Visible to the public Hard Problems: Human Behavior and Security 2015 (Part 1)Conflict Detection Enabled

SoS Newsletter- Advanced Book Block


SoS Logo

Hard Problems: Human Behavior and Security

2015 (Part 1)


Human behavior creates the most complex of hard problems for the Science of Security community. The research work cited here was presented in 2015.

Y. Yang, N. Vlajic and U. T. Nguyen, “Web Bots that Mimic Human Browsing Behavior on Previously Unvisited Web-Sites: Feasibility Study and Security Implications,” Communications and Network Security (CNS), 2015 IEEE Conference on, Florence, 2015, pp. 757-758. doi: 10.1109/CNS.2015.7346921
Abstract: In the past, there have been many attempts at developing accurate models of human-like browsing behavior. However, most of these attempts/models suffer from one of following drawbacks: they either require that some previous history of actual human browsing on the target web-site be available (which often is not the case); or, they assume that 'think times' and 'page popularities' follow the well-known Poisson and Zipf distribution (an old hypothesis that does not hold well in the modern-day WWW). To our knowledge, our work is the first attempt at developing a model of human-like browsing behavior that requires no prior knowledge or assumption about human behavior on the target site. The model is founded on a more general theory that defines human behavior as an 'interest-driven' process. The preliminary simulation results are very encouraging - web bots built using our model are capable of mimicking real human browsing behavior 1000-fold better compared to bots that deploy random crawling strategy.
Keywords: Internet; Poisson distribution; Web sites; Web bots; Web-sites; Zipf distribution; human-like browsing behavior; interest-driven process; Computer hacking; Electronic mail; History; Software; Web pages; bot modeling; interest-driven human browsing (ID#: 16-9609)


M. Kilger, “Integrating Human Behavior into the Development of Future Cyberterrorism Scenarios,” Availability, Reliability and Security (ARES), 2015 10th International Conference on, Toulouse, 2015, pp. 693-700. doi: 10.1109/ARES.2015.105
Abstract: The development of future cyber terrorism scenarios is a key component in building a more comprehensive understanding of cyber threats that are likely to emerge in the near-to mid-term future. While developing concepts of likely new, emerging digital technologies is an important part of this process, this article suggests that understanding the psychological and social forces involved in cyber terrorism is also a key component in the analysis and that the synergy of these two dimensions may produce more accurate and detailed future cyber threat scenarios than either analytical element alone.
Keywords: computer crime; human factors; terrorism; cyber threats; cyberterrorism scenarios; digital technologies; human behavior; psychological force; social force; Computer crime; Computer hacking; Organizations; Predictive models; Psychology; Terrorism; cyberterrorism; motivation; psychological; scenario; social (ID#: 16-9610)


N. Rastogi, “Sentences and Circumplexes: Prediction of Human Behaviour and Human Emotional States in Social Media,” Green Computing and Internet of Things (ICGCIoT), 2015 International Conference on, Noida, 2015, pp. 463-465. doi: 10.1109/ICGCIoT.2015.7380508
Abstract: This report explores the usage of Circumplexes on an individual depth. Understanding and defining a person on basis of their emotions and interests. Using Circumplexes for valence of emotions [1]. Circumplex has been redefined for this type of work. The goal is to understand human emotions and predict them. Emotional states and Ideas has been treated differently throughout this report. Security of individuals, prediction of human behaviour has been dealt in this model. How this model can radically change the things like mobile application, artificial intelligence, internet services, video games and different media. Rating people on their emotional state (pleasure or displeasure). A basic understanding of how a person will be affected or react to a certain situations or about his/her interest in things can be predicted more accurately.
Keywords: Internet; behavioural sciences computing; computer games; mobile computing; social networking (online); Internet services; artificial intelligence; emotional state; human behaviour prediction; human emotional states; mobile application; social media; video games; Predictive models; Circumplex; emotional granularity; facial recognition; optical character recognition; social trends; voice recognition (ID#: 16-9611)


O. Banos et al., “Mining Minds: An Innovative Framework for Personalized Health and Wellness Support,” Pervasive Computing Technologies for Healthcare (PervasiveHealth), 2015 9th International Conference on, Istanbul, 2015, pp. 1-8. doi: 10.4108/icst.pervasivehealth.2015.259083
Abstract: The world is witnessing a spectacular shift in the delivery of health and wellness care. The key ingredient of this transformation consists in the use of revolutionary digital technologies to empower people in their self-management as well as to enhance traditional care procedures. While substantial domain-specific contributions have been provided to that end in the recent years, there is a clear lack of platforms that may orchestrate, and intelligently leverage, all the data, information and knowledge generated through these technologies. This work presents Mining Minds, an innovative framework that builds on the core ideas of the digital health and wellness paradigms to enable the provision of personalized healthcare and wellness support. Mining Minds embraces some of the currently most prominent digital technologies, ranging from Big Data and Cloud Computing to Wearables and Internet of Things, and state-of-the-art concepts and methods, such as Context-Awareness, Knowledge Bases or Analytics, among others. This paper aims at thoroughly describing the efficient and rational combination and interoperation of these modern technologies and methods through Mining Minds, while meeting the essential requirements posed by a framework for personalized health and wellness support.
Keywords: Big Data; Internet of Things; cloud computing; data mining; health care; Mining Minds; big data; context-awareness; digital health and wellness paradigms; digital technologies; domain-specific contributions; health and wellness care; knowledge analytics; knowledge bases; personalized health and wellness support; traditional care procedures; wearables; Biomedical monitoring; Data mining; Medical services; Mobile communication; Monitoring; Privacy; Security; digital health; human behavior; quantified-self; user experience (ID#: 16-9612)


S. S. Yau, A. B. Buduru and V. Nagaraja, “Protecting Critical Cloud Infrastructures with Predictive Capability,” Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on, New York City, NY, 2015, pp. 1119-1124. doi: 10.1109/CLOUD.2015.165
Abstract: Emerging trends in cyber system security breaches, including those in critical infrastructures involving cloud systems, such as in applications of military, homeland security, finance, utilities and transportation systems, have shown that attackers have abundant resources, including both human and computing power, to launch attacks. The sophistication and resources used in attacks reflect that the attackers may be supported by large organizations and in some cases by foreign governments. Hence, there is an urgent need to develop intelligent cyber defense approaches to better protecting critical cloud infrastructures. In order to have much better protection for critical cloud infrastructures, effective approaches with predictive capability are needed. Much research has been done by applying game theory to generating adversarial models for predictive defense of critical infrastructures. However, these approaches have serious limitations, some of which are due to the assumptions used in these approaches, such as rationality and Nash equilibrium, which may not be valid for current and emerging cloud infrastructures. Another major limitation of these approaches is that they do not capture probabilistic human behaviors accurately, and hence do not incorporate human behaviors. In order to greatly improve the protection of critical cloud infrastructures, it is necessary to predict potential security breaches on critical cloud infrastructures with accurate system-wide causal relationship and probabilistic human behaviors. In this paper, the challenges and our vision on developing such proactive protection approaches are discussed.
Keywords: cloud computing; critical infrastructures; data protection; inference mechanisms; security of data; Nash equilibrium; adversarial models; critical cloud infrastructures; cyber system security breaches; game theory; intelligent cyber defense approaches; predictive defense; proactive protection approaches; probabilistic human behaviors; probabilistic reasoning; Accuracy; Bayes methods; Game theory; Measurement; Organizations; Probabilistic logic; Security; Critical cloud infrastructures; pro-active protection; security breaches (ID#: 16-9613)


