David J. Parish

Facial Expression Recognition in the Encrypted Domain Based on Local Fisher Discriminant Analysis

Facial expression recognition forms a critical capability desired by human-interacting systems that aim to be responsive to variations in the humans emotional state. Recent trends toward cloud computing and outsourcing has led to the requirement for facial expression recognition to be performed remotely by potentially untrusted servers. This paper presents a system that addresses the challenge of performing facial expression recognition when the test image is in the encrypted domain. More specifically, to the best of our knowledge, this is the first known result that performs facial expression recognition in the encrypted domain. Such a system solves the problem of needing to trust servers since the test image for facial expression recognition can remain in encrypted form at all times without needing any decryption, even during the expression recognition process. Our experimental results on popular JAFFE and MUG facial expression databases demonstrate that recognition rate of up to 95.24 percent can be achieved even in the encrypted domain.

Statistics of video signals for viewphone-type pictures

The authors describe a series of measurements of the statistics of viewphone-type video signals, with particular regard to the possible transmission of such signals over an asynchronous transfer mode (ATM) network. Measurements include the frame-to-frame differences and the cluster length distribution. It is known that with efficient picture coding, the information rate required for a constant picture quality varies significantly and creates problems in a constant-bit-rate system. The multiplexing of a number of sources in a variable-bit-rate (VBR) system is considered. It is shown that considerable reduction in the variability of the data rate is obtained. While the results are derived from one particular type of picture coder, it is expected that the conclusion will apply to other coding schemes. >

Augmented Attack Tree Modeling of Distributed Denial of Services and Tree Based Attack Detection Method

Distributed Denial of Service (DDoS) is a serious computer network attack which can cause extreme performance degradation on the victim server. This paper presents a formal and methodical way of modeling DDoS attack by the method of Augmented Attack Tree (AAT), and presents an AAT-based attack detection algorithm. This modeling explicitly captures the particular subtle incidents triggered by DDoS and the corresponding state transitions from the view of the network traffic transmission on the primary victim server. Two major contributions are given in this paper: (1) an AAT-based DDoS model (ADDoSAT) is developed to assess the potential threat from the malicious packets transmission on the primary victim server and to facilitate the detection of such attacks; (2) an AAT-based bottom-up detection algorithm is proposed to detect all kinds of attacks based on AAT modeling.

Augmented attack tree modeling of SQL injection attacks

The SQL injection attacks (SQLIAs) vulnerability is extremely widespread and poses a serious security threat to web applications with built-in access to databases. The SQLIA adversary intelligently exploits the SQL statement parsing operation by web servers via specially constructed SQL statements that subtly lead to non-explicit executions or modifications of corresponding database tables. In this paper, we present a formal and methodical way of modeling SQLIAs by way of augmented attack trees. This modeling explicitly captures the particular subtle incidents triggered by SQLIA adversaries and corresponding state transitions. To the best of our knowledge, this is the first known attack tree modelling of SQL injection attacks.

Network visualisation: a review

As communication networks increase in performance and complexity, and more dependence is placed upon them, it becomes ever more important that their behaviour is understood in an efficient and timely manner. Visualisation is an established technique for the presentation of the vast volume of data yielded in monitoring such networks. It is apparent, however, that much of the work in this area has been performed in isolation, and it is timely that a review of this research is conducted. The techniques for the visualisation of communication networks and related measurements are surveyed. The research is classified by the type of visualisation used and is separated into three classes: geographic visualisations, in which the data are presented with respect to the physical location of nodes in the network; abstract topological visualisations, in which the relationships between nodes are presented independently of physical location; and plot-based visualisation, in which the focus is a single point in the network, often presented with respect to time. The research in this area is reviewed and the techniques proposed are discussed in terms of these three classes.

Impact of QoS Routing Metrics for MANETs in the Pervasive Computing Environment

The problem of QoS routing for MANET posses several challenges that must be addressed within the pervasive computing environment. QoS routing has the association of two main components, one related to the metrics acquisition and distribution and the other related to the QoS route selection mechanism. The challenges inherent to these components are presented. QoS routing can impact the performance of MANET in the pervasive computing environment, by selecting the most optimal route from source to destination. Its dynamic nature inferred that the metrics which indicate the quality of the node connectivity and bandwidth must be taken into account. A method of bandwidth and node connectivity index calculation is shown.

Node connectivity index as mobility metric for GA based QoS routing in MANET

The objective of this paper is to propose a unique connectivity index, nci which indicates the quality of route when nodes move randomly. The most reliable route is then chosen using GA route selection mechanism. The node mobility model is introduced and shows that there exists upper bound for velocity in order to achieve reliable wireless communication. The nci is then derived based on contraction and expansion model. It is then utilized as one of the fitness variable in our multi objectives GA-based QOS Routing protocol. It has been observed that the performances of our protocol QOSRGA on velocity scenario are better than the BE-DSR routing protocol.

Manual and Automatic assigned thresholds in multi-layer data fusion intrusion detection system for 802.11 attacks

Abuse attacks on wireless networks are becoming increasingly sophisticated. Most of the recent research on intrusion detection systems for wireless attacks either focuses on just one layer of observation or uses a limited number of metrics without proper data fusion techniques. However, the true status of a network is rarely accurately detectable by examining only one network layer. The goal of this study is to detect injection types of attacks in wireless networks by fusing multi-metrics using the Dempster–Shafer (D–S) belief theory. When combining beliefs, an important step to consider is the automatic and self-adaptive process of basic probability assignment (BPA). This study presents a comparison between manual and automatic BPA methods using the D–S technique. Custom tailoring BPAs in an optimum manner under specific network conditions could be extremely time consuming and difficult. In contrast, automatic methods have the advantage of not requiring any prior training or calibration from an administrator. The results show that multi-layer techniques perform more efficiently when compared with conventional methods. In addition, the automatic assignment of beliefs makes the use of such a system easier to deploy while providing a similar performance to that of a manual system.

Visualising Communication Network Security Attacks

The task of exploring and analysing large quantities of communication network security data is difficult. Visualisation of the data should help the analyses and make data exploration faster and easier. This paper describes prototype software that visualises the alerts effectively and provides a simple presentation. The needs analysis of this prototype is based on the suggested needs of network security analysts tasks as seen in the literature. The prototype software incorporates various projections of the alert data in 3-dimensional displays. Filtering, drill-down and playback of alerts at variable speed are incorporated to strengthen the analysis. We integrate a false alert classifier using classification tree algorithm to classify alerts into false and true alerts. Real-time visual observation is also included. We describe some example analyses to prove the usefulness of our prototype.

On the treatment of video cell loss in the transmission of motion-JPEG and JPEG images

Abstract Transmission of video information over computer networks poses many problems that must be solved. In most cases an absolute guarantee that video cells will not be lost under any circumstances cannot be given, and the video service must accept this possibility. This paper addresses the problem of reconstructing lost sections of an image without the need for retransmission of the missing data. This is important where no reference or previous frame information is available for substitution. Furthermore, concealment of the lost information is performed within the transform domain for a JPEG coded image. Identification of the most suitable components from the neighbouring DCT coded blocks to be used in the reconstruction process has enabled both an improvement in reconstructed image quality and a reduction in processing when compared with an earlier algorithm.