Threat detection systems using Bayesian networks based on practical implementations in the fields of computer science and electrical engineering

• Autorzy: Tylman W.
• Języki publikacji: EN

Abstrakty

EN

This book presents the author’s contribution to the - widely understood - problem of threat detection. The concept proposed, utilised and developed by the author is based on an extensive use of the Bayesian networks. As an illustration of this concept, four different projects carried out by the author are presented. In each case the problem addressed by the project is one that lacked satisfactory solution and the approach presented by the author has important elements of novelty Although the developed methods place the projects in the field of computer science, the applications encompass various problems, belonging to the fields of computer science and electrical engineering. In particular, the problem of detecting malfunctions in a selected class of underground power lines and the problem of detecting intrusions in networked environments are covered. In each project the Bayesian networks play a prominent part, but their role is not identical. This varied material allowed the author to discuss the advantages and limitations of the Bayesian networks, develop means for alleviating their shortcomings and put forward suggestions for their most efficient use in threat detection systems. In one of the projects, a novel extension to the classic Bayesian networks - Multi-Entity Bayesian Networks - is employed and its usefulness evaluated, which places the project among the first attempts in the world to use this soft computing method in a real-life application.

PL

Książka przedstawia wkład autora do - szeroko rozumianego - problemu wykrywania zagrożeń. Podejście zaproponowane, zastosowane i rozwijane przez autora oparte jest na wszechstronnym wykorzystaniu sieci bayesowskich. Ilustrację podejścia stanowią cztery różne projekty zrealizowane przez autora. W każdym przypadku dotyczą one problemu, który nie doczekał się wcześniej zadowalającego rozwiązania, a rozwiązanie przedstawione przez autora ma istotne elementy nowości. Aczkolwiek opracowane przez autora metody zawierają się w dyscyplinie naukowej informatyki, przedstawione praktyczne aplikacje obejmują zróżnicowaną problematykę, mieszczącą się w kręgu zainteresowań informatyki i elektrotechniki. W szczególności przedstawiony jest problem wykrywania nieprawidłowości w działaniu wybranej klasy podziemnych linii energetycznych oraz problem wykrywania włamań w środowiskach sieciowych. W każdym projekcie sieci bayesowskie odgrywają znaczącą rolę, ale rola ta nie jest w każdym przypadku identyczna. Ten zróżnicowany materiał pozwolił autorowi omówić zalety i ograniczenia sieci bayesowskich, opracować sposoby łagodzenia ich niedociągnięć i przedstawić propozycję ich najbardziej efektywnego wykorzystania w systemach wykrywania zagrożeń. W jednym z projektów zastosowane zostało i ocenione nowe rozszerzenie klasycznych sieci bayesowskich - Multi-Entity Bayesian Networks - co stawia projekt wśród pierwszych prób w skali światowej wykorzystania tej metody w rzeczywistych aplikacjach.

Słowa kluczowe

EN

threat detection; Bayesian network; Multi-Entity Bayesian Networks; underground power line; intrusion detection system; anomaly detection; industrial control systems

PL

wykrywanie zagrożeń; sieć bayesowska; Multi-Entity Bayesian Networks; podziemna linia energetyczna; system wykrywania włamań; wykrywanie anomalii; przemysłowe systemy sterowania

• Wydawca: Wydawnictwo Politechniki Łódzkiej
• Czasopismo: Zeszyty Naukowe. Rozprawy Naukowe / Politechnika Łódzka
• Rocznik: 2013
• Tom: Z. 468
• Strony: 1--176
• Opis fizyczny: Bibliogr. 111 poz., wykr.

Twórcy

autor

Tylman W.

• Politechnika Łódzka. Wydział Elektrotechniki, Elektroniki, Informatyki i Automatyki, Katedra Mikroelektroniki i Technik Informatycznych