Y. Yang, N. Vlajic and U. T. Nguyen, “Next Generation of Impersonator Bots: Mimicking Human Browsing on Previously Unvisited Sites,” Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference on, New York, NY, 2015, pp. 356-361. doi: 10.1109/CSCloud.2015.93
Abstract: The development of Web bots capable of exhibiting human-like browsing behavior has long been the goal of practitioners on both side of security spectrum - malicious hackers as well as security defenders. For malicious hackers such bots are an effective vehicle for bypassing various layers of system/network protection or for obstructing the operation of Intrusion Detection Systems (IDSs). For security defenders, the use of human-like behaving bots is shown to be of great importance in the process of system/network provisioning and testing. In the past, there have been many attempts at developing accurate models of human-like browsing behavior. However, most of these attempts/models suffer from one of following drawbacks: they either require that some previous history of actual human browsing on the target web-site be available (which often is not the case), or, they assume that 'think times' and 'page popularities' follow the well-known Poisson and Zipf distribution (an old hypothesis that does not hold well in the modern-day WWW). To our knowledge, our work is the first attempt at developing a model of human-like browsing behavior that requires no prior knowledge or assumption about human behavior on the target site. The model is founded on a more general theory that defines human behavior as an 'interest-driven' process. The preliminary simulation results are very encouraging - web bots built using our model are capable of mimicking real human browsing behavior 1000-fold better compared to bots that deploy random crawling strategy.
Keywords: Internet; Poisson distribution; Web sites; computer crime; invasive software; IDS; Web bots; Web-site; Zipf distribution; human behavior; human browsing behavior; human-like behaving bots; human-like browsing behavior; impersonator bot; intrusion detection system; network protection; next generation; random crawling strategy; security defender; security spectrum-malicious hacker; system protection; unvisited site; Computer hacking; History; Predictive models; Web pages; bot modeling; interest-driven human browsing (ID#: 16-9614)


S. Sharma, S. P. Rajeev and P. Devearux, “An Immersive Collaborative Virtual Environment of a University Campus for Performing Virtual Campus Evacuation Drills and Tours for Campus Safety,” Collaboration Technologies and Systems (CTS), 2015 International Conference on, Atlanta, GA, 2015, pp. 84-89. doi: 10.1109/CTS.2015.7210404
Abstract: The use of a collaborative virtual reality environment for training and virtual tours has been increasingly recognized an as alternative to traditional real life tours for university campuses. Our proposed application shows an immersive collaborative virtual reality environment for performing virtual online campus tours and evacuation drills using Oculus Rift head mounted displays. The immersive collaborative virtual reality environment also offers a unique way for training in emergencies for campus safety. The participant can enter the collaborative virtual reality environment setup on the cloud and participate in the evacuation drill or a tour which leads to considerable cost advantages over large scale real life exercises. This paper presents an experimental design approach to gather data on human behavior and emergency response in a university campus environment among a set of players in an immersive virtual reality environment. We present three ways for controlling crowd behavior: by defining rules for computer simulated agents, by providing controls to the users to navigate in the VR environment as autonomous agents, and by providing controls to the users with a keyboard/ joystick along with an immersive VR head set in real time. Our contribution lies in our approach to combine these three methods of behavior in order to perform virtual evacuation drills and virtual tours in a multi-user virtual reality environment for a university campus. Results from this study can be used to measure the effectiveness of current safety, security, and evacuation procedure for campus safety.
Keywords: educational institutions; groupware; helmet mounted displays; multi-agent systems; safety; virtual reality; Oculus Rift head mounted displays; VR environment; autonomous agents; campus safety; computer simulated agents; crowd behavior control; emergency response; experimental design approach; human behavior; immersive VR head set; immersive collaborative virtual reality environment; multiuser virtual reality environment; university campus; virtual campus evacuation drills; virtual campus evacuation tours; virtual online campus tours; Buildings; Computational modeling; Computers; Servers; Solid modeling; Three-dimensional displays; Virtual reality; behavior simulation; collaborative virtual environment; evacuation (ID#: 16-9615)


M. C. Giuroiu and T. Marita, “Gesture Recognition Toolkit Using a Kinect Sensor,” Intelligent Computer Communication and Processing (ICCP), 2015 IEEE International Conference on, Cluj-Napoca, 2015, pp. 317-324. doi: 10.1109/ICCP.2015.7312678
Abstract: Computational modeling of human behavior has become a very important field of computer vision. Gesture recognition allows people to interact with machines in a natural way without the use of dedicated I/O devices. This paper presents a simple system that can recognize dynamic and static gestures using the depth map and the higher level output (skeleton and facial features) provided by a Kinect sensor. Two approaches are chosen for the recognition task: the Dynamic Time Warping Algorithm is used to recognize dynamic gestures, while a Bayesian classifier is used for the static gestures/postures. In contrast with some specialized methods presented in the literature, the current approach is very generic and can be used with minimal modification for recognizing a large variety of gestures. As a result, it can be deployed in a multitude of fields from security (monitoring rooms and sending alarm signals), medicine (helping people with physical disabilities) to education and so on. The tests results show that the system is accurate, easy to use and highly customizable.
Keywords: Bayes methods; computer vision; gesture recognition; human computer interaction image classification; Bayesian classifier; Kinect sensor;  dynamic time warping algorithm; gesture recognition toolkit; human behavior; human computer interaction; Face; Gesture recognition; Heuristic algorithms; Joints; Thumb; Yttrium; Kinect; Naïve Bayes classifier; depth map; dynamic time warping; gesture recognition (ID#: 16-9616)


J. S. More and C. Lingam, “Reality Mining Based on Social Network Analysis,” Communication, Information & Computing Technology (ICCICT), 2015 International Conference on, Mumbai, 2015, pp. 1-6.  doi: 10.1109/ICCICT.2015.7045752
Abstract: Data Mining is the extraction of hidden predictive information from large databases. The process of discovering interesting, useful, nontrivial patterns from large spatial datasets is called spatial data mining. When time gets associated it becomes spatio temporal data mining. The study of spatio temporal data mining is of great concern for the study of mobile phone sensed data. Reality Mining is defined as the study of human social behavior based on mobile phone sensed data. It is based on the data collected by sensors in mobile phones, security cameras, RFID readers, etc. All allow for the measurement of human physical and social activity. In this paper Netviz, Gephi and Weka tools have been used to convert and analyze the Facebook. Further, analysis of a reality mining dataset is also presented.
Keywords: data mining; feature extraction; mobile handsets; sensor fusion; social networking (online); spatiotemporal phenomena; Facebook; Gephi tools; Netviz tools; RFID readers; Weka tools; hidden predictive information extraction; human physical activity; human social activity; human social behavior; mobile phone sensed data; reality mining; security cameras; social network analysis; spatiotemporal data mining; Computers; Data mining; Educational institutions;  Mobile handsets; Spatial databases; Data Mining; Reality Mining; Social Network Analysis (ID#: 16-9617)


A. Ross, “The Human Threat,” Intelligent Rail Infrastructure, Birmingham, 2015, pp. 1-26. doi: 10.1049/ic.2015.0056
Abstract: This presentation focuses on the human behaviour of individuals within an organisation as well as the organisational factors that drive security-related outcomes.
Keywords: organisational aspects; security; QinetiQ; human behaviour; human threat; organisational factors; security-related outcomes (ID#: 16-9618)


C. D. Frowd et al., “Facial Stereotypes and Perceived Mental Illness,” 2015 Sixth International Conference on Emerging Security Technologies (EST), Braunschweig, 2015, pp. 62-68. doi: 10.1109/EST.2015.25
Abstract: It is well established that we carry stereotypes that impact on human perception and behaviour (e.g. G.W. Allport, “The nature of prejudice“. Reading, MA: Addison-Wesley, 1954). Here, we investigate the possibility that we hold a stereotype for a face indicating that its owner may have a mental illness. A three-stage face-perception experiment suggested the presence of such a stereotype. Participants first rated 200 synthetic male faces from the EvoFIT facial-composite system for perceived mental illness (PMI). These faces were used to create a computer-based rating scale that was used by a second sample of participants to make a set of faces appear mentally ill. There was evidence to suggest that the faces that participants identified using the PMI scale differed along this dimension (although not entirely as expected). In the final stage of the study, another set of synthetic faces were created by artificially increasing and decreasing levels along the scale. Participants were asked to rate these items for PMI and for six criminal types. It was found that participants assigned higher PMI ratings (cf. veridical) for items with inflated PMI (although there was no reliable difference in ratings between veridical faces and faces with decreased PMI). Implications of the findings are discussed.
Keywords: image representation; medical disorders; psychology; EvoFIT facial-composite system; computer-based rating scale; criminal types; facial stereotypes; human behaviour; human perception; inflated PMI scale; perceived mental illness; synthetic faces; synthetic male faces; three-stage face-perception; veridical faces; Face; Law enforcement; Psychology;  Security; Shape; Sociology; Statistics; stereotype; victimisation; serious crime; EvoFIT (ID#: 16-9619)


