Real-time Network Attack Intention Recognition Algorithm
|
|
- Emma Willis
- 6 years ago
- Views:
Transcription
1 Internatonal Journal of Securty and Its Applcatons, pp Real-tme Network Attack Intenton Recognton Algorthm Qu Hu and Wang Kun Zhengzhou Insttute of Informaton Scence and Technology, Zhengzhou, Chna Abstract Attack ntenton recognton s to reason and udge the goal of attackers accordng to attack behavor and network envronment. In order to deal wth the dynamcal character of offense-defense confrontaton, a dynamcal real-tme network attack ntenton recognton algorthm was proposed. By correlatng real-tme securty alerts and vulnerabltes, we recognzed the spread route and stage of attacks based on graph theory and probablty theory. Then we dentfed the attack ntenton and predcted the possble transton of attacks, combned wth network connectvty relatonshp. A smulaton experments for the proposed network attack ntenton recognton algorthm s performed by network examples. The expermental results show that the proposed method can be more accurately dentfy attack ntenton and fully predct the post stage of attacks. Keywords: attack ntenton; pattern recognton; network securty; mult-stage attack; state transton 1. Introducton Intruson ntenton recognton s to nterpret and udge the purpose, vson and ntenton of attackers through analyzng a large number of low-level alarm nformaton, whch s to gve a reasonable explanaton of a large number of attack data. Identfyng attack ntenton can determne the real purpose of attackers and predct the subsequent attack behavor, whch s the premse and foundaton of threat analyss and the mportant part of network securty stuaton awareness. It has become a hot topc n the feld of network securty. At the earlest, the research of ntenton recognton was carred out n the feld of artfcal ntellgence. Intenton of agent s the chosen plannng route to acheve a goal [1, 2], whch role s to gude the ratonal decson-makng and plan future behavor. Intenton recognton s the process of appercevng and reasonng ntenton of agent. In network securty feld, the research of attack ntenton recognton has ust begun. At present, exstng research s dvded nto two parts. A method bulds attack scenaro through correlatng the alarms of ntruson detecton systems, the other one enumerates all possble attack behavor by constructng attack graphs. The paper [3] correlated the alarms through modelng attack behavor. For a sngle attack behavor, the method refned the precondtons and consequences of the attack. Then the method correlated two attack behavors accordng matchng condton between prerequste of subsequent behavor and consequences of prevous acts. Thus, the method s no need to establsh attack pattern base, and t can dscover some unknown attack scenaro wth flexblty. The paper [4] automatcally generated attack strategy descrbed by attack strategy graph through alarm correlaton. The method correlated the ultra-alarm generalzed by the alarms wth same essence. The flexblty and assocate effcency of method was ncreased, and the method smplfed the analyss of attack strategy by measurng the smlarty between attack strateges to dscover the essence of the attack strateges. The paper [5] proposed a complex attack predcton method based on fuzzy hdden Markov model, dentfed attack scenaros membershp of alarms by usng stage transton matrx and fuzzy dfference ISSN: IJSIA Copyrght c 2016 SERSC
2 Internatonal Journal of Securty and Its Applcatons method. These alarm correlaton methods can fnd attackers behavor characterstcs and analyze attack strategy, but alarm correlaton s a rebuldng process of attack behavor after attacks. Due to dentfyng ntenton after attacks, these methods can t provde support for advance guard. The methods, analyze and correlate by explotng vulnerabltes, can reasonng and predct ntruson by smulatng attacks whch securty analyss n the form of attack graphs syntheszng the network topology, vulnerablty nformaton, frewall rules and other nformaton. The paper [6] proposed applcaton model to automatcally generate attack graph. The paper [7] reduced the complexty of attack graph to easly understand usng connecton matrx clusterng technques. The paper [8] mplements polcy-based mult-host, mult-step analyss of the vulnerablty. Model representaton of network and smplfyng the attack rules can greatly reduce the tme to generate attack graph. The paper [9] analyzed network securty protecton usng attack graph. However, most of these methods whch are statc analyss can t adaptvely adust the generaton and dsplay of attack graph based on real attacks and response measures. And the study of uncertanty that the probablty of beng exploted of attacks caused by dfferent attack dffculty and hdden degree s not yet suffcent. Therefore, we proposed a dynamc real-tme network attack ntenton recognton method based on attack route graph. By correlatng real-tme network attacks and vulnerabltes, the method determnes spread routes and stages of attack based on graph theory and probablty theory, then dynamcally reasonng possble ntruson ntenton and ts probablty accordng to attack behavor characterstcs and network envronment. 2. Real-Tme Network Attack Intenton Recognton Model Attack ntenton recognton s a process of reasonng and udgng ntruders ntenton. In practce, t s very dffcult to dentfy the ntenton. Due to the complex of ntruders ntenton, t s dffcult to establsh a ntenton base to clear descrpt all ntentons of attackers. And the uncertanty of complex attacks, whch acheve an attack ntenton wth dfferent attacks combnaton and ntruson paths and exst randomness n attack process, ncrease dffcultes to ntenton recognton. Computer network s an open complex system. Achevement of ntruson ntenton not only depends on attackers themselves, but also relates specfc network envronment and protecton measures. Therefore, the ntruson ntenton acheved by attackers s lmted and predctable gven a known network envronment and protectve measures. We proposed a dynamc attack ntenton recognton model based on network attack-defense confrontaton (as shown Fgure. 1). Attack stage predcton Next Stage Predcton Attack stage recognton Attack scenaro clusterng Attack Current Stage Real-tme Attack Scenaro Database Database Attack Pattern Model Informaton fuson Attack Vulnerablty Topology nformaton statc Network connectvely Log1 Log2 Logn dynamc Fgure 1. The Framework of Real-Tme Network Attack Intenton Recognton 52 Copyrght c 2016 SERSC
