Auflistung nach Schlagwort "anomaly detection"
1 - 4 von 4
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragAn anomaly detection approach for backdoored neural networks: face recognition as a case study(BIOSIG 2022, 2022) Alexander Unnervik and Sébastien MarcelBackdoor attacks allow an attacker to embed functionality jeopardizing proper behavior of any algorithm, machine learning or not. This hidden functionality can remain inactive for normal use of the algorithm until activated by the attacker. Given how stealthy backdoor attacks are, consequences of these backdoors could be disastrous if such networks were to be deployed for applications as critical as border or access control. In this paper, we propose a novel backdoored network detection method based on the principle of anomaly detection, involving access to the clean part of the training data and the trained network.We highlight its promising potential when considering various triggers, locations and identity pairs, without the need to make any assumptions on the nature of the backdoor and its setup. We test our method on a novel dataset of backdoored networks and report detectability results with perfect scores.
- KonferenzbeitragCanola seed or not? Autoencoder-based Anomaly Detection in AgriculturalSeedProduction(INFORMATIK 2023 - Designing Futures: Zukünfte gestalten, 2023) Kukushkin, Maksim; Enders, Matthias; Kaschuba, Reinhard; Bogdan, Martin; Schmid, ThomasAnalysing harvested seeds is a time-consuming task in the seed-producing industry. Automating this process has the potential to enhance and expedite agricultural seed production. In our study, we focus on differentiating Canola seeds from visually similar non-Canola seeds using computer vision techniques. Our approach utilises both RGB and hyperspectral images, captured by a specialised camera, to train separate autoencoder neural networks. By leveraging the high spatial resolution of RGB data and the high spectral resolution of hyperspectral data, we develop distinct models for Canola seed analysis, ensuring a comprehensive and robust assessment. The autoencoder networks are trained on a dataset of Canola seeds, allowing for the extraction of latent representations from both RGB and hyperspectral data. This enables efficient compression of input data and effective discrimination between Canola and non-Canola seeds. Our proposed approach demonstrates promising results in detecting non-Canola seeds in unseen test data.
- ZeitschriftenartikelEfficient machine learning for attack detection(it - Information Technology: Vol. 62, No. 5-6, 2020) Wressnegger, ChristianDetecting and fending off attacks on computer systems is an enduring problem in computer security. In light of a plethora of different threats and the growing automation used by attackers, we are in urgent need of more advanced methods for attack detection. Manually crafting detection rules is by no means feasible at scale, and automatically generated signatures often lack context, such that they fall short in detecting slight variations of known threats. In the thesis “Efficient Machine Learning for Attack Detection” [35], we address the necessity of advanced attack detection. For the effective application of machine learning in this domain, a periodic retraining over time is crucial. We show that with the right data representation, efficient algorithms for mining substring statistics, and implementations based on probabilistic data structures, training the underlying model for establishing an higher degree of automation for defenses can be achieved in linear time.
- KonferenzbeitragA Privacy-Preserving Architecture for Collaborative Botnet Detection(Sicherheit 2024, 2024) Dessani, LeoDetecting communication with command and control (C2) servers and outbound attacks from internal bots (botnet traffic) is critical for network operators. Detection of botnet traffic is typically done by analyzing communication patterns in their own networks. We hypothesise that cooperation between different network operators can improve the detection of botnet traffic, as a larger amount of traffic can be examined. However, network operators do normally not want to share their traffic with others for privacy reasons. We therefore present a privacy-preserving architecture for collaborative botnet detection. To this end, network operators interested in detecting botnet traffic share traffic from their own networks by using a Threshold Multi-Party Private Set Intersection (T-MP-PSI) protocol to ensure that shared traffic details, such as IP addresses, are only disclosed if they occur on a minimum number of networks. We present the main results from a preliminary evaluation of the architecture based on publicly available benchmark data sets. The evaluation shows that our architecture contributes to the detection of botnet traffic, but that a high number of false positives also occur. However, this high number can be reduced by pre-processing measures. We also present further options for evaluating the architecture.