X. Yu, T. Pei, K. Gai and L. Guo, “Analysis on Urban Collective Call Behavior to Earthquake,” High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, New York, NY, 2015, pp. 1302-1307. doi: 10.1109/HPCC-CSS-ICESS.2015.71
Abstract: Despite recent advances in uncovering the quantitative features of human activities in routine life, human call behavior in earthquake is still less clear. Taking the data of mobile phone records produced by the users in 3 days in the northwest of China, we systematically analyze the characteristics of mobile phone call patterns to earthquake by using ratio analysis and degree distribution method. We find that as a whole, earthquake brings about the significant growth in the indices of data volume, phone volume, duration, distant call volume and local call volume, etc. And the duration of the calls has a significant increase than that of the number of the calls. From the temporal perspective, we discover that at the first 2 hours that earthquake took place, people tend to make much more local calls rather than distant calls. However, unlike the local call, the big volume of distant calls last a whole day except for 3 hours in the afternoon. More interesting, although there is the biggest data volume and phone volume in the day that earthquake happened, only those who contact less than 10 phone number dominate the biggest data volume and phone volume. This demonstrates the pattern difference between the business calls and the private calls. The in-depth understanding of human behavior in emergency help us understand many complex socio-economic phenomena, and find applications in public opinion monitoring, disease control, transportation system design, calling center services, and information recommendation.
Keywords: earthquakes; mobile handsets; socio-economic effects; calling center services; complex socioeconomic phenomena; degree distribution method; disease control; earthquake; information recommendation; mobile phone characteristics; pattern difference; public opinion monitoring; ratio analysis; transportation system; urban collective call behavior analysis; Cities and towns; Earthquakes; Embedded systems; Indexes; Mobile communication; Mobile handsets; Probability distribution; Emergency; calling behavior; degree distribution; ratio (ID#: 16-9620)


Y. Jung and Y. Yoon, “Behavior Tracking Model in Dynamic Situation Using the Risk Ratio EM,” Information Networking (ICOIN), 2015 International Conference on, Cambodia, 2015, pp. 444-448. doi: 10.1109/ICOIN.2015.7057942
Abstract: Closed Circuit Television (CCTV) system has been popular in daily life such as traffic, airport, street and public place. The common goal of CCTV system is the prevention of crime and disorder by observing objects. In the future, smart CCTV camera combined with mobile phone will be used to protect human from crime and dangerous situations. Intelligent CCTV system in public place will monitor human behavior in real-time and transfer image data to control tower for the security purpose. In this paper, we propose an abnormal behavioral tracking model for prediction of abnormal situation by using Expectation Maximization (EM) algorithm combined with Viterbi algorithm. The tracking model will detect objects from CCTV image in dynamic environment for the prediction of dangerous situation. This tracking system has five main steps. (1) The detection of object and their environment, (2) Feature extraction from objects and situations such as human body posture, weather, and time (3) Location information such as object trajectory and area safety level (4) knowledge update and decision making (5) prediction of abnormal situation and maximized risk rates.
Keywords: behavioural sciences computing; closed circuit television; expectation-maximisation algorithm; feature extraction; object detection; object recognition; object tracking; CCTV system; Viterbi algorithm; abnormal behavioral tracking model; abnormal situation prediction; closed circuit television; decision making; expectation maximization algorithm; knowledge update; location information;  risk rate maximisation; risk ratio EM algorithm; Computational modeling; Decision making; Event detection; Meteorology; Safety; Trajectory; Videos; CCTV; Expectation Maximization (EM); Tracking Abnormal behavior (ID#: 16-9621)


F. H. Khan, M. E. Ali and H. Dev, “A Hierarchical Approach for Identifying User Activity Patterns from Mobile Phone Call Detail Records,” Networking Systems and Security (NSysS), 2015 International Conference on, Dhaka, 2015, pp. 1-6. doi: 10.1109/NSysS.2015.7043535
Abstract: With the increasing use of mobile devices, now it is possible to collect different data about the day-to-day activities of personal life of the user. Call Detail Record (CDR) is the available dataset at large-scale, as they are already constantly collected by the mobile operator mostly for billing purpose. By examining this data it is possible to analyze the activities of the people in urban areas and discover the human behavioral patterns of their daily life. These datasets can be used for many applications that vary from urban and transportation planning to predictive analytics of human behavior. In our research work, we have proposed a hierarchical analytical model where this CDR Dataset is used to find facts on the daily life activities of urban users in multiple layers. In our model, only the raw CDR data are used as the input in the initial layer and the outputs from each consecutive layer is used as new input combined with the original CDR data in the next layers to find more detailed facts, e.g., traffic density in different areas in working days and holidays. So, the output in each layer is dependent on the results of the previous layers. This model utilized the CDR Dataset of one month collected from the Dhaka city, which is one of the most densely populated cities of the world. So, our main focus of this research work is to explore the usability of these types of dataset for innovative applications, such as urban planning, traffic monitoring and prediction, in a fashion more appropriate for densely populated areas of developing countries.
Keywords: mobile handsets; telecommunication network planning; Dhaka city; mobile devices; mobile operator; mobile phone call detail records; traffic monitoring; transportation planning; urban planning; Analytical models; Cities and towns; Data models; Employment Mobile handsets; Poles and towers; Transportation (ID#: 16-9622)


S. M. Ho, J. T. Hancock, C. Booth, X. Liu, S. S. Timmarajus and M. Burmester, “Liar, Liar, IM on Fire: Deceptive Language-Action Cues in Spontaneous Online Communication,” Intelligence and Security Informatics (ISI), 2015 IEEE International Conference on, Baltimore, MD, 2015, pp. 157-159. doi: 10.1109/ISI.2015.7165960
Abstract: With an increasing number of online users, the potential danger of online deception grows accordingly - as does the importance of better understanding human behavior online to mitigate these risks. One critical element to address such online threat is to identify intentional deception in spontaneous online communication. For this study, we designed an interactive online game that creates player scenarios to encourage deception. Data was collected and analyzed in October 2014 to identify certain deceptive cues. Players' interactive dialogue was analyzed using linear regression analysis. The results reveal that certain language features are highly significant predictors of deception in synchronous, spontaneous online communication.
Keywords: Internet; computer games; computer mediated communication; interactive systems; regression analysis; CMC; computer mediated communication; intentional deception identification; interactive online game; language-action cue; linear regression analysis; online communication; Computer mediated communication; Computer science; Detectors; Games; Linear regression; Media; Pragmatics; computer-mediated communication; interpersonal deception theory; language-action features; regression analysis
(ID#: 16-9623)


I. E. van Vuuren, E. Kritzinger and C. Mueller, “Identifying Gaps in IT Retail Information Security Policy Implementation Processes,” 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec), Cape Town, South Africa, 2015, pp. 126-133. doi: 10.1109/InfoSec.2015.7435517
Abstract: With a considerable amount of support in literature, there is no doubt that the human factor is a major weakness in preventing Information Security (IS) breaches. The retail industry is vulnerable to human inflicted breaches due to the fact that hackers rely on their victims' lack of security awareness, knowledge and understanding, security behavior and the organization's inadequate security measures for protecting itself and its clients. The true level of security in technology and processes relies on the people involved in the use and implementation thereof [1]. Therefore, the implementation of IS requires three elements namely: human factors, organizational aspects and technological controls [2]. All three of these elements have the common feature of human intervention and therefore security gaps are inevitable. Each element also functions as both security control and security vulnerability. The paper addresses these elements and identifies the human aspect of each through current and extant literature which spawns new human-security elements. The purpose of this research is to provide evidence that the IT sector of the South African retail industry is vulnerable to the human factor as a result of the disregard for human-security elements. The research points out that the IT sector of the South African retail industry is lacking trust and does not pay adequate attention to security awareness and awareness regarding security accountability. Furthermore, the IT sector of the South African retail industry is lacking: 1) IS policies, 2) process and procedure documentation for creating visibility, and 3) transparency necessary to promote trust. These findings provide support that the identified gaps, either directly or indirectly, relate to trust, and therefore, might be major contributing factors to the vast number of breaches experienced in the South African retail industry. These findings may also provide valuable insight into combatting the human factor of IS w- thin the IT sector, irrespective of industry, which choose to follow an IS model built on the foundation of trust.
Keywords: Collaboration; Companies; Computer hacking; Human factors; Industries; ability; acceptance; accountability; benevolence; collaboration; communication; human factor; integrity; knowledge; management workflows; organizational aspects; policies; procedures; retail industry; security awareness; social engineering; technological controls; training; transparency; trust; trust factors; understanding; visibility (ID#: 16-9624)