3 Internatonal Journal of Securty and Its Applcatons Accordng to the recognton model, we desgn the model of network securty s as follows: 2.1 Alarm Informaton Alarm nformaton Log ncludes the alarm logs from ntruson detecton systems, frewalls, system logs and other sensors whch use a sx-tuple ( d, tm e, typ e, co n ten t, d, d ) to represent. Where d s a unque dentfer of alarm s d nformaton, tme s the generaton tme of alarm, type s the type of alarm, content s content of the alarm, d s the node generatng the alarm, d s the detecton node of the s d alarm. 2.2 Securty Event Securty event alert s the advanced alarms after nformaton fuson, whch uses a seven-tuple (d, tme, Sp, Dp, Sport, Dport, AttackType) to represent. Where d s a unque dentfer of the event, tme s the occurrence tme of the event, Sp s the attacker's source address, Dp s the attack target address, Sport s the attacker's source port, Dport s the attack destnaton port, AttackType s the attack type used by the attack. 2.3 Network Connectvty Network connectvty represents communcaton relatonshp between hosts. To protect the mportant assets of network, managers wll set up frewall access polcy to prevent the external hosts access the nternal network or only allow communcaton through specfc ports. We use a trple to descrbe the network Connectvty ( h o s t, h o s t, p r o to c o l p o r t ), where h o s t, h o s t represent connected host, protocol/port represents the communcaton protocol and port of hosts. 2.4 Vulnerablty Explotng Relatonshp Vulnerablty explotng relatonshp represents dependency attacks wth vulnerabltes, whch s successful nvason probablty of an attack explotng the specfc vulnerablty. We use a trple to descrbe the vulnerablty explotng relatonshp (a tta c k, v u ls, p ( e )), where atta ck represents types of attacks, v u ls represents types of vulnerabltes, p ( e) represents the successful nvason probablty when a tta c k explots v u ls. Calculatng the dependency attacks wth vulnerabltes s an mportant research drecton n the feld of nformaton securty, whch requres analyss of a large number of attack data, and combned wth pror knowledge of network securty experts. We calculate p ( e ) by referencng CVSS [10] (Common Vulnerablty Scorng System). VS (Vulnerablty Scores) can be got based on CVSS, whch ranges from 0 to 10. When VS = 0, t ndcates that the attack could not explot the vulnerablty; when VS = 10, t ndcates nvason wll be successful. In ths paper, a smple converson defnes as p ( e ) V S Attack Intenton Stage Transton Model We use ( s, s ) to descrbe attack ntent stage transton,, s s S the stage sets of attacks, s, s represent prevous and post stage, s p r e ( s ), where S represents, s p o s t ( s ). To complete a network attack, attackers need carry out multple attacks whch become attack pattern accordng wth causalty. Copyrght c 2016 SERSC 53
4 Internatonal Journal of Securty and Its Applcatons We use a trple s ( A ( s ), E ( s ), s ) to descrbe each attack stage. Where represents the types of attacks needed to complete the stage; A s a a a ( ), 1 2 n E s e e e ( ), 1 2 m represents the dependency between attacks, whch unquely determned by the ordered par of attacks (, ) a a e n. If successful nvason of an attack ntenton need all of the two attacks must be successful, the dependency of two attacks s parallel relatonshp, e=1; f successful nvason of an attack ntenton ust need any one of two attacks, the dependence of two attacks s select relatonshp, e=0; s represents the stage of attack ntenton. The attack pattern base can be generated from known network attack mode based on the model. Fgure. 2 s an nstance of a state transton dagram of an attacks ntenton. fpng strobe pnger Address probe netcat Port scan logn logn nmap png nmap sacn Fgure 2. Attack Intenton Stage Transton Dagram 3. Real-Tme Attack Intenton Identfcaton and Predcton 3.1 Informaton Fuson Currently a large number of securty sensors are deployed n the network, alarm nformaton from ntruson detecton systems, frewalls, vrus detecton systems and other sensng devces reflect the dfferent levels of securty status. However, the data format s chaotc, and there s a lot of redundancy and false postves, whch cannot be appled drectly to the network securty analyss. Currently, there are some algorthms [11-13] to fuse alarm nformaton. Use the proposed algorthm n [11] for data to fuse alarm nformaton and get more accurate attack probablty p(a), so that the alarm nformaton from dfferent sensors complementary and mutually confrmed, more accurate nformaton about attack can be obtaned. Attack success depends on attack technques and ts envronment confguraton and vulnerablty nformaton of the nvason network, ust when the envronment confguraton and vulnerablty nformaton of ntruson network can be exploted by ths attack, t can be successful nvason. So successful nvason probablty p(ac) wll be calculatng based on the explot relatonshp of vulnerabltes (a tta c k, v u ls, p ( e )). p ( a ) p ( e ), v lu s V lu s p ( a c ) 0, o th e r w s e Where p(a) s the nvason probablty, v lu s s the vulnerabltes explotng by the attack, p ( e ) s the probablty of successful nvason when the attack explotng the dependng vulnerablty, by the attack. v lu s 3.2 Attack Scenaro Clusterng V lu s means nvason host exsts vulnerabltes depended Due to network may be attacked by many ntruders n a same perod of tme, t needs cluster the securty event nto dfferent attack scenaros to dentfy ntruson ntenton of each attackers. We dvde each new receved alert nto attack scenaro based on a quanttatve alarm correlaton method. In a same mult-step attack, snce the ntruson ntenton and target s very clear, the property of securty event caused by attack steps exst some correlaton. For example, f (1) 54 Copyrght c 2016 SERSC
5 Internatonal Journal of Securty and Its Applcatons an attacker wants to scan vulnerablty of network, the attacker must frst IPSweep scannng. The source IP addresses of alarm caused by two attacks are same, and ther occurrence tme exsts context-related. Therefore, the attack correlaton degree s defned manly decded by assocaton of property. Defnton. 1. Attack Correlaton Degree. The Attack Correlaton Degree, cor(a,b), represents the possblty of the two attacks, a and b, belongng to the same attack scenaro. In ths paper, we regard several attrbutes of the attack, such as IP address, port, tmestamp, attack style and etc., as the bass to calculate the attack correlaton degree. The Attack Correlaton Degree Functon s defned as follow: n k k k k 1 k 1 n c o r ( a, b ) F e a tu re ( a, b ) (2) th Where F ea tu re ( a, b ) represents the correlaton degree among the attrbute k and k k represents the weght. The two parameters can be selected accordng to Reference [14]. When the system receves a new securty event, we calculate attack correlaton degree between the alert wth every saved attack scenaros. If there are many correlaton degree exceed the pre-set threshold, then put the alert nto the attack scenaro wth largest correlaton degree. If all correlaton degree doesn t exceed the pre-set threshold, consder the securty ncdent as a new attack scenaro. 3.3 Real-Tme Attack Stage Recognton Algorthm Defnton. 2. State Functon. Ths functon, bool(s), s used to dentfy whether the attack stage s occurred. If the attack stage has occurred, bool(s) equals to true; otherwse, bool(s) equals to false. Defnton. 3. Transference Watng Wndow. The ntruson of a network attack always carres n a perod. If the next attack stage doesn t occur after a long tme, the ntruson wll fal due to the attacker s ablty can t explot the network vulnerabltes. Thus a Transfer Watng Wndow s necessary to udge whether the attack s success. Mostly, an attack perod s 2h, so we set the Transference Watng Wndow =2h. The method clustered real-tme alerts nto dfferent attack scenes based on attack correlaton degree, and assocated the alerts wth attack pattern base. We summarze 3 knds of typcal scene (shown as Fgure. 3). S1 S2 S3 S1 S2 S3 S1 S2 S1 (a) Normal transferrng (b) Skpped transferrng (c) Repeated transferrng Fgure 3. State Transferrng Scenes Fgure. 3(a) shows the normal transferrng, whch the prevous state and the post state of an attack ntenton can occur sequentally. In Fgure. 3(b), the state transfers from S1 to S3 wthout dscoverng S2, whch we call t as skpped transferrng. Actually t s the most common scene n a real network due to the hgh false negatve rate exstng n the ntruson detecton equpment caused by the dfference between detecton strateges and characters of ntruson. As shown n Fgure. 3(c), the repeated transferrng represents the scene that some state occurs repeatedly, lke S1. Ths s always because the alert data s delayed whle transmsson or the clocks n dfferent securty sensors are asynchronous. Based on the above analyss, the Real-Tme Attack Stage Recognton Algorthm can be descrbed n the followng. Algorthm. 1. Real-Tme Attack Stage Recognton Algorthm Input: fuson securty events Output: the ntenton of attacker; the current attack phase Copyrght c 2016 SERSC 55
