. The real-time simulation test results showed that the sensor spoofing cyber-attack was successfully detected. Also, the communication network of the ACPS was defended against the attack because the ACPS was maintaining the normal performance during the course of the cyber-attack.
A new information technology for botnets detection based on the analysis of the botnets' behaviour in the corporate area network is proposed. Botnets detection is performing combining two ways: using network-level...
详细信息
ISBN:
(纸本)9783319597676
A new information technology for botnets detection based on the analysis of the botnets' behaviour in the corporate area network is proposed. Botnets detection is performing combining two ways: using network-level and host-level analysis. One approach makes it possible to analyze the behaviour of the software in the host, which may indicate the possible presence of bot directly in the host and identify malicious software, and another one involves monitoring and analyzing the DNS-traffic, which allows making conclusion about network hosts' infections with bot of the botnet. Based on this information technology an effective botnets detection tool BotGRABBER was constructed. It is able to detect bots, that use such evasion techniques as cycling of IP mapping, "domain flux", "fast flux", DNS-tunneling. Usage of the developed system makes it possible to detect infected hosts by bots of the botnets with high efficiency.
Artificial immune detectors are the basic recognition components of immune systems. Traditionally, the candidate non-self detectors are compared with the whole self training set to eliminate self reactive ones in nega...
详细信息
Artificial immune detectors are the basic recognition components of immune systems. Traditionally, the candidate non-self detectors are compared with the whole self training set to eliminate self reactive ones in negative selectionalgorithms (NSAs). However, the training process has low efficiency due to the exhausting comparisons. Furthermore, it can be more efficient if we straightforwardly generate self-detectors based on the available self samples to avoid the overwhelmed comparisons. In the paper, a new detector training algorithm is proposed. Firstly, the self training set is enlarged by the label propagation algorithm (LPA) using both labeled and unlabeled samples;and then the newly labeled samples is evaluated based on noisy learning theory to remove the unqualified ones. Finally self-detectors are directly generated at the locations of self samples. The theoretical analysis demonstrated that the time complexity of our algorithm is much reduced, especially that the exponential relationship between self size and time complexity in traditional NSAs is eliminated. The experimental results showed that: not only the time cost of detector training, but also the detection accuracy is improved. (c) 2021 Elsevier B.V. All rights reserved.
暂无评论