D. Lee, C. Liu and J. K. Hedrick, “Interacting Multiple Model-Based Human Motion Prediction for Motion Planning of Companion Robots,” 2015 IEEE International Symposium on Safety, Security, and Rescue Robotics (SSRR), West Lafayette, IN, USA, 2015, pp. 1-7. doi: 10.1109/SSRR.2015.7443013
Abstract: Motion planning of human-companion robots is a challenging problem and its solution has numerous applications. This paper proposes an autonomous motion planning framework for human-companion robots to accompany humans in a socially desirable manner, which takes into account the safety and comfort requirements. An Interacting Multiple Model-Unscented Kalman Filter (IMM-UKF) estimation and prediction approach is developed to estimate human motion states from sensor data and predict human position and speed for a finite horizon. Based on the predicted human states, the robot motion planning is formulated as a model predictive control (MPC) problem. Simulations have demonstrated the superior performance of the IMM-UKF approach and the effectiveness of the MPC planner in facilitating the socially desirable companion behavior.
Keywords: motion estimation; path planning; predictive control; rescue robots; robot vision; IMM-UKF estimation; MPC problem; autonomous motion planning framework; human motion state estimation; human position prediction; human speed prediction; human-companion robots; interacting multiple model-unscented Kalman filter estimation; model predictive control; model-based human motion prediction; predicted human states; prediction approach; robot motion planning; Computational modeling; Hidden Markov models; Mathematical model; Planning; Predictive models; Robot sensing systems (ID#: 16-9625)


A. Brown and M. Abramson, “Twitter Fingerprints as Active Authenticators,” 2015 IEEE International Conference on Data Mining Workshop (ICDMW), Atlantic City, NJ, 2015, pp. 58-63. doi: 10.1109/ICDMW.2015.223
Abstract: Leveraging data drawn from the Web, or rather web analytics, has been used to gain business intelligence, increase sales, and optimize websites. Yet beyond the domain of ecommerce that web analytics is typically associated with, authentication based upon user interactions with the Web is also obtainable. Authentication is able to be achieved because just as individuals display unique mannerisms in everyday life, users interact with technology in unique manners. Leveraging these unique patterns, or “cognitive fingerprints”, for security purposes can be referred to as active authentication. Active authentication stands to add extra security without added burden, as users are allowed the capability to simply interact with technology in their natural manner. Past research on active authentication has looked at areas such as mouse pattern movements, screen tough patterns on smartphones, and web browsing behavior. Our focus here is web browsing behavior. Specifically, we seek to extend past active authentication research done on Reddit. In this research, we examine the ability of Twitter-specific features to serve as authenticators, by examining the behavior of 50 random Twitter users. Through leveraging data mining and machine learning techniques, we conduct three levels of analysis: (1) we survey the ability of Twitter-specific behavioral features from a broad perspective to determine the feasibility Twitter fingerprints as a form of active authentication, (2) we compare aggregated and non-aggregated datasets to determine whether it is better to aggregate user behavior or look at posts individually, and (3) we examine whether certain features are more important for discrimination than others. The first level of analysis suggests that the posting behavior on Twitter follows the power law of human activity and that users can be uniquely identified with a fairly decent level of accuracy. Second, we find that aggregating the data significantly improves F-scores. Lastly, ou- examination suggests that there is not any specific feature that serves as more discriminative than others. Rather, what is discriminative for one user may not be for another user.
Keywords: authorisation; data analysis; data mining; learning (artificial intelligence); social networking (online); F-score; Reddit; Twitter fingerprints; Twitter-specific behavioral features; Web analytics; Web browsing behavior; active authentication; cognitive fingerprints; data mining technique; machine learning technique; user behavior aggregation; user interaction; Conferences; Data mining; web analytics (ID#: 16-9626)


E. Sherif, S. Furnell and N. Clarke, “Awareness, Behaviour and Culture: The ABC in Cultivating Security Compliance,” 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), London, 2015, pp. 90-94. doi: 10.1109/ICITST.2015.7412064
Abstract: A significant volume of security breaches occur as a result of human aspects and it is consequently important for these to be given attention alongside technical aspects. Researchers have argued that security culture stimulates appropriate employees' behavior towards adherence. Therefore, work within organizations should be guided by a culture of security, with the purpose of protecting the organization's assets and affecting individual's behaviors towards better security behavior. Although security aware individuals can play an important role in protecting organizational assets, the way in which individuals behave with security controls that are implemented is crucial in protecting such assets. Should the behavior of individuals not be security compliant, it could have an impact on an organization's productivity and confidentiality of data. In this paper, key literature relating to security culture in the period of 1999-2014 is reviewed. The objective is to examine the role of security awareness, behavior, and how they can play an important role in changing the existing culture to a security culture. Some relevant security culture tools have been introduced. An overall framework to understand how security awareness and behavior can play an important role in changing an existing culture to a security culture has been developed.
Keywords: cultural aspects; security of data; ABC; confidentiality; organization productivity; organizational assets; security aware individuals; security awareness; security breaches; security compliance; security compliant; security controls; security culture tools; Computers; Current measurement; Education; Information security; Internet; Organizations; Security awareness; organisational culture; security behaviour; security culture (ID#: 16-9627)


Pratibha and M. Ashraf, “Dominant Behavior Identification of Load Data,” Computing, Communication & Automation (ICCCA), 2015 International Conference on, Noida, 2015, pp. 142-145. doi: 10.1109/CCAA.2015.7148361
Abstract: Web applications are meant to be viewed by human user. Quality of web application is our primary concern. An application is said to be a quality application when the users do not face any problem while using it. For this purpose performance testing is needed. For getting knowledge about the performance issues (such as response time), performance testing is performed. Performance testing basically shows the behavior of the application towards the load on it. Load testing is a kind of performance testing which is performed for knowing about the application response towards the load. It is very important to find out load testing problems to make sure that load testing results are correct. This paper presents a method which mines the log execution of the web application to show the dominant behavior of the load. Dominant behavior is the expected behavior of the load on the application. This method will show the dominant behavior on the basis of IP address. On the basis of IP address one can easily find out the location of the user which increases the security parameter of the application.
Keywords: Internet; program testing; IP address; Web applications; load data; load testing problems; performance testing; Automation; Conferences; IP networks; Load modeling; Software; Stress; Testing; dominant behavior; logs (ID#: 16-9628)


B. Ryu, N. Ranasinghe, W. M. Shen, K. Turck and M. Muccio, “BioAIM: Bio-inspired Autonomous Infrastructure Monitoring,” Military Communications Conference, MILCOM 2015 - 2015 IEEE, Tampa, FL, 2015, pp. 780-785. doi: 10.1109/MILCOM.2015.7357539
Abstract: The Bio-inspired Autonomous Infrastructure Monitoring (BioAIM) system detects anomalous behavior during the deployment and maintenance of a wireless communication network formed autonomously by unmanned airborne nodes. A node may experience anomalous or unexpected behavior in the presence of hardware/software faults/failures, or external influence (e.g. natural weather phenomena, enemy threats). This system autonomously detects, reasons with (e.g. differentiates an anomaly from natural interference), and alerts a human operator of anomalies at runtime via a communication network formed by the Bio-inspired Artificial Intelligence Reconfiguration (BioAIR) system. In particular, BioAIM learns and builds a prediction model which describes how data from relevant sensors should change when a behavior executes under normal circumstances. Surprises occur when there are discrepancies between what is predicted and what is observed. BioAIM identifies a dynamic set of states from the prediction model and learns a structured model similar to a Markov Chain in order to quantify the magnitude of a surprise or divergence from the norm using a special similarity metric. While in operation BioAIM monitors the sensor data by testing the applicable models for each valid behavior at regular time intervals, and informs the operator when a similarity metric deviates from the acceptable threshold.
Keywords: Markov processes; autonomous aerial vehicles; fault diagnosis; radio networks; BioAIM; Markov Chain; anomalous behavior; bio-inspired artificial intelligence reconfiguration system; bio-inspired autonomous infrastructure monitoring; natural interference; natural weather phenomena; unmanned airborne nodes; wireless communication network; Biological system modeling; Biosensors; Maintenance engineering; Measurement; Monitoring; Predictive models; Adaptive systems; Cognition; Command and control systems; Communication networks; Cyber Security; Fault detection; Fault tolerant systems; Intelligent control; Unmanned Aerial Vehicles (ID#: 16-9629)