6 Internatonal Journal of Securty and Its Applcatons Begn Step 1: Calculate the attack correlaton degree, cor(a,b), between the real-tme alerts and the current state of the generated attack scene, s. Then cluster the alerts nto dfferent attack scenes accordng to the attack correlaton degree. Step 2: By analyzng the correlaton between alerts n each attack scene and the generated attack pattern base ( A ( s ), E ( s ), s ), search for the attack stage s, and record the current tme t. Step 3: If the prevous state of s s the current state n the attack scene, whch can be descrbed by the equaton s p re ( s ), and then we regard ths type of scene as normal transferrng. Add s nto the attack scene, set the parameter bool(s) =true, update the current state s s and the state occurrng tme t t. Then turn to Step7. Step 4: If the functon bool(s) =true, the scene belongs to repeated transferrng. We dscard ths attack state and turn to Step7. Step 5: If the prevous state of s s not the current state n the attack scene, whch state functon bool(pre(s)) =false. Search the attack pattern base, f s s several steps latter than the current state, then we regard ths type of scene as repeated transferrng. Under ths stuaton, we add s as well as the states between s and s nto the attack scene, set the functon bool(s) =true and update the current state, s s, as well as the state occurrng tme, t t. Then turn to Step7. If s sn t latter than the current state, then turn to Step6. Step 6: If s sn t latter than the current state, ths stuaton dedcates ths attack pattern haven t been occurred. We label ths attack path as a new attack path and add t nto the attack pattern base. Set bool(s) =true, update the current state, s s, as well as the state occurrng tme, t t. Then turn to Step1. Step 7: Assocated the attack scene and the attack pattern base, we can get the attack ntenton set {G1, G2,, Gn}. The attack technology and stage of attack patterns can possbly be the same, so we can recognze several attack ntentons accordng to the generated attack scene (as shown n Fgure. 4.). After updatng the current state, we udge whether s s on the path of a recognzed attack ntenton. If yes, then s p a th and keep ths attack ntenton. Otherwse we have to delete the attack ntenton. Step 8: Check the tme of state transferrng of all attack scenes, f t t, then delete the attack scene and turn to Step1. End G1 S1 S2 S3 path1 path2 pathn G2 Gn Fgure 4. Attack Intenton Reorganzaton Calculatng attack phase achevement probablty p(s) utlzes real-tme detectng attack behavor Alert and dependency relatonshp of attacks ( A ( s ), E ( s ), s ), based on establshng attack pattern base. 56 Copyrght c 2016 SERSC
7 Internatonal Journal of Securty and Its Applcatons p ( a c ) p ( a c ) p ( a c ) p ( a c ), e 0 n p( s) p ( a c ) p ( a c ), e 1 n (3) Where p ( a c ) and p ( a c ) are the attack success probablty of A lter and A lte r, e 0 means t s possble to acheve the ntenton of the attack when all of attack have n succeed, e 1 n means t s possble to acheve the ntenton of the attack when any one of the attacks has succeed. 3.4 Real-Tme Attack Stage Predcton Algorthm Defnton. 4. Mnmum Vulnerabltes Set Needed n Attack Stage. In ths paper we descrbe ths set as M n V u ls M n V u ls v u ls & v u ls & v u ls k l.ths set represents the essental vulnerabltes whch attackers explot to acheve a certan attack phase. The attacker perhaps utlze varous attack method to acheve the am, thus ths set contans more than one element. Defnton. 5. Accessble Host, whch means the set of hosts whch can be used to carry out the post ntruson. Ths set ncludes the host whch exst the current attack state as well as the hosts that connect wth t. Defnton. 6. Explotable Vulnerabltes Set. Ths concept means the vulnerabltes of accessble hosts that can be exploted by the attacker. In ths paper we descrbe ths set as E xp lo tv u ls, whch sn t equal to all vulnerabltes exsted n the accessble hosts because of the lmtaton of protocol and port. The host whch exstng the current attack state, can explot all vulnerabltes n t, whch means E xp lo tv u ls V u ls ; whle other hosts can generate the explotable vulnerabltes set accordng to the connectvely relatonshp ( h o s t, h o s t, p r o to c o l p o r t ). Defnton. 7. Explotable Rato of Vulnerablty. Ths parameter, Av, descrbes the stuaton whether the explotable vulnerabltes can satsfy the requrement of the followng ntruson. If yes, whch means M n V u ls E xp lo tv u ls, every vulnerabltes n ths host can be used by the attacker. Detaled descrpton s shown n the followng: 1, M n V u ls { M n V u ls }, M n V u ls { E x p lo tv u ls } Av 0, o th e r w s e Because the ablty of attacker s unknown, we suppose that the attacker can utlze all knds of attack technologes; n the mean tme we suppose that the attacker choose the next target wth equal probablty. The detaled process of the Real-Tme Attack Stage Predcton Algorthm s descrbed as the followng. Algorthm. 2. Real-Tme Attack Stage Predcton Algorthm Input: the current attack path p a th ; the recognzed attack ntenton set {G1,G2,,Gn} Output: the post attack stage; the post ntruson hosts. Begn Step 1: Watng for the attack path that s updatng. If the attack path turns nto the current attack path s, turn to Step 2. Otherwse repeat ths step. Step 2: Search for the accessble hosts accordng to the attack-exsted host and the connected relatonshp. Step 3: On the bass of the connected relatonshp ( h o s t, h o s t, p r o to c o l p o r t ), generate the explotable vulnerabltes sets of all accessble hosts E xp lo tv u ls. Step 4: In accordance wth the attack pattern base, search for the mnmum vulnerabltes set needed n the ost ntruson M n V u ls. Copyrght c 2016 SERSC 57
8 Internatonal Journal of Securty and Its Applcatons Step 5: Calculate every utlzaton rato of vulnerablty n each accessble host. If A v 1, h o st can become the followng goal n the ntruson; otherwse h o st s naccessble n the followng attack phase. End For each dentfed attack ntenton G of attack path p a th, the nvason hosts h o st of k next attack phase wll be got wth real-tme attack phase predcton algorthm. Under ablty of attackers s unknown, we assume that the attackers have a strong ablty to mplement all the exstng methods to complete ther ntentons. Gven the each group requred mnmum vulnerablty of attack phase M n V u ls v u ls & v u ls & v u ls n avalable vulnerabltes set, we have H p ( n s ) p ( e ) h x h x y z (5) Where H s number of vulnerablty n the mnmum vulnerablty group, p ( e) s x nvason access probablty of vulnerabltes to the correspondng attack. Gven all of the avalable vulnerabltes set, we have (6) p ( n s ) 1 1 p n s h 4. Expermental Analyss In order to verfy the feasblty and effectveness of the model and algorthm, we buld an expermental network, the network topology as shown n Fgure. 5. The network conssts of a frewall, a Web server, a Mall server, a SQL server, two ntruson detecton systems, and an attack host. The frewall polcy parts network nto two subnets. Web server, Mall server and IDS1 dstrbuted n DMZ Zone, SQL server and IDS2 dstrbuted n Trusted Zone. Internet Mall Server IDS DMZ Zone Attacker Frewall Trusted Zone Web Server IDS SQL Server Fgure 5. The Network Topology The frewall has a strong set of polces (shown n table I) to prevent remote access to SQL server. In partcular, all machnes n DMZ Zone passvely receve servce requests and only respond to the sender as needed. In order to accommodate Web servce s transactons, the web server s allowed to send SQL queres to the SQL server. The frewall polcy s network connectvely relatonshp too. Table 1. Lst of Frewall Polcy From host To host Protocol/port Remote Mal server IMAP(143)&SMTP(25) machne Web server HTTP(80) Web server SQL Server SQL(1433) 58 Copyrght c 2016 SERSC
