1,721,000 research outputs found
Detecting attacks to internal vehicle networks through Hamming distance
No full textAnalysis of in-vehicle networks is an open research area that gained relevance after recent reports of cyber attacks against connected vehicles. After those attacks gained international media attention, many security researchers started to propose different algorithms that are capable to model the normal behaviour of the CAN bus to detect the injection of malicious messages.
However, despite the automotive area has different constraint than classical IT security, many security research have been conducted by applying sophisticated algorithm used in IT anomaly detection, thus proposing solutions that are not applicable on current Electronic Control Units (ECUs).
This paper proposes a novel intrusion detection algorithm that aims to identify malicious CAN messages injected by attackers in the CAN bus of modern vehicles. Moreover, the proposed algorithm has been designed and implemented with the very strict constraint of low-end ECUs, having low computational complexity and small memory footprints.
The proposed algorithm identifies anomalies in the sequence of the payloads of different classes of IDs by computing the Hamming distance between consecutive payloads. Its detection performance are evaluated through experiments carried out using real CAN traffic gathered from an unmodified licensed vehicle
Scalable architecture for online prioritization of cyber threats
No full textThis paper proposes an innovative framework for the early detection of several
cyber attacks, where the main component is an analytics core that gathers streams of raw data
generated by network probes, builds several layer models representing different activities of
internal hosts, analyzes intra-layer and inter-layer information. The online analysis of internal
network activities at different levels distinguishes our approach with respect to most detection
tools and algorithms focusing on separate network levels or interactions between internal and
external hosts. Moreover, the integrated multi-layer analysis carried out through parallel
processing reduces false positives and guarantees scalability with respect to the size of the
network and the number of layers. As a further contribution, the proposed framework executes
autonomous triage by assigning a risk score to each internal host. This key feature allows
security experts to focus their attention on the few hosts with higher scores rather than wasting
time on thousands of daily alerts and false alarms
Vehicle Safe-Mode, Limp-Mode in the Service of Cyber Security
No full textThis paper describes a concept for vehicle safe-mode, that may help reduce the potential damage of an identified cyber-attack. Unlike other defense mechanisms, that try to block the attack or simply notify of its existence, our mechanism responds to the detected breach, by limiting the vehicle’s functionality to relatively safe operations, and optionally activating additional security counter-measures. This is done by adopting the already existing mechanism of Limp-mode, that was originally designed to limit the potential damage of either a mechanical or an electrical malfunction and let the vehicle “limp back home” in relative safety. We further introduce two modes of safe-modemoperation: In Transparent-mode, when a cyber-attack is detected
the vehicle enters its pre-configured Limp-mode; In Extended-mode we suggest to use custom messages that offer additional flexibility to both the reaction and the recovery plans. While Extended-mode requires modifications to the participating ECUs, Transparent-mode may be applicable to existing vehicles since it does not require any changes in the vehicle’s systems—in other words, it may even be deployed as an external component
connected through the OBD-II port. We suggest an architectural design for the given modes, and include guidelines for a safe-mode manager, its clients, possible reactions, and recovery plans. We note that our system can rely upon any deployed anomaly-detection system to identify the potential attack
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Variations on the Author
Full text link“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
Appropriate Similarity Measures for Author Cocitation Analysis
Full text linkWe provide a number of new insights into the methodological discussion about author cocitation analysis. We first argue that the use of the Pearson correlation for measuring the similarity between authors’ cocitation profiles is not very satisfactory. We then discuss what kind of similarity measures may be used as an alternative to the Pearson correlation. We consider three similarity measures in particular. One is the well-known cosine. The other two similarity measures have not been used before in the bibliometric literature. Finally, we show by means of an example that our findings have a high practical relevance.information science;Pearson correlation;cosine;similarity measure;author cocitation analysis
Dispelling the Myths Behind First-author Citation Counts
Full text linkWe conducted a full-scale evaluative citation analysis study of scholars in the XML research field to explore just how different from each other author rankings resulting from different citation counting methods actually are, and to demonstrate the capability of emerging data and tools on the Web in supporting more realistic citation counting methods. Our results contest some common arguments for the continued
use of first-author citation counts in the evaluation of scholars, such as high correlations between author rankings by first-author citation counts and other citation
counting methods, and high costs of using more realistic citation counting methods that are not well-supported by the ISI databases. It is argued that increasingly available digital full text research papers make it possible for citation analysis studies to go beyond what the ISI databases have directly supported and to employ more
sophisticated methods
- …