G. Maus, “Decoding, Hacking, and Optimizing Societies: Exploring Potential Applications of Human Data Analytics in Sociological Engineering, Both Internally and as Offensive Weapons,” Science and Information Conference (SAI), 2015, London, 2015, pp. 538-547. doi: 10.1109/SAI.2015.7237195
Abstract: Today's unprecedented wealth of data on human activities, augmented by proven reliable methods of algorithmically extrapolating personal information from limited data, and the means to store and analyze it opens up new vistas for in-depth understanding of individuals, as well as the potential generation of predictive models for the dynamics of human functions on individual, group, and societal scales. This has already proven to have applications in successfully forecasting behavior, techniques which are only likely to improve. To the extent that the science can move beyond a correlative understanding of the data to a causal understanding of the factors affecting behavior, it will allow new means for (perhaps covertly and deniably) influencing behavior, possibly through long causal chains that could conceal the influence of the manipulator. This offers an immense variety of applications, but this paper will particularly consider them as tools in governmental control over their citizens and as a new form of weaponry.
Keywords: Big Data; computer crime; data analysis; social sciences computing;  forecasting behavior; governmental control; human data analytics; human function dynamics; offensive weapons; personal information extrapolation; predictive models; society decoding; society hacking; society optimization; sociological engineering; Accuracy; Facebook; Forecasting; Government; Media; Prediction algorithms; Predictive models; big data; cognitive security; computational sociology; machine learning; privacy; sentiment analysis; surveillance (ID#: 16-9630)


J. J. Mulcahy and S. Huang, “An Autonomic Approach to Extend the Business Value of a Legacy Order Fulfillment System,” Systems Conference (SysCon), 2015 9th Annual IEEE International, Vancouver, BC, 2015, pp. 595-600. doi: 10.1109/SYSCON.2015.7116816
Abstract: In the modern retailing industry, many enterprise resource planning (ERP) systems are considered legacy software systems that have become too expensive to replace and too costly to re-engineer. Countering the need to maintain and extend the business value of these systems is the need to do so in the simplest, cheapest, and least risky manner available. There are a number of approaches used by software engineers to mitigate the negative impact of evolving a legacy systems, including leveraging service-oriented architecture to automate manual tasks previously performed by humans. A relatively recent approach in software engineering focuses upon implementing self-managing attributes, or “autonomic” behavior in software applications and systems of applications in order to reduce or eliminate the need for human monitoring and intervention. Entire systems can be autonomic or they can be hybrid systems that implement one or more autonomic components to communicate with external systems. In this paper, we describe a commercial development project in which a legacy multi-channel commerce enterprise resource planning system was extended with service-oriented architecture an autonomic control loop design to communicate with an external third-party security screening provider. The goal was to reduce the cost of the human labor necessary to screen an ever-increasing volume of orders and to reduce the potential for human error in the screening process. The solution automated what was previously an inefficient, incomplete, and potentially error-prone manual process by inserting a new autonomic software component into the existing order fulfillment workflow.
Keywords: enterprise resource planning; service-oriented architecture; software maintenance; ERP systems; autonomic approach; autonomic behavior; autonomic control loop design; autonomic software component; business value; error-prone manual process; human error; human monitoring; hybrid systems; legacy multichannel commerce enterprise resource planning system; legacy order fulfillment system; legacy software systems; order fulfillment workflow; retailing industry; software applications; software engineering; third party security screening provider; Business; Complexity theory; Databases; Manuals; Monitoring; Software systems; autonomic computing; self-adaptive systems; self-managing systems; software evolution; systems interoperability; systems of systems
(ID#: 16-9631)


J. Morris-King and H. Cam, “Ecology-Inspired Cyber Risk Model for Propagation of Vulnerability Exploitation in Tactical Edge,” Military Communications Conference, MILCOM 2015 - 2015 IEEE, Tampa, FL, 2015, pp. 336-341. doi: 10.1109/MILCOM.2015.7357465
Abstract: A multitude of cyber vulnerabilities on the tactical edge arise from the mix of network infrastructure, physical hardware and software, and individual user-behavior. Because of the inherent complexity of socio-technical systems, most models of tactical cyber assurance omit the non-physical influence propagation between mobile systems and users. This omission leads to a question: how can the flow of influence across a network act as a proxy for assessing the propagation of risk? Our contribution toward solving this problem is to introduce a dynamic, adaptive ecosystem-inspired model of vulnerability exploitation and risk flow over a tactical network. This model is based on ecological characteristics of the tactical edge, where the heterogeneous characteristics and behaviors of human-machine systems enhance or degrade mission risk in the tactical environment. Our approach provides an in-depth analysis of vulnerability exploitation propagation and risk flow using a multi-agent epidemic model which incorporates user-behavior and mobility as components of the system. This user-behavior component is expressed as a time-varying parameter driving a multi-agent system. We validate this model by conducting a synthetic battlefield simulation, where performance results depend mainly on the level of functionality of the assets and services. The composite risk score is shown to be proportional to infection rates from the Standard Epidemic Model.
Keywords: human factors; military communication; mobile ad hoc networks; multi-agent systems; telecommunication computing; telecommunication network reliability; time-varying systems; dynamic adaptive ecosystem-inspired model; ecology-inspired cyber risk model; human-machine systems; mobile systems; mobile users; multiagent epidemic model; nonphysical influence propagation; risk flow; risk propagation; socio-technical system complexity; synthetic battlefield simulation; tactical cyber assurance; tactical edge; tactical network; time-varying parameter; user-behavior; vulnerability exploitation propagation; Biological system modeling; Computational modeling; Computer security; Ecosystems; Risk management; Timing; Unified modeling language; Agent-based simulation; Ecological modeling; Epidemic system; Risk propagation; Tactical edge network (ID#: 16-9632)


P. Aruna and R. Kanchana, “Face Image CAPTCHA Generation Using Particle Swarm Optimization Approach,” Engineering and Technology (ICETECH), 2015 IEEE International Conference on, Coimbatore, 2015, pp. 1-5. doi: 10.1109/ICETECH.2015.7275016
Abstract: CAPTCHA is a software programming which is introduced to differentiate the human from the robots. CATCHA intends to generate a code which can only be identified by the human and machines cannot. In the real world, due to the massive increase in the usage of smart phones, tablets and other devices with the touch screen functionality poses a many online security threats. The traditional CAPTCHA requires a help of keyboard input and does dependant of language which will not be efficient in the smart phone devices. The face CAPTCHA is the one which intends to generate a CAPTCHA by using a combination of facial images and the fake images. It is based on generating a CAPTCHA with noised real face images and the fake images which cannot be identified by the machines but humans do. In the existing work, genetic algorithm is used to select the optimized face images by using which the better optimized fpso CAPTCHA can be created. However this work lacks from the local convergence problem where it can only select the best images within the local region. To overcome this problem in this work, the particle swarm optimization method is propose which can generate the globalize solution. Particle Swarm Optimization (PSO) is a popular and bionic algorithm based on the social behavior associated with bird flocking for optimization problems. The experimental tests that were conducted were proved that the proposed methodology improves in accuracy and generates an optimized solution than the existing methodologies.
Keywords: face recognition; genetic algorithms; particle swarm optimisation; security of data; PSO; bionic algorithm; face image captcha generation; fake images; genetic algorithm; local convergence problem; particle swarm optimization approach; social behavior; Authentication; CAPTCHAs; Distortion; Face; Feature extraction; Particle swarm optimization; CAPTCHA; Distorted Image; Face Images; Particle Swarm Optimization (ID#: 16-9633)