9 Internatonal Journal of Securty and Its Applcatons Through the network vulnerablty scannng, the vulnerabltes of hosts are gven n Table II. Table 2. Lst of Vulnerabltes n Network Host Vulnerablty CVE# SQL Server SQL Inecton (V1) CVE Remote code executon n Mal server SMTP (V2) CVE Error message nformaton CVE leakage (V3) CVE Squd port scan vulnerablty (V4) Web server IIS vulnerablty n WebDAV server (V5) CVE To steal the data from SQL server, attacker must get the root prvlege of SQL server. The attacker frst searched for vald hosts of the network through IPsweep address scannng, and attacker found Web server and Mall server. Then attacker scanned the ports of vald hosts, and dscovered Web server s communcaton port s 80. The attacker obtaned user permssons of Web server explotng CVE , then obtaned the root prvlege of SQL server explotng CVE through SQL protocol. We collected the alarm data of IDS and frewall, as well as the securty audt logs of hosts. Then the attack stage transton dagram (shown n Fgure. 6.) can be got wth the attack ntenton recognton algorthm proposed n Secton 3. Attack predcton path Attack practcal path Attacker Address scan Web server Address scan Mal server Port scan Web server Port scan Mal server V2 Authentcaton bypass Web server V2 User access Web server V1 Root access Web server V5 Root access Mal server Fgure 6. Attack Stage Transton Dagram Then, calculatng the stage occurrence and stage transton stuaton of network attack (shown n Table III) s accordng to the dentfed attack stage transton dagrams, combned wth ntruson detecton alarm data and audt logs. Where host and p(s) n stage occurrence stuaton (host, p(s)) mean the attacked host of stage and attack stage achevement probablty; host, post(s) and p(ns) n stage transton stuaton (host, post(s), p(ns)) mean the attacked host of next stage, next attack stage and attack stage transton probablty. Table 3. Lst of Attack Stage Stuaton Attack stage Stage occurrence stuaton Stage transton stuaton Address scan (Mal, 0.98) (Mal, port scan, 1) (Web, 0.98) (Web, port scan, 1) Port scan (Mal, 0.96) (Mal, root access, 0.98) (Web, 0.95) (Web, user access, 0.96) Copyrght c 2016 SERSC 59
10 Internatonal Journal of Securty and Its Applcatons User access prvlege Root access prvlege (Web, Authentcaton bypass, 0.96) (Web, 0.93) (SQL, root access, 0.94) (SQL, 0.93) From Fgure. 6 and table. 4 can be seen that the proposed method can accurately predct as well as constantly update attack ntenton and targets n advance. Then we analyze the performance of proposed algorthm. 1) Tme complexty. Algorthm. 1. scanned every securty events once to match the pattern n the attack pattern base. The number of attack patterns, m, as well as the number of stages n every pattern s steady. The algorthm starts only when a new attack s occurred, so the tme complexty of Algorthm. 1. s O(mn). Algorthm. 2. searched for the possble attack ntentons n all accessble hosts, whle the number of accessble hosts and the number of possble attack ntentons s steady. The tme complexty of Algorthm. 2 s O(kl). 2) Storage sze. AG Algorthm, proposed n paper [6], requres lstng all states n the n network, whch the tme complexty s O ( 2 ). In paper [15], EDG Algorthm mproves the scale by smplfyng twce to elmnate the loops. TSTG Algorthm, proposed n paper [16], avods the above problems by lftng the authorty and assocated analyzng the attack. But t s hard to deal wth the large network. In ths paper, the proposed stage recognton algorthm based on the attack ntenton dvdes attacks nto dfferent scenes rather than enumerate all states. We also avod the redundancy of attack state and attack lnk by recognzng every attack ntenton. The scale of the proposed algorthm s polynomal. And t mproves the comprehenson of the attack scene by the recognton of attack ntenton. In the meantme, t avods the appearance of loop through dscussng the possble state transferrng scenes to weaken the nfluence of false postve and repeated alert. TABLE IV compares the above algorthms n the network wth 3 hosts and 5 vulnerabltes. 5. Conclusons Table 4. Comparson of Algorthms Algorthm AG EDG TSTG Ths paper nodes edges granularty exponental polynomal polynomal polynomal loop no yes no no Based on the bass of artfcal ntellgence ntenton recognton, we proposed a dynamc real-tme network attack ntenton recognton algorthm. By correlatng realtme securty alerts and vulnerabltes, we found the spread route and stage of attacks based on graph theory and probablty theory. Then we dentfed the attack ntenton and predcted the possble transton of attacks, combned wth network connectvty relatonshp. A smulaton experments for the proposed network attack ntenton recognton algorthm s performed by network examples. The expermental results show that the proposed method can be more accurately dentfy attack ntenton and fully predct the post stage of attacks. Due to attackers always use decepton, concealment or other means to conceal ther behavor and ntenton, there s dfferent between attackdefense ntenton recognton wth ntenton recognton n artfcal ntellgence feld. So the ntruson ntenton recognton needs further research. 60 Copyrght c 2016 SERSC
11 Internatonal Journal of Securty and Its Applcatons References [1] K. A. Tahboub, Intellgent human-machne nteracton based on dynamc Bayesan networks probablstc ntenton recognton, Journal of Intellgent and Robotc Systems. no.45, (2006), pp [2] X. Cha, Q. Yang, Multple-goal recognton form low-level sgnals. Proceedngs of the 20th Natonal Conference on Artfcal Intellgence, Pttsburgh, Pennsylvana, (2005), pp [3] F. Cuppens, F. Autrel, A. Mege, S. Benferhat, Recognzng malcous ntenton n an ntruson detecton process. Proceedngs of the 2nd Internatonal Conference on Hybrd Intellgent Systems, (2002); Santago, Chle. [4] P. Nng, D. Xu, Learnng attack strateges from ntruson alerts, Proceedngs of the 10th ACM Conference on Computer and Communcatons Securty, (2003); Washngton, DC, USA. [5] Z. Yanxue, Z. Dongme, L. Jnxng. Approach to forecastng mult-stage attack based on fuzzy hdden markov model. Electroncs Optcs & Control, (2015), no. 22, pp [6] O. Sheyner, J. Hanes, S. Jha, R Lppmann, Automated Generaton and Analyss of Attack Graphs. Proceedngs of the 2002 IEEE Symp on Securty and Prvacy, (2002) May 12-15; Berkeley, Calforna, USA [7] S.Noel, S. Jaoda, Understandng complex network attack graphs through clustered adacency matrces. Proceedngs of the 21st Annual Computer Securty Applcatons Conference, (2005) December 5-9; Tucson, AZ, USA. [8] X. Ou, S. Govndavahala A. W., Apple. MulVAL: A logc-based network securty analyzer. Proceedngs of the 14th Usenx securty Symp. (2005) August 1 5; Baltmore, MD. [9] M. Alhomd, M Reed. Attack graph-based rsk assessment and optmzaton approach. Internatonal Journal of Network Securty & Applcatons., no. 6., (2014), pp [10] M. Schffman, Common Vulnerablty Scorng System (CVSS), html (2011). [11] W. Yong, L. Yfeng, F. Dengguo. A Network Securty Stuatonal Awareness Model Based on Informaton Fuson. Journal of Computer Research and Development. no. 46, (2009), pp [12] Q. Pel, Y. Yang, Study on Applcaton of Honeypot n Network Securty. Journal of Harbn Unversty of Scence and Technology. 