Bibliografia

• [1] R. Agrawal and R. Srikant. Fast algorithms for mining association rules. In 20th International Conference on Very Large Data Bases, volume 1215, pages 487–499, 1994.
• [2] J. Alcala-Fdez, R. Alcala, and F. Herrera. A fuzzy association rule-based classification model for high-dimensional problems with genetic rule selection and lateral tuning. IEEE Transactions on Fuzzy Systems, 19(5):857–872, 2011.
• [3] G.J. Anders. Rating of Electric Power Cables: Ampacity Computations for Transmission, Distribution, and Industrial Applications. McGraw-Hill, New York, 1997.
• [4] D. Arsíc, F. Wallhoff, B. Schuller, and G. Rigoll. Video based online behavior detection using probabilistic multi stream fusion. In IEEE International Conference on Multimedia and Expo, pages 1354–1357, 2005.
• [5] K. Banczyk and H. Krawczyk. Ontology Oriented Threat Detection System (OOTDS). In Fourth International Conference on Dependability of Computer Systems, pages 144–151. IEEE Computer Society, 2009.
• [6] T. Bayes and R. Price. An essay towards solving a problem in the doctrine of chances. Philosophical Transactions, 53:370–418, 1763.
• [7] O. Begovich and A. Pizano-Moreno. Application of a leak detection algorithm in a water pipeline prototype: Difficulties and solutions. In 5th International Conference on Electrical Engineering, Computing Science and Automatic Control, pages 26–30, 2008.
• [8] I. Ben-Gal, A. Shani, A. Gohr, J. Grau, S. Arviv, A. Shmilovici, S. Posch, and I. Grosse. Identification of transcription factor binding sites with variableorder Bayesian networks. Bioinformatics, 21(11):2657–2666, 2005.
• [9] J. Bigham, D. Gamez, and N. Lu. Safeguarding SCADA systems with anomaly detection. In Proceedings of the Second International Workshop on Mathematical Methods, Models and Architectures for Computer Network Security MMMACNS 2003, Lecture Notes in Computer Science, pages 171–182. Springer Verlag, 2003.
• [10] P.T. Brandien. Discussion of cable technologies under evaluation for use in the Southwest Connecticut 345 kV transmission project, 2005. Memo to S.G. Whitley.
• [11] O. Brdiczka, L. Juan, B. Price, S. Jianqiang, A. Patil, R. Chow, E. Bart, and N. Ducheneaut. Proactive insider threat detection through graph learning and psychological context. In IEEE Security and Privacy Workshops, pages 142–149, 2012.
• [12] P.G. Bringas. Intensive use of Bayesian belief networks for the unified, flexible and adaptable analysis of misuses and anomalies in network intrusion detection and prevention systems. In Proceedings of the 18th International Workshop on Database and Expert Systems Applications, pages 365–371, Regensburg, 2007.
• [13] S.T. Brugger and J. Chow. An assessment of the DARPA IDS evaluation dataset using Snort. Technical report, UC Davis, 2007.
• [14] Bugtraq webpage for the WebViewFolderIcon ActiveX buffer overflow vulnerability. http://www.securityfocus.com/bid/19030. Accessed: April 2013.
• [15] D. Burroughs, L. Wilson, and G. Cybenko. Analysis of distributed systems using Bayesian methods. In Proceedings of 21st IEEE International Performance, Computing, and Communications Conference, pages 329–334, Phoenix, 2002.
• [16] B.S. Cayne, editor. The New Webster’s Dictionary and Thesaurus of the English Language. Lexicon Publications, Inc., New York, 1991.
• [17] X. Chaze, A. Bouejla, A. Napoli, and F. Guarnieri. Integration of a Bayesian network for response planning in a maritime piracy risk management system. In International Conference on System of Systems Engineering, pages 137– 142, 2012.
• [18] Rong Chen, Ji Gao, and Cheng Hua. Higen: an intelligent system for misuse detection. In Proceedings of the International Conference on Machine Learning and Cybernetics, Shanghai, 2004.
• [19] J. Cheng, D.A. Bell, and W. Liu. An algorithm for Bayesian belief network construction from data. In AI & STAT’97, pages 83–90, 1997.
• [20] S. Cheung, B. Dutertre, M. Fong, U. Lindqvist, K. Skinner, and A. Valdes. Using model-based intrusion detection for SCADA networks. In Proceedings of the SCADA Security Scientific Symposium, pages 1–12, 2007.
• [21] R. Combs. Snort 2.9 essentials: The DAQ. http://vrt-blog.snort.org/ 2010/08/snort-29-essentials-daq.html. Accessed: April 2013.
• [22] H. J. Convey and M. J. Booth. Development of a water leak detection system. Computing Control Engineering Journal, 13(1):33–38, 2002.
• [23] P.C.G. Costa. Bayesian Semantics for the Semantic Web. PhD thesis, George Mason University, 2005.
• [24] R. Cowell, P. Dawid, S. Lauritzen, and D. Spiegelhalter. Probabilistic Networks and Expert Systems. Springer, New York, 1999.
• [25] DARPA intrusion detection data sets. http://www.ll.mit.edu/mission/ communications/cyber/CSTcorpora/ideval/data/, 2000. Accessed: April 2013.
• [26] H. Debar, M. Becker, and D. Siboni. A neural network component for an intrusion detection system. In Proceedings of 1992 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, 1992.
• [27] A.P. Dempster, N.M. Laird, and D.B. Rubin. Maximum likelihood from incomplete data via the EM algorithm. Journal of the Royal Statistical Society. Series B (Methodological), 39:1–38, 1977.
• [28] Digital Bond