Y. Zhou and D. Evans, “Understanding and Monitoring Embedded Web Scripts,” Security and Privacy (SP), 2015 IEEE Symposium on, San Jose, CA, 2015, pp. 850-865. doi: 10.1109/SP.2015.57
Abstract: Modern web applications make frequent use of third-party scripts, often in ways that allow scripts loaded from external servers to make unrestricted changes to the embedding page and access critical resources including private user information. This paper introduces tools to assist site administrators in understanding, monitoring, and restricting the behavior of third-party scripts embedded in their site. We developed Script Inspector, a modified browser that can intercept, record, and check third-party script accesses to critical resources against security policies, along with a Visualizer tool that allows users to conveniently view recorded script behaviors and candidate policies and a Policy Generator tool that aids script providers and site administrators in writing policies. Site administrators can manually refine these policies with minimal effort to produce policies that effectively and robustly limit the behavior of embedded scripts. Policy Generator is able to generate effective policies for all scripts embedded on 72 out of the 100 test sites with minor human assistance. In this paper, we present the designs of our tools, report on what we've learned about script behaviors using them, evaluate the value of our approach for website administrator.
Keywords: Internet; data privacy; online front-ends; security of data; Policy Generator; Script Inspector; Visualizer tool; Web application; Web browser; Web script; critical resource access; private user information; security policy; third-party script; Advertising; Browsers; Monitoring; Privacy; Robustness; Security; Visualization; Anomaly Detection; Security and Privacy Policy; Web security and Privacy (ID#: 16-9634)


Y. Sterchi and A. Schwaninger, “A First Simulation on Optimizing EDS for Cabin Baggage Screening Regarding Throughput,” Security Technology (ICCST), 2015 International Carnahan Conference on, Taipei, 2015, pp. 55-60. doi: 10.1109/CCST.2015.7389657
Abstract: Airport security screening is vital for secure air transportation. Screening of cabin baggage heavily relies on human operators reviewing X-ray images. Explosive detection systems (EDS) developed for cabin baggage screening can be a very valuable addition security-wise. Depending on the EDS machine and settings, false alarm rates increase, which could reduce throughput. A discrete event simulation was used to investigate how different machine settings of EDS, different groups of X-ray screeners, and different durations of alarm resolution with explosives trace detection (ETD) influence throughput of a specific cabin baggage screening process. For the modelling of screening behavior in the context of EDS and for the estimation of model parameters, data was borrowed from a human-machine interaction experiment and a work analysis. In a second step, certain adaptations were tested for their potential to reduce the impact of EDS on throughput. The results imply that moderate increases in the false alarm rate by EDS can be buffered by employing more experienced and trained X-ray screeners. Larger increases of the false alarm rate require a fast alarm resolution and additional resources for the manual search task.
Keywords: X-ray imaging; airports; discrete event simulation; explosive detection; national security; parameter estimation; EDS optimization; ETD; X-ray images; X-ray screeners; airport security screening; alarm resolution durations; cabin baggage screening process; explosive detection systems; explosives trace detection; false alarm rates; human-machine interaction; model parameter estimation; secure air transportation; work analysis; Explosives; Image resolution; Manuals; Security; Throughput; Training; aviation security; explosive detection systems (EDS); human factors; throughput (ID#: 16-9635)


E. Kowalczyk and A. Memon, “Extending Manual GUI Testing Beyond Defects by Building Mental Models of Software Behavior,” 2015 30th IEEE/ACM International Conference on Automated Software Engineering Workshop (ASEW), Lincoln, NE, 2015, pp. 35-41. doi: 10.1109/ASEW.2015.17
Abstract: Manual GUI testing involves providing inputs to the software via its GUI and determining the software's correctness using its outputs, one of them being the GUI itself. Because of its human-in-the-loop nature, GUI testing is known to be a time-consuming activity. In practice, it is done by junior, inexpensive testers to keep costs low at the very tail-end of the software development process. In this paper, we posit that the importance of GUI testing has suffered due to its traditional narrow role -- to detect residual software defects. Because of its human-in-the-loop nature, GUI testing has the potential to provide outputs other than defects and to be used as inputs to several downstream activities, e.g., security analysis. One such output is the mental model that the GUI tester creates during testing, a model that implicitly informs the tester of the software designer's intent. To evaluate our claim, we consider an important question used for security assessment of Android apps: “What permission-sensitive behaviors does this app exhibit?” Our assessment is based on the comparison of 2 mental models of 12 Android apps -- one derived from the app's usage and the other from its public description. We compare these two models with a third, automatically derived model -- the permissions the app seeks from the Android OS. Our results show that the usage-based model provides unique insights into app behavior. This model may be an important outcome of GUI testing, and its consistency with other behavioral information about the app could later be used in software quality assurance activities such as security assessment.
Keywords: Android (operating system); graphical user interfaces; program testing; software quality; Android apps; manual GUI testing; mental models; security assessment; software behavior; software defects; software development process; software quality assurance activities; Androids; Cognitive science; Graphical user interfaces; Humanoid robots; Security; Software; Testing (ID#: 16-9636)


H. Abdul Majid, M. Abdul Majid, M. I. Ibrahim, W. N. S. Wan Manan and M. R. Ramli, “Investigation of Security Awareness on E-Learning System Among Lecturers and Students in Higher Education Institution,” Computer, Communications, and Control Technology (I4CT), 2015 International Conference on, Kuching, 2015, pp. 216-220. doi: 10.1109/I4CT.2015.7219569
Abstract: The advancement of computer and Internet technologies have brought teaching and learning activities to a new dimension. Learners were virtually moved out from their classrooms to a new learning environment where learning contents and materials were delivered electronically. This new environment, which is called e-learning environment uses the web and other Internet technologies to enhance teaching and learning experience. The success and failure of any e-learning system fall on how secure the system is. Security of an e-learning system is very important so that the information contained in the system is not compromised. However no matter how secure an e-learning system is the security threats always fall on human factor. Human is identified as the weakest link in information security and lack of security awareness such as password sharing will compromise the security of e-learning system. This paper studies the awareness level in information security among e-learning users, particularly students at Higher Education Institution. The study focuses on evaluating awareness level, perception and behavior of e-learning users from International Islamic University Malaysia. Results of this study helps the university authority in preparing effective and specific awareness program in e-learning security for their students.
Keywords: Internet; computer aided instruction; further education; security of data; International Islamic University Malaysia; Internet technologies; e-learning system; higher education; information security; lecturers; security awareness; students; Computers; Electronic learning; Electronic mail; Information security;  awareness; behaviors; e-learning; security; students; threats (ID#: 16-9637)


T. Aoyama, H. Naruoka, I. Koshijima, W. Machii and K. Seki, “Studying Resilient Cyber Incident Management from Large-Scale Cyber Security Training,” Control Conference (ASCC), 2015 10th Asian, Kota Kinabalu, 2015, pp. 1-4. doi: 10.1109/ASCC.2015.7244713
Abstract: The study on human contribution to cyber resilience is unexplored terrain in the field of critical infrastructure security. So far cyber resilience has been discussed as an extension of the IT security research. The current discussion is focusing on technical measures and policy preparation to mitigate cyber security risks. In this human-factor based study, the methodology to achieve high resiliency of the organization by better management is discussed. A field observation was conducted in the large-scale cyber security hands-on training at ENCS (European Network for Cyber Security, The Hague, NL) to determine management challenges that could occur in a real-world cyber incident. In this paper, the possibility to extend resilience-engineering framework to assess organization's behavior in cyber crisis management is discussed.
Keywords: human factors; risk management; security of data; ENCS; European Network for Cyber Security; NL; The Hague; cyber crisis management; cyber incident management; cyber resilience; cyber security risk management; human-factor; large-scale cyber security hands-on training; resilience-engineering framework; Computer security; Games; Monitoring; Organizations; Resilience; Training; critical infrastructure; cyber security; management; resilience engineering (ID#: 16-9638)