14, (2009) [13] Q. Pel, S. Png, Research and Implementaton of Intruson Detecton System Merged Scanner Technque. Journal of Harbn Unversty of Scence and Technology, no. 14, (2009), pp [14] F. Kavous, B. Akbar, Automatc learnng of attack behavor patterns usng Bayesan networks. 6th Internatonal Symposum on Telecommuncatons, (2012) November 6-8; Tehran, IRAN. [15] S. Noel, Jaoda, O Berry B, S Jacobs M. Effcent mnmum-cost network hardenng va explot dependency graphs. Proc of the 19th Annual Computer Securty Applcatons Conference, CA: IEEE Computer Socety, (2003) December 8-12; Las Vegas, Nevada, USA. [16] Lv Huyng, P. Wu, W. Rume, W. Je. A Real-tme Network Threat Recognton and Assessment Method Based on Assocaton Analyss of Tme and Space. Journal of Computer Research and Development. 51, (2014), pp Copyrght c 2016 SERSC 61
12 Internatonal Journal of Securty and Its Applcatons 62 Copyrght c 2016 SERSC
Cluster Analysis of Electrical Behavior
Journal of Computer and Communcatons, 205, 3, 88-93 Publshed Onlne May 205 n ScRes. http://www.scrp.org/ournal/cc http://dx.do.org/0.4236/cc.205.350 Cluster Analyss of Electrcal Behavor Ln Lu Ln Lu, School
More informationAn Optimal Algorithm for Prufer Codes *
J. Software Engneerng & Applcatons, 2009, 2: 111-115 do:10.4236/jsea.2009.22016 Publshed Onlne July 2009 (www.scrp.org/journal/jsea) An Optmal Algorthm for Prufer Codes * Xaodong Wang 1, 2, Le Wang 3,
More informationSimulation Based Analysis of FAST TCP using OMNET++
Smulaton Based Analyss of FAST TCP usng OMNET++ Umar ul Hassan 04030038@lums.edu.pk Md Term Report CS678 Topcs n Internet Research Sprng, 2006 Introducton Internet traffc s doublng roughly every 3 months
More informationAn IPv6-Oriented IDS Framework and Solutions of Two Problems
An IPv6-Orented IDS Framework and Solutons of Two Problems We LI, Zhy FANG, Peng XU and ayang SI,2 School of Computer Scence and Technology, Jln Unversty Changchun, 3002, P.R.Chna 2 Graduate Unversty of
More informationContent Based Image Retrieval Using 2-D Discrete Wavelet with Texture Feature with Different Classifiers
IOSR Journal of Electroncs and Communcaton Engneerng (IOSR-JECE) e-issn: 78-834,p- ISSN: 78-8735.Volume 9, Issue, Ver. IV (Mar - Apr. 04), PP 0-07 Content Based Image Retreval Usng -D Dscrete Wavelet wth
More informationRelated-Mode Attacks on CTR Encryption Mode
Internatonal Journal of Network Securty, Vol.4, No.3, PP.282 287, May 2007 282 Related-Mode Attacks on CTR Encrypton Mode Dayn Wang, Dongda Ln, and Wenlng Wu (Correspondng author: Dayn Wang) Key Laboratory
More informationTN348: Openlab Module - Colocalization
TN348: Openlab Module - Colocalzaton Topc The Colocalzaton module provdes the faclty to vsualze and quantfy colocalzaton between pars of mages. The Colocalzaton wndow contans a prevew of the two mages
More informationParallelism for Nested Loops with Non-uniform and Flow Dependences
Parallelsm for Nested Loops wth Non-unform and Flow Dependences Sam-Jn Jeong Dept. of Informaton & Communcaton Engneerng, Cheonan Unversty, 5, Anseo-dong, Cheonan, Chungnam, 330-80, Korea. seong@cheonan.ac.kr
More informationVirtual Machine Migration based on Trust Measurement of Computer Node
Appled Mechancs and Materals Onlne: 2014-04-04 ISSN: 1662-7482, Vols. 536-537, pp 678-682 do:10.4028/www.scentfc.net/amm.536-537.678 2014 Trans Tech Publcatons, Swtzerland Vrtual Machne Mgraton based on
More informationUser Authentication Based On Behavioral Mouse Dynamics Biometrics
User Authentcaton Based On Behavoral Mouse Dynamcs Bometrcs Chee-Hyung Yoon Danel Donghyun Km Department of Computer Scence Department of Computer Scence Stanford Unversty Stanford Unversty Stanford, CA
More informationAn Image Fusion Approach Based on Segmentation Region
Rong Wang, L-Qun Gao, Shu Yang, Yu-Hua Cha, and Yan-Chun Lu An Image Fuson Approach Based On Segmentaton Regon An Image Fuson Approach Based on Segmentaton Regon Rong Wang, L-Qun Gao, Shu Yang 3, Yu-Hua
More informationDetermining the Optimal Bandwidth Based on Multi-criterion Fusion
Proceedngs of 01 4th Internatonal Conference on Machne Learnng and Computng IPCSIT vol. 5 (01) (01) IACSIT Press, Sngapore Determnng the Optmal Bandwdth Based on Mult-crteron Fuson Ha-L Lang 1+, Xan-Mn
More informationBioTechnology. An Indian Journal FULL PAPER. Trade Science Inc.
[Type text] [Type text] [Type text] ISSN : 0974-74 Volume 0 Issue BoTechnology 04 An Indan Journal FULL PAPER BTAIJ 0() 04 [684-689] Revew on Chna s sports ndustry fnancng market based on market -orented
More informationQuery Clustering Using a Hybrid Query Similarity Measure
Query clusterng usng a hybrd query smlarty measure Fu. L., Goh, D.H., & Foo, S. (2004). WSEAS Transacton on Computers, 3(3), 700-705. Query Clusterng Usng a Hybrd Query Smlarty Measure Ln Fu, Don Hoe-Lan
More informationLearning the Kernel Parameters in Kernel Minimum Distance Classifier
Learnng the Kernel Parameters n Kernel Mnmum Dstance Classfer Daoqang Zhang 1,, Songcan Chen and Zh-Hua Zhou 1* 1 Natonal Laboratory for Novel Software Technology Nanjng Unversty, Nanjng 193, Chna Department
More informationResource and Virtual Function Status Monitoring in Network Function Virtualization Environment
Journal of Physcs: Conference Seres PAPER OPEN ACCESS Resource and Vrtual Functon Status Montorng n Network Functon Vrtualzaton Envronment To cte ths artcle: MS Ha et al 2018 J. Phys.: Conf. Ser. 1087
More informationA Fast Visual Tracking Algorithm Based on Circle Pixels Matching
A Fast Vsual Trackng Algorthm Based on Crcle Pxels Matchng Zhqang Hou hou_zhq@sohu.com Chongzhao Han czhan@mal.xjtu.edu.cn Ln Zheng Abstract: A fast vsual trackng algorthm based on crcle pxels matchng
More informationSecurity Vulnerabilities of an Enhanced Remote User Authentication Scheme
Contemporary Engneerng Scences, Vol. 7, 2014, no. 26, 1475-1482 HIKARI Ltd, www.m-hkar.com http://dx.do.org/10.12988/ces.2014.49186 Securty Vulnerabltes of an Enhanced Remote User Authentcaton Scheme Hae-Soon
More informationTECHNIQUE OF FORMATION HOMOGENEOUS SAMPLE SAME OBJECTS. Muradaliyev A.Z.
TECHNIQUE OF FORMATION HOMOGENEOUS SAMPLE SAME OBJECTS Muradalyev AZ Azerbajan Scentfc-Research and Desgn-Prospectng Insttute of Energetc AZ1012, Ave HZardab-94 E-mal:aydn_murad@yahoocom Importance of
More informationSecurity Enhanced Dynamic ID based Remote User Authentication Scheme for Multi-Server Environments
Internatonal Journal of u- and e- ervce, cence and Technology Vol8, o 7 0), pp7-6 http://dxdoorg/07/unesst087 ecurty Enhanced Dynamc ID based Remote ser Authentcaton cheme for ult-erver Envronments Jun-ub
More informationDetection of an Object by using Principal Component Analysis
Detecton of an Object by usng Prncpal Component Analyss 1. G. Nagaven, 2. Dr. T. Sreenvasulu Reddy 1. M.Tech, Department of EEE, SVUCE, Trupath, Inda. 2. Assoc. Professor, Department of ECE, SVUCE, Trupath,
More informationClassifier Selection Based on Data Complexity Measures *
Classfer Selecton Based on Data Complexty Measures * Edth Hernández-Reyes, J.A. Carrasco-Ochoa, and J.Fco. Martínez-Trndad Natonal Insttute for Astrophyscs, Optcs and Electroncs, Lus Enrque Erro No.1 Sta.
