| Title Page | 2 |
|---|
| Preface | 6 |
|---|
| Organization | 7 |
|---|
| Table of Contents | 12 |
|---|
| Data Mining and Intelligence | 15 |
|---|
| A Data Mining Based Analysis of Nmap Operating System Fingerprint Database | 15 |
| Introduction | 15 |
| OS Fingerprinting and Nmap | 16 |
| Self-organizing Maps | 17 |
| Growing Neural Gas | 18 |
| K-Means | 19 |
| Applications | 20 |
| Conclusions | 21 |
| References | 22 |
| Knowledge System for Application of Computer Security Rules | 23 |
| Introduction | 23 |
| Models for L | 25 |
| Validity of the Formulas in the Knowledge System | 30 |
| Conclusions | 30 |
| References | 30 |
| Clustering of Windows Security Events by Means of Frequent Pattern Mining | 32 |
| Introduction | 32 |
| Related Work | 33 |
| Analysis of Windows Security Event Logs | 34 |
| Clustering Event Sources | 35 |
| Learning the Application Domain | 35 |
| Feature Selection | 36 |
| Application of Clustering Techniques | 36 |
| Conclusions and Ongoing Challenges | 39 |
| References | 39 |
| Text Clustering for Digital Forensics Analysis | 41 |
| Introduction | 41 |
| Textual Data Extraction | 42 |
| Text Clustering | 43 |
| Knowledge Base Representation | 43 |
| Clustering Framework | 43 |
| Forensic Analysis on Enron Dataset | 45 |
| References | 48 |
| Infrastructure Protection | 49 |
|---|
| A Preliminary Study on SVM Based Analysis of Underwater Magnetic Signals for Port Protection | 49 |
| Introduction | 49 |
| The MACmag Magnetic Subsystem | 50 |
| Support Vector Machines for Classification | 52 |
| Experimental Results | 53 |
| Conclusions | 55 |
| References | 56 |
| Fuzzy Rule Based Intelligent Security and Fire Detector System | 57 |
| Introduction | 57 |
| Mechanism of Fire Occurred | 58 |
| Design of Intelligent Multi-sensor Fire Detector | 58 |
| Work Principle of Temperature Sensor | 58 |
| Hardware Design of the Fire Detector | 59 |
| Software Design of the Fire Detector | 60 |
| Experiments and Results | 61 |
| Conclusions | 62 |
| References | 63 |
| A Scaled Test Bench for Vanets with RFID Signalling | 64 |
| Introduction | 64 |
| Signalling Using RFID | 65 |
| Behavioural Model | 66 |
| Scaled Vehicle Architecture | 67 |
| System Board (Main Board) | 68 |
| Sensor Processing Board (Coprocessor Board) | 69 |
| Conclusions | 69 |
| References | 70 |
| A SVM-Based Behavior Monitoring Algorithm towards Detection of Un-desired Events in Critical Infrastructures | 71 |
| Introduction | 71 |
| The Proposed Algorithm Design | 72 |
| Experimental Results and Concluding Remarks | 75 |
| References | 77 |
| Network Security | 79 |
|---|
| Design and Implementation of High Performance Viterbi Decoder for Mobile Communication Data Security | 79 |
| Introduction | 79 |
| An Overview | 79 |
| Viterbi Decoding Algorithm | 80 |
| Our Design | 81 |
| Branch Selection Unit | 82 |
| Trace-Back Unit | 83 |
| Experimental Approach | 84 |
| Conclusion | 86 |
| References | 86 |
| An Adaptive Multi-agent Solution to Detect DoS Attack in SOAP Messages | 87 |
| Introduction | 87 |
| DoS Attacks Description | 88 |
| An Agent Based Architecture | 89 |
| Results and Conclusions | 92 |
| References | 93 |
| A Self-learning Anomaly-BasedWeb Application Firewall | 95 |
| Introduction | 95 |
| SystemOverview | 96 |
| Architecture | 96 |
| Normal Behavior Description | 97 |
| Detection Process | 98 |
| Experiments | 99 |
| Case Study:Web Shopping | 99 |
| XML File Generation | 99 |
| Artificial Traffic Generation | 99 |
| Training Phase | 100 |
| Test Phase | 100 |
| Results | 100 |
| Limitations and Future Work | 101 |
| Conclusions | 102 |
| References | 102 |
| An Investigation of Multi-objective Genetic Algorithms for Encrypted Traffic Identification | 103 |
| Introduction | 103 |
| Previous Work | 104 |
| Methodology | 104 |
| Results | 107 |
| Conclusions | 109 |
| References | 110 |
| A Multi-objective Optimisation Approach to IDS Sensor Placement | 111 |
| Introduction | 111 |
| Related Work | 112 |
| Experimental Setup and Evaluation | 113 |
| Network Simulation | 113 |
| Fitness Measurement | 114 |
| Sensor Placement Representation | 115 |
| Parameters for the Search | 115 |
| Experiment Results | 116 |
| Conclusions and Further Work | 117 |
| References | 118 |
| Towards Ontology-Based Intelligent Model for Intrusion Detection and Prevention | 119 |
| Introduction | 119 |
| Previous Work | 120 |
| Ontology and Semantic Model | 120 |
| Classifier and Pattern Recognition Model | 122 |
| Conclusions and Future Work | 125 |
| References | 125 |
| Ontology-Based Policy Transl
|