C. Tiwari, M. Hanmandlu and S. Vasikarla, “Suspicious Face Detection Based on Eye and other Facial Features Movement Monitoring,” 2015 IEEE Applied Imagery Pattern Recognition Workshop (AIPR), Washington, DC, USA, 2015, pp. 1-8. doi: 10.1109/AIPR.2015.7444523
Abstract: Visual surveillance and security applications were never more important than now more so due to the overwhelming ever-growing threat of terrorism. Till date the large scale video surveillance systems mostly work as a passive system in which the videos are simply stored without being monitored. Such system will be useful for post event investigation. In order to make a system that is capable of real-time monitoring, we need to develop algorithms which can analyze and understand the scene that is being monitored. Generally, humans express their intention explicitly through facial expressions, speech, eye movement, and hand gesture. According to cognitive visiomotor theory, the human eye movements are rich source of information about the human intention and behavior. If we monitor the eye movement of a person, we will be able to describe him as an abnormal suspicious person or a normal person. We track his/her Eyes and based upon the eye movement in successive frames of the input videos using the Non-linear Entropy of eyes. Results of our experiments show that Non-linear Entropy of Eyes of an abnormal person is much higher than the eye's entropy of any normal person.
Keywords: feature extraction; object detection; video signal processing; video surveillance; cognitive visiomotor theory; eye feature; facial feature; features movement monitoring; human eye movement; nonlinear entropy; scene analysis; scene understanding; security applications; suspicious face detection; visual surveillance application; Face; Feature extraction; Iris recognition; Monitoring; Nose; Tracking; Visualization (ID#: 16-9639)


S. C. Wriessnegger, D. Hackhofer and G. R. Müller-Putz, “Classification of Unconscious Like/Dislike Decisions: First Results Towards a Novel Application for BCI Technology,” Engineering in Medicine and Biology Society (EMBC), 2015 37th Annual International Conference of the IEEE, Milan, 2015, pp. 2331-2334. doi: 10.1109/EMBC.2015.7318860
Abstract: More and more applications for BCI technology emerge that are not restricted to communication or control, like gaming, rehabilitation, Neuro-IS research, neuro-economics or security. In this context a so called passive BCI, a system that derives its outputs from arbitrary brain activity for enriching a human-machine interaction with implicit information on the actual user state will be used. Concretely EEG-based BCI technology enables the use of signals related to attention, intentions and mental state, without relying on indirect measures based on overt behavior or other physiological signals which is an important point e.g. in Neuromarketing research. The scope of this pilot EEG-study was to detect like/dislike decisions on car stimuli just by means of ERP analysis. Concretely to define user preferences concerning different car designs by implementing an offline BCI based on shrinkage LDA classification. Although classification failed in the majority of participants the elicited early (sub) conscious ERP components reflect user preferences for cars. In a broader sense this study should pave the way towards a “product design BCI” suitable for neuromarketing research.
Keywords: bioelectric potentials; brain-computer interfaces; electroencephalography; human computer interaction; neurophysiology; signal classification; EEG-based BCI technology; ERP analysis; arbitrary brain activity; brain-computer interface; car stimuli; human-machine interaction; linear discriminant analysis; mental state; neuromarketing research; offline BCI; passive BCI; shrinkage LDA classification; unconscious like-dislike decision classification; Automobiles; Brain; Brain-computer interfaces; Electrodes; Electroencephalography; Neuroscience; Physiology (ID#: 16-9640)


Y. Liu, M. Ficocelli and G. Nejat, “A Supervisory Control Method for Multi-Robot Task Allocation in Urban Search and Rescue,” 2015 IEEE International Symposium on Safety, Security, and Rescue Robotics (SSRR), West Lafayette, IN, USA, 2015, pp. 1-6.
doi: 10.1109/SSRR.2015.7443000
Abstract: This paper presents the development of a unique supervisory control architecture for effective task allocation of a heterogeneous multi-robot team in urban search and rescue (USAR) applications. In the proposed approach, the USAR tasks of exploring large unknown cluttered environments and searching for victims are allocated to different robots in the heterogeneous team based on their capabilities. A single human operator is only needed to supervise the team and share tasks with the robots in order to maximize the use of trained operators. Furthermore, the proposed supervisory controller determines the team behavior when faced with robot failures during task execution. Extensive simulated experiments were conducted in USAR-like environments to investigate the performance of the proposed supervisory control method. The results demonstrated that the proposed approach is effective for multi-robot control in USAR applications, and is robust to varying scene scenarios and increasing team size.
Keywords: multi-robot systems; rescue robots; USAR applications; heterogeneous multirobot team; heterogeneous team; multirobot control; multirobot task allocation; supervisory control architecture; supervisory control method; supervisory controller; task execution; team behavior; urban search and rescue applications; Automata; Mathematical model; Resource management; Robot kinematics; Robot sensing systems; Supervisory control (ID#: 16-9641)


G. He, C. Tan, D. Yu and X. Wu, “A Real-Time Network Traffic Anomaly Detection System Based on Storm,” Intelligent Human-Machine Systems and Cybernetics (IHMSC), 2015 7th International Conference on, Hangzhou, 2015, pp. 153-156. doi: 10.1109/IHMSC.2015.152
Abstract: In recent years, with more and more people shopping, chatting and video online, the Internet is playing a more and more important role in human's daily life. Since the Internet is so close to our lives, it contains so much personal information that will cause a lot of troubles or even losses when divulged. So it's necessary and urgent to find a efficient way to detect the abnormal network behavior. In this paper, we present a new detection method based on compound session. In contrast to previous methods, our approach is based on the cloud computing platform and the cluster system, using Hadoop Distributed File System (HDFS) to analysis and using Twitter Storm to make real-time network anomaly detection come true.
Keywords: IP networks; cloud computing; computer network security; distributed databases; social networking (online); HDFS; Hadoop distributed file system; Twitter Storm; abnormal network behavior detection; cloud computing platform; cluster system; compound session; personal information; real-time network traffic anomaly detection system; Downlink; Fasteners; Monitoring; Real-time systems; Storms; Telecommunication traffic; Uplink; Compound Session; Hadoop platform;  enterprise user's behavior; host analytics
(ID#: 16-9642)


N. Kuntze, C. Rudolph, G. B. Brisbois, M. Boggess, B. Endicott-Popovsky and S. Leivesley, “Security vs. Safety: Why Do People Die Despite Good Safety?,” Integrated Communication, Navigation, and Surveillance Conference (ICNS), 2015, Herdon, VA, 2015, pp. A4-1-A4-10. doi: 10.1109/ICNSURV.2015.7121213
Abstract: This paper will show in detail the differences between safety and security. An argument is made for new system design requirements based on a threat sustainable system (TSS) drawing on threat scanning, flexibility, command and control, system of systems, human factors and population dependencies. Principles of sustainability used in historical design processes are considered alongside the complex changes of technology and emerging threat actors. The paper recognises that technologies and development methods for safety do not work for security. Safety has the notion of a one or two event protection, but cyber-attacks are multi-event situations. The paper recognizes that the behaviour of interconnected systems and modern systems requirements for national sustainability. System security principles for sustainability of critical systems are considered in relation to failure, security architecture, quality of service, authentication and trust and communication of failure to operators. Design principles for operators are discussed along with recognition of human factors failures. These principles are then applied as the basis for recommended changes in systems design and discuss system control dominating the hierarchy of design decisions but with harmonization of safety requirements up to the level of sustaining security. These new approaches are discussed as the basis for future research on adaptive flexible systems that can sustain attacks and the uncertainty of fast-changing technology.
Keywords: national security; protection; safety systems; security of data; sustainable development; authentication; cyber attacks; failure; national sustainability; protection; safety; system security principles; threat scanning; threat sustainable system; trust; Buildings; Control systems; Safety; Software; Terrorism; Transportation (ID#: 16-9643)