More informationSLAM Summer School 2006 Practical 2: SLAM using Monocular Vision
SLAM Summer School 2006 Practcal 2: SLAM usng Monocular Vson Javer Cvera, Unversty of Zaragoza Andrew J. Davson, Imperal College London J.M.M Montel, Unversty of Zaragoza. josemar@unzar.es, jcvera@unzar.es,
More informationA Model Based on Multi-agent for Dynamic Bandwidth Allocation in Networks Guang LU, Jian-Wen QI
216 Jont Internatonal Conference on Artfcal Intellgence and Computer Engneerng (AICE 216) and Internatonal Conference on etwork and Communcaton Securty (CS 216) ISB: 978-1-6595-362-5 A Model Based on Mult-agent
More informationA Binarization Algorithm specialized on Document Images and Photos
A Bnarzaton Algorthm specalzed on Document mages and Photos Ergna Kavalleratou Dept. of nformaton and Communcaton Systems Engneerng Unversty of the Aegean kavalleratou@aegean.gr Abstract n ths paper, a
More informationNetwork Intrusion Detection Based on PSO-SVM
TELKOMNIKA Indonesan Journal of Electrcal Engneerng Vol.1, No., February 014, pp. 150 ~ 1508 DOI: http://dx.do.org/10.11591/telkomnka.v1.386 150 Network Intruson Detecton Based on PSO-SVM Changsheng Xang*
More informationFault Detection in Rule-Based Software Systems
Fault Detecton n Rule-Based Software Systems Dong Wang, Rubng Hao and Davd Lee Bell Labs Research Chna Bejng, Chna, 100080 {wangd, rbhao, leedavd}@lucent.com Abstract Motvated by packet flterng of frewall
More informationA Fast Content-Based Multimedia Retrieval Technique Using Compressed Data
A Fast Content-Based Multmeda Retreval Technque Usng Compressed Data Borko Furht and Pornvt Saksobhavvat NSF Multmeda Laboratory Florda Atlantc Unversty, Boca Raton, Florda 3343 ABSTRACT In ths paper,
More informationScheduling Remote Access to Scientific Instruments in Cyberinfrastructure for Education and Research
Schedulng Remote Access to Scentfc Instruments n Cybernfrastructure for Educaton and Research Je Yn 1, Junwe Cao 2,3,*, Yuexuan Wang 4, Lanchen Lu 1,3 and Cheng Wu 1,3 1 Natonal CIMS Engneerng and Research
More informationAADL : about scheduling analysis
AADL : about schedulng analyss Schedulng analyss, what s t? Embedded real-tme crtcal systems have temporal constrants to meet (e.g. deadlne). Many systems are bult wth operatng systems provdng multtaskng
More informationPrivate Information Retrieval (PIR)
2 Levente Buttyán Problem formulaton Alce wants to obtan nformaton from a database, but she does not want the database to learn whch nformaton she wanted e.g., Alce s an nvestor queryng a stock-market
More informationProblem Definitions and Evaluation Criteria for Computational Expensive Optimization
Problem efntons and Evaluaton Crtera for Computatonal Expensve Optmzaton B. Lu 1, Q. Chen and Q. Zhang 3, J. J. Lang 4, P. N. Suganthan, B. Y. Qu 6 1 epartment of Computng, Glyndwr Unversty, UK Faclty
More informationMULTISPECTRAL IMAGES CLASSIFICATION BASED ON KLT AND ATR AUTOMATIC TARGET RECOGNITION
MULTISPECTRAL IMAGES CLASSIFICATION BASED ON KLT AND ATR AUTOMATIC TARGET RECOGNITION Paulo Quntlano 1 & Antono Santa-Rosa 1 Federal Polce Department, Brasla, Brazl. E-mals: quntlano.pqs@dpf.gov.br and
More informationPerformance Evaluation of Information Retrieval Systems
Why System Evaluaton? Performance Evaluaton of Informaton Retreval Systems Many sldes n ths secton are adapted from Prof. Joydeep Ghosh (UT ECE) who n turn adapted them from Prof. Dk Lee (Unv. of Scence
More informationAnalysis on the Workspace of Six-degrees-of-freedom Industrial Robot Based on AutoCAD
Analyss on the Workspace of Sx-degrees-of-freedom Industral Robot Based on AutoCAD Jn-quan L 1, Ru Zhang 1,a, Fang Cu 1, Q Guan 1 and Yang Zhang 1 1 School of Automaton, Bejng Unversty of Posts and Telecommuncatons,
More informationTerm Weighting Classification System Using the Chi-square Statistic for the Classification Subtask at NTCIR-6 Patent Retrieval Task
Proceedngs of NTCIR-6 Workshop Meetng, May 15-18, 2007, Tokyo, Japan Term Weghtng Classfcaton System Usng the Ch-square Statstc for the Classfcaton Subtask at NTCIR-6 Patent Retreval Task Kotaro Hashmoto
More informationCorner-Based Image Alignment using Pyramid Structure with Gradient Vector Similarity
Journal of Sgnal and Informaton Processng, 013, 4, 114-119 do:10.436/jsp.013.43b00 Publshed Onlne August 013 (http://www.scrp.org/journal/jsp) Corner-Based Image Algnment usng Pyramd Structure wth Gradent
More informationResearch of Dynamic Access to Cloud Database Based on Improved Pheromone Algorithm
, pp.197-202 http://dx.do.org/10.14257/dta.2016.9.5.20 Research of Dynamc Access to Cloud Database Based on Improved Pheromone Algorthm Yongqang L 1 and Jn Pan 2 1 (Software Technology Vocatonal College,
More informationConcurrent Apriori Data Mining Algorithms
Concurrent Apror Data Mnng Algorthms Vassl Halatchev Department of Electrcal Engneerng and Computer Scence York Unversty, Toronto October 8, 2015 Outlne Why t s mportant Introducton to Assocaton Rule Mnng
More informationSolving two-person zero-sum game by Matlab
Appled Mechancs and Materals Onlne: 2011-02-02 ISSN: 1662-7482, Vols. 50-51, pp 262-265 do:10.4028/www.scentfc.net/amm.50-51.262 2011 Trans Tech Publcatons, Swtzerland Solvng two-person zero-sum game by
More informationFAHP and Modified GRA Based Network Selection in Heterogeneous Wireless Networks
2017 2nd Internatonal Semnar on Appled Physcs, Optoelectroncs and Photoncs (APOP 2017) ISBN: 978-1-60595-522-3 FAHP and Modfed GRA Based Network Selecton n Heterogeneous Wreless Networks Xaohan DU, Zhqng
More information3. CR parameters and Multi-Objective Fitness Function
3 CR parameters and Mult-objectve Ftness Functon 41 3. CR parameters and Mult-Objectve Ftness Functon 3.1. Introducton Cogntve rados dynamcally confgure the wreless communcaton system, whch takes beneft
More informationThe Research of Support Vector Machine in Agricultural Data Classification
The Research of Support Vector Machne n Agrcultural Data Classfcaton Le Sh, Qguo Duan, Xnmng Ma, Me Weng College of Informaton and Management Scence, HeNan Agrcultural Unversty, Zhengzhou 45000 Chna Zhengzhou
More informationLoad-Balanced Anycast Routing
Load-Balanced Anycast Routng Chng-Yu Ln, Jung-Hua Lo, and Sy-Yen Kuo Department of Electrcal Engneerng atonal Tawan Unversty, Tape, Tawan sykuo@cc.ee.ntu.edu.tw Abstract For fault-tolerance and load-balance
More informationLoad Balancing for Hex-Cell Interconnection Network
Int. J. Communcatons, Network and System Scences,,, - Publshed Onlne Aprl n ScRes. http://www.scrp.org/journal/jcns http://dx.do.org/./jcns.. Load Balancng for Hex-Cell Interconnecton Network Saher Manaseer,
More informationModule Management Tool in Software Development Organizations
Journal of Computer Scence (5): 8-, 7 ISSN 59-66 7 Scence Publcatons Management Tool n Software Development Organzatons Ahmad A. Al-Rababah and Mohammad A. Al-Rababah Faculty of IT, Al-Ahlyyah Amman Unversty,
More informationA New Approach For the Ranking of Fuzzy Sets With Different Heights
New pproach For the ankng of Fuzzy Sets Wth Dfferent Heghts Pushpnder Sngh School of Mathematcs Computer pplcatons Thapar Unversty, Patala-7 00 Inda pushpndersnl@gmalcom STCT ankng of fuzzy sets plays
More informationA CALCULATION METHOD OF DEEP WEB ENTITIES RECOGNITION
A CALCULATION METHOD OF DEEP WEB ENTITIES RECOGNITION 1 FENG YONG, DANG XIAO-WAN, 3 XU HONG-YAN School of Informaton, Laonng Unversty, Shenyang Laonng E-mal: 1 fyxuhy@163.com, dangxaowan@163.com, 3 xuhongyan_lndx@163.com
More informationEvaluation of an Enhanced Scheme for High-level Nested Network Mobility
IJCSNS Internatonal Journal of Computer Scence and Network Securty, VOL.15 No.10, October 2015 1 Evaluaton of an Enhanced Scheme for Hgh-level Nested Network Moblty Mohammed Babker Al Mohammed, Asha Hassan.
More informationTsinghua University at TAC 2009: Summarizing Multi-documents by Information Distance
Tsnghua Unversty at TAC 2009: Summarzng Mult-documents by Informaton Dstance Chong Long, Mnle Huang, Xaoyan Zhu State Key Laboratory of Intellgent Technology and Systems, Tsnghua Natonal Laboratory for
More informationAdvanced Computer Networks
Char of Network Archtectures and Servces Department of Informatcs Techncal Unversty of Munch Note: Durng the attendance check a stcker contanng a unque QR code wll be put on ths exam. Ths QR code contans
More informationDistributed Resource Scheduling in Grid Computing Using Fuzzy Approach
Dstrbuted Resource Schedulng n Grd Computng Usng Fuzzy Approach Shahram Amn, Mohammad Ahmad Computer Engneerng Department Islamc Azad Unversty branch Mahallat, Iran Islamc Azad Unversty branch khomen,
More informationAdaptive Transfer Learning
Adaptve Transfer Learnng Bn Cao, Snno Jaln Pan, Yu Zhang, Dt-Yan Yeung, Qang Yang Hong Kong Unversty of Scence and Technology Clear Water Bay, Kowloon, Hong Kong {caobn,snnopan,zhangyu,dyyeung,qyang}@cse.ust.hk
More informationA mathematical programming approach to the analysis, design and scheduling of offshore oilfields
17 th European Symposum on Computer Aded Process Engneerng ESCAPE17 V. Plesu and P.S. Agach (Edtors) 2007 Elsever B.V. All rghts reserved. 1 A mathematcal programmng approach to the analyss, desgn and
More informationFusion Performance Model for Distributed Tracking and Classification
Fuson Performance Model for Dstrbuted rackng and Classfcaton K.C. Chang and Yng Song Dept. of SEOR, School of I&E George Mason Unversty FAIRFAX, VA kchang@gmu.edu Martn Lggns Verdan Systems Dvson, Inc.
More informationLecture 5: Multilayer Perceptrons
Lecture 5: Multlayer Perceptrons Roger Grosse 1 Introducton So far, we ve only talked about lnear models: lnear regresson and lnear bnary classfers. We noted that there are functons that can t be represented
More informationA Resources Virtualization Approach Supporting Uniform Access to Heterogeneous Grid Resources 1
A Resources Vrtualzaton Approach Supportng Unform Access to Heterogeneous Grd Resources 1 Cunhao Fang 1, Yaoxue Zhang 2, Song Cao 3 1 Tsnghua Natonal Labatory of Inforamaton Scence and Technology 2 Department
More informationPetri Net Based Software Dependability Engineering
Proc. RELECTRONIC 95, Budapest, pp. 181-186; October 1995 Petr Net Based Software Dependablty Engneerng Monka Hener Brandenburg Unversty of Technology Cottbus Computer Scence Insttute Postbox 101344 D-03013
More informationQuerying by sketch geographical databases. Yu Han 1, a *
4th Internatonal Conference on Sensors, Measurement and Intellgent Materals (ICSMIM 2015) Queryng by sketch geographcal databases Yu Han 1, a * 1 Department of Basc Courses, Shenyang Insttute of Artllery,
More informationSkew Angle Estimation and Correction of Hand Written, Textual and Large areas of Non-Textual Document Images: A Novel Approach
Angle Estmaton and Correcton of Hand Wrtten, Textual and Large areas of Non-Textual Document Images: A Novel Approach D.R.Ramesh Babu Pyush M Kumat Mahesh D Dhannawat PES Insttute of Technology Research
More informationSum of Linear and Fractional Multiobjective Programming Problem under Fuzzy Rules Constraints
Australan Journal of Basc and Appled Scences, 2(4): 1204-1208, 2008 ISSN 1991-8178 Sum of Lnear and Fractonal Multobjectve Programmng Problem under Fuzzy Rules Constrants 1 2 Sanjay Jan and Kalash Lachhwan
More informationFor instance, ; the five basic number-sets are increasingly more n A B & B A A = B (1)
Secton 1.2 Subsets and the Boolean operatons on sets If every element of the set A s an element of the set B, we say that A s a subset of B, or that A s contaned n B, or that B contans A, and we wrte A
More informationA Unified Framework for Semantics and Feature Based Relevance Feedback in Image Retrieval Systems
A Unfed Framework for Semantcs and Feature Based Relevance Feedback n Image Retreval Systems Ye Lu *, Chunhu Hu 2, Xngquan Zhu 3*, HongJang Zhang 2, Qang Yang * School of Computng Scence Smon Fraser Unversty
More informationCourse Introduction. Algorithm 8/31/2017. COSC 320 Advanced Data Structures and Algorithms. COSC 320 Advanced Data Structures and Algorithms
Course Introducton Course Topcs Exams, abs, Proects A quc loo at a few algorthms 1 Advanced Data Structures and Algorthms Descrpton: We are gong to dscuss algorthm complexty analyss, algorthm desgn technques
More informationA New Transaction Processing Model Based on Optimistic Concurrency Control
A New Transacton Processng Model Based on Optmstc Concurrency Control Wang Pedong,Duan Xpng,Jr. Abstract-- In ths paper, to support moblty and dsconnecton of moble clents effectvely n moble computng envronment,
More informationCollege of Mathematics and Computer Science, Fuzhou University, Fuzhou Fujian , China.
07 nd Internatonal Conference on Computer Scence and Technology (CST 07 ISBN: 978--60595-46-5 Zero-Permsson Moble Devce Identfcaton Based on the Smlarty of Browser Fngerprnts Nan-hua KANG,, Mng-zh CHEN,,
More informationAdaptive Energy and Location Aware Routing in Wireless Sensor Network
Adaptve Energy and Locaton Aware Routng n Wreless Sensor Network Hong Fu 1,1, Xaomng Wang 1, Yngshu L 1 Department of Computer Scence, Shaanx Normal Unversty, X an, Chna, 71006 fuhong433@gmal.com {wangxmsnnu@hotmal.cn}
More informationUsing Fuzzy Logic to Enhance the Large Size Remote Sensing Images
Internatonal Journal of Informaton and Electroncs Engneerng Vol. 5 No. 6 November 015 Usng Fuzzy Logc to Enhance the Large Sze Remote Sensng Images Trung Nguyen Tu Huy Ngo Hoang and Thoa Vu Van Abstract
More informationDetecting Compounded Anomalous SNMP Situations Using Cooperative Unsupervised Pattern Recognition
Detectng Compounded Anomalous SNMP Stuatons Usng Cooperatve Unsupervsed Pattern Recognton Emlo Corchado, Álvaro Herrero, José Manuel Sáz Department of Cvl Engneerng, Unversty of Burgos, Span escorchado@ubu.es
More informationMachine Learning: Algorithms and Applications
14/05/1 Machne Learnng: Algorthms and Applcatons Florano Zn Free Unversty of Bozen-Bolzano Faculty of Computer Scence Academc Year 011-01 Lecture 10: 14 May 01 Unsupervsed Learnng cont Sldes courtesy of
More informationSubspace clustering. Clustering. Fundamental to all clustering techniques is the choice of distance measure between data points;
Subspace clusterng Clusterng Fundamental to all clusterng technques s the choce of dstance measure between data ponts; D q ( ) ( ) 2 x x = x x, j k = 1 k jk Squared Eucldean dstance Assumpton: All features
More informationSequential search. Building Java Programs Chapter 13. Sequential search. Sequential search
Sequental search Buldng Java Programs Chapter 13 Searchng and Sortng sequental search: Locates a target value n an array/lst by examnng each element from start to fnsh. How many elements wll t need to
More informationRecommended Items Rating Prediction based on RBF Neural Network Optimized by PSO Algorithm
Recommended Items Ratng Predcton based on RBF Neural Network Optmzed by PSO Algorthm Chengfang Tan, Cayn Wang, Yuln L and Xx Q Abstract In order to mtgate the data sparsty and cold-start problems of recommendaton
More informationReal-time Fault-tolerant Scheduling Algorithm for Distributed Computing Systems
Real-tme Fault-tolerant Schedulng Algorthm for Dstrbuted Computng Systems Yun Lng, Y Ouyang College of Computer Scence and Informaton Engneerng Zheang Gongshang Unversty Postal code: 310018 P.R.CHINA {ylng,
More informationCHAPTER 2 PROPOSED IMPROVED PARTICLE SWARM OPTIMIZATION
24 CHAPTER 2 PROPOSED IMPROVED PARTICLE SWARM OPTIMIZATION The present chapter proposes an IPSO approach for multprocessor task schedulng problem wth two classfcatons, namely, statc ndependent tasks and
More informationNetwork Coding as a Dynamical System
Network Codng as a Dynamcal System Narayan B. Mandayam IEEE Dstngushed Lecture (jont work wth Dan Zhang and a Su) Department of Electrcal and Computer Engneerng Rutgers Unversty Outlne. Introducton 2.