A. A. Khalifa, M. A. Hassan, T. A. Khalid and H. Hamdoun, “Comparison Between Mixed Binary Classification and Voting Technique for Active User Authentication Using Mouse Dynamics,” Computing, Control, Networking, Electronics and Embedded Systems Engineering (ICCNEEE), 2015 International Conference on, Khartoum, 2015, pp. 281-286. doi: 10.1109/ICCNEEE.2015.7381378
Abstract: The rapid proliferation of computing processing power has facilitated a rise in the adoption of computers in various aspects of human lives. From education to shopping and other everyday activities to critical applications in finance, banking and, recently, degree awarding online education. Several approaches for user authentication based on Behavioral Biometrics (BB) were suggested in order to identify unique signature/footprint for improved matching accuracy for genuine users and flagging for abnormal behaviors from intruders. In this paper we present a comparison between two classification algorithms for identifying users' behavior using mouse dynamics. The algorithms are based on support vector machines (SVM) classifier allowing for direct comparison between different authentication-based metrics. The voting technique shows low False Acceptance Rate(FAR) and noticeably small learning time; making it more suitable for incorporation within different authentication applications.
Keywords: behavioural sciences computing; government data processing; learning (artificial intelligence); mouse controllers (computers); pattern classification; security of data; support vector machines; FAR; SVM; active user authentication; behavioral biometrics; false acceptance rate; learning time; mixed binary classification; mouse dynamics; support vector machine; voting technique; Artificial neural networks; Biometrics (access control); active authentication; machine learning; mouse dynamics; pattern recognition; support vector machines (ID#: 16-9644)


M. Mehra and D. Pandey, “Event Triggered Malware: A New Challenge to Sandboxing,” 2015 Annual IEEE India Conference (INDICON), New Delhi, India, 2015, pp. 1-6. doi: 10.1109/INDICON.2015.7443327
Abstract: Over the years cyber attacks have turned more sophisticated, directed and lethal. In the recent times attackers have found new means to bypass advanced and sophisticated methods like sandboxing. Sandboxes emulate and analyze behavior and network in an isolated environment. Forensic investigations are performed by combining static analysis with sandbox analysis. The limitation with sandboxing is simulating Human Computer Interaction (HCI) and this is best used by malware writers for advanced threat models. Malware analysis using sandboxing is no longer considered a robust technique. This paper aims to evaluate the effectiveness of sandboxing and evasion techniques used by malwares to evade them. For this analysis we have used Trojan Upclicker which uses HCI for its injection and execution. Malware analysis was performed on sandboxes like Malwr, Anubis and a commercial sandbox based on the parameters like files created or modified, registry changes, running processes, memory mapping, network connections to outside domains, signatures and operating system changes. While Anubis failed to find any irregularity in the malware sample, Malwr was able to diagnose it as a malware. The commercial off the shelf sandbox gave comprehensive detailed results. Through this we conclude that though sandboxing is a better and less complex way of analyzing samples, it still does not assure a pinnacle spot in malware analysis. Nefarious individuals are cognizant of this shortcoming of sandboxes and are smartly developing more evading malwares. Efforts need to be put to make these sandboxes simulate HCI events more efficiently.
Keywords: human computer interaction; invasive software; Anubis; HCI; Malwr; Trojan Upclicker; cyber attacks; event triggered malware; forensic investigations; human computer interaction; malware analysis; sandbox analysis; sandboxing method; static analysis; Browsers; Malware; Monitoring; Operating systems; Organizations; Security; Virtual machining; anubis; cuckoo; dynamic analysis;  malwr; sandbox (ID#: 16-9645)


Z. Qu, T. Lu, X. Liu, Q. Wu and M. Wang, “A New Method for Human Action Recognition: Discrete HMM with Improved LBG Algorithm,” 2015 IEEE 9th International Conference on Anti-counterfeiting, Security, and Identification (ASID), Xiamen, 2015,
pp. 109-113. doi: 10.1109/ICASID.2015.7405672
Abstract: Hidden Markov Model (HMM) algorithm and Vector Quantization (VQ) algorithm are widely used in the field of speech recognition. The innovation of this paper will be the introduction of the above two algorithms into human action recognition and making them as a solution to recognize action of the continuous multi frames video. Simulated Annealing algorithm and the empty cavity processing algorithm improve vector quantization algorithm and obtain the global optimal codebook. The recognition result of the new algorithm is much better than the original algorithm and traditional algorithms. The new method realizes the identification of abnormal behavior.
Keywords: gesture recognition; hidden Markov models; simulated annealing; vector quantisation; video coding; HMM algorithm; LBG algorithm; VQ algorithm; discrete HMM; empty cavity processing algorithm; global optimal codebook; hidden Markov model algorithm; human action recognition; multiframes video; simulated annealing algorithm; speech recognition; vector quantization algorithm; HMM; LBG; action recognition; codebook; empty cavity split; simulated annealing; vector quantitation (ID#: 16-9646)


A. M. Kuruvilla and S. Varghese, “A Detection System to Counter Identity Deception in Social Media Applications,” Circuit, Power and Computing Technologies (ICCPCT), 2015 International Conference on, Nagercoil, 2015, pp. 1-5. doi: 10.1109/ICCPCT.2015.7159321
Abstract: Considering the current landscape of the internet where there is a plethora of social networking sites and collaborative websites like Wikipedia concern about malicious users keeping multiple accounts is of prime importance. Most of the collaborative sites allow users to easily create an account and start accessing the content. Social media services such as collaborative project's single user constantly creates many accounts with different account names not long after a block has been applied. The blocked person who creates multiple accounts is called sockpuppet. Current mechanism for detecting deception are based on human deception detection (e.g., speech or text). Although these method have high detection accuracy, but it cannot be applied in databases with large volumes of data. So they are computationally inefficient. There is an efficient method for detecting identity deception by using both Nonverbal (e.g., user activity or Movement) and Verbal Behavior (facial expression, text) in the social media environment. These methods increase high detection accuracy. Post examination and close monitoring on these methods which finds out that it can be applied to any social media environment.
Keywords: groupware; social networking (online); Internet; Wikipedia; collaborative Web sites; collaborative project; collaborative sites; human deception detection; identity deception detection; nonverbal behavior; post examination; social media applications; social media services; social networking sites; sockpuppet; Accuracy; Collaboration; Electronic publishing; Encyclopedias;  Media; Deception; accuracy; nonverbal and verbal behavior; security (ID#: 16-9647)


H. Y. Shahir, U. Glasser, A. Y. Shahir and H. Wehn, “Maritime Situation Analysis Framework: Vessel Interaction Classification and Anomaly Detection,” Big Data (Big Data), 2015 IEEE International Conference on, Santa Clara, CA, 2015, pp. 1279-1289. doi: 10.1109/BigData.2015.7363883
Abstract: Maritime domain awareness is critical for protecting sea lanes, ports, harbors, offshore structures like oil and gas rigs and other types of critical infrastructure against common threats and illegal activities. Typical examples range from smuggling of drugs and weapons, human trafficking and piracy all the way to terror attacks. Limited surveillance resources constrain maritime domain awareness and compromise full security coverage at all times. This situation calls for innovative intelligent systems for interactive situation analysis to assist marine authorities and security personal in their routine surveillance operations. In this article, we propose a novel situation analysis approach to analyze marine traffic data and differentiate various scenarios of vessel engagement for the purpose of detecting anomalies of interest for marine vessels that operate over some period of time in relative proximity to each other. We consider such scenarios as probabilistic processes and analyze complex vessel trajectories using machine learning to model common patterns. Specifically, we represent patterns as left-to-right Hidden Markov Models and classify them using Support Vector Machines. To differentiate suspicious activities from unobjectionable behavior, we explore fusion of data and information, including kinematic features, geospatial features, contextual information and maritime domain knowledge. Our experimental evaluation shows the effectiveness of the proposed approach using comprehensive real-world vessel tracking data from coastal waters of North America.
Keywords: data analysis; hidden Markov models; learning (artificial intelligence); marine engineering; marine vehicles; pattern classification; probability; security; support vector machines; surveillance; traffic engineering computing; anomaly detection; complex vessel trajectory analysis; contextual information; data fusion; geospatial features; information fusion; innovative intelligent systems; interactive situation analysis; kinematic features; left-to-right hidden Markov models; machine learning; marine traffic data analysis; maritime domain awareness; maritime domain knowledge; maritime situation analysis framework; pattern classification; pattern representation; probabilistic processes; routine surveillance operations; security; support vector machines; vessel engagement; vessel interaction classification; vessel tracking data; Geospatial analysis; Hidden Markov models; Kinematics; Security; Surveillance; Time series analysis; Trajectory; Anomaly Detection; Big Data; Critical Infrastructure Protection; Intelligent Systems; Machine Learning; Maritime Domain Awareness (ID#: 16-9648)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.