More informationGA-Based Learning Algorithms to Identify Fuzzy Rules for Fuzzy Neural Networks
Seventh Internatonal Conference on Intellgent Systems Desgn and Applcatons GA-Based Learnng Algorthms to Identfy Fuzzy Rules for Fuzzy Neural Networks K Almejall, K Dahal, Member IEEE, and A Hossan, Member
More informationEnhancement of Infrequent Purchased Product Recommendation Using Data Mining Techniques
Enhancement of Infrequent Purchased Product Recommendaton Usng Data Mnng Technques Noraswalza Abdullah, Yue Xu, Shlomo Geva, and Mark Loo Dscplne of Computer Scence Faculty of Scence and Technology Queensland
More informationClassifying Acoustic Transient Signals Using Artificial Intelligence
Classfyng Acoustc Transent Sgnals Usng Artfcal Intellgence Steve Sutton, Unversty of North Carolna At Wlmngton (suttons@charter.net) Greg Huff, Unversty of North Carolna At Wlmngton (jgh7476@uncwl.edu)
More informationThe Greedy Method. Outline and Reading. Change Money Problem. Greedy Algorithms. Applications of the Greedy Strategy. The Greedy Method Technique
//00 :0 AM Outlne and Readng The Greedy Method The Greedy Method Technque (secton.) Fractonal Knapsack Problem (secton..) Task Schedulng (secton..) Mnmum Spannng Trees (secton.) Change Money Problem Greedy
More informationFeature Selection as an Improving Step for Decision Tree Construction
2009 Internatonal Conference on Machne Learnng and Computng IPCSIT vol.3 (2011) (2011) IACSIT Press, Sngapore Feature Selecton as an Improvng Step for Decson Tree Constructon Mahd Esmael 1, Fazekas Gabor
More informationPositive Semi-definite Programming Localization in Wireless Sensor Networks
Postve Sem-defnte Programmng Localzaton n Wreless Sensor etworks Shengdong Xe 1,, Jn Wang, Aqun Hu 1, Yunl Gu, Jang Xu, 1 School of Informaton Scence and Engneerng, Southeast Unversty, 10096, anjng Computer
More informationAn Improved Image Segmentation Algorithm Based on the Otsu Method
3th ACIS Internatonal Conference on Software Engneerng, Artfcal Intellgence, Networkng arallel/dstrbuted Computng An Improved Image Segmentaton Algorthm Based on the Otsu Method Mengxng Huang, enjao Yu,
More informationRemote Sensing Image Retrieval Algorithm based on MapReduce and Characteristic Information
Remote Sensng Image Retreval Algorthm based on MapReduce and Characterstc Informaton Zhang Meng 1, 1 Computer School, Wuhan Unversty Hube, Wuhan430097 Informaton Center, Wuhan Unversty Hube, Wuhan430097
More informationThe Shortest Path of Touring Lines given in the Plane
Send Orders for Reprnts to reprnts@benthamscence.ae 262 The Open Cybernetcs & Systemcs Journal, 2015, 9, 262-267 The Shortest Path of Tourng Lnes gven n the Plane Open Access Ljuan Wang 1,2, Dandan He
More informationObject-Based Techniques for Image Retrieval
54 Zhang, Gao, & Luo Chapter VII Object-Based Technques for Image Retreval Y. J. Zhang, Tsnghua Unversty, Chna Y. Y. Gao, Tsnghua Unversty, Chna Y. Luo, Tsnghua Unversty, Chna ABSTRACT To overcome the
More informationS1 Note. Basis functions.
S1 Note. Bass functons. Contents Types of bass functons...1 The Fourer bass...2 B-splne bass...3 Power and type I error rates wth dfferent numbers of bass functons...4 Table S1. Smulaton results of type
More informationResearch and Application of Fingerprint Recognition Based on MATLAB
Send Orders for Reprnts to reprnts@benthamscence.ae The Open Automaton and Control Systems Journal, 205, 7, 07-07 Open Access Research and Applcaton of Fngerprnt Recognton Based on MATLAB Nng Lu* Department
More informationHelsinki University Of Technology, Systems Analysis Laboratory Mat Independent research projects in applied mathematics (3 cr)
Helsnk Unversty Of Technology, Systems Analyss Laboratory Mat-2.08 Independent research projects n appled mathematcs (3 cr) "! #$&% Antt Laukkanen 506 R ajlaukka@cc.hut.f 2 Introducton...3 2 Multattrbute
More informationUB at GeoCLEF Department of Geography Abstract
UB at GeoCLEF 2006 Mguel E. Ruz (1), Stuart Shapro (2), June Abbas (1), Slva B. Southwck (1) and Davd Mark (3) State Unversty of New York at Buffalo (1) Department of Lbrary and Informaton Studes (2) Department
More informationAssociative Based Classification Algorithm For Diabetes Disease Prediction
Internatonal Journal of Engneerng Trends and Technology (IJETT) Volume-41 Number-3 - November 016 Assocatve Based Classfcaton Algorthm For Dabetes Dsease Predcton 1 N. Gnana Deepka, Y.surekha, 3 G.Laltha
More informationA Simple Methodology for Database Clustering. Hao Tang 12 Guangdong University of Technology, Guangdong, , China
for Database Clusterng Guangdong Unversty of Technology, Guangdong, 0503, Chna E-mal: 6085@qq.com Me Zhang Guangdong Unversty of Technology, Guangdong, 0503, Chna E-mal:64605455@qq.com Database clusterng
More informationUsing Neural Networks and Support Vector Machines in Data Mining
Usng eural etworks and Support Vector Machnes n Data Mnng RICHARD A. WASIOWSKI Computer Scence Department Calforna State Unversty Domnguez Hlls Carson, CA 90747 USA Abstract: - Multvarate data analyss
More informationApplication of VCG in Replica Placement Strategy of Cloud Storage
Internatonal Journal of Grd and Dstrbuted Computng, pp.27-40 http://dx.do.org/10.14257/jgdc.2016.9.4.03 Applcaton of VCG n Replca Placement Strategy of Cloud Storage Wang Hongxa Computer Department, Bejng
More information(1) The control processes are too complex to analyze by conventional quantitative techniques.
Chapter 0 Fuzzy Control and Fuzzy Expert Systems The fuzzy logc controller (FLC) s ntroduced n ths chapter. After ntroducng the archtecture of the FLC, we study ts components step by step and suggest a
More informationA Saturation Binary Neural Network for Crossbar Switching Problem
A Saturaton Bnary Neural Network for Crossbar Swtchng Problem Cu Zhang 1, L-Qng Zhao 2, and Rong-Long Wang 2 1 Department of Autocontrol, Laonng Insttute of Scence and Technology, Benx, Chna bxlkyzhangcu@163.com
More informationMaintaining temporal validity of real-time data on non-continuously executing resources
Mantanng temporal valdty of real-tme data on non-contnuously executng resources Tan Ba, Hong Lu and Juan Yang Hunan Insttute of Scence and Technology, College of Computer Scence, 44, Yueyang, Chna Wuhan
More informationCompiler Design. Spring Register Allocation. Sample Exercises and Solutions. Prof. Pedro C. Diniz
Compler Desgn Sprng 2014 Regster Allocaton Sample Exercses and Solutons Prof. Pedro C. Dnz USC / Informaton Scences Insttute 4676 Admralty Way, Sute 1001 Marna del Rey, Calforna 90292 pedro@s.edu Regster
More informationThe Discovery of Action Groups for Smart Home
The Dscovery of Acton Groups for Smart Home Hsen-Chou Lao,* Bo-Yu La Sheng-Che Hsao Department of Computer Scence and Informaton Engneerng Chaoyang Unversty of Technology Wufong Townshp, Tachung County,
More informationA User Selection Method in Advertising System
Int. J. Communcatons, etwork and System Scences, 2010, 3, 54-58 do:10.4236/jcns.2010.31007 Publshed Onlne January 2010 (http://www.scrp.org/journal/jcns/). A User Selecton Method n Advertsng System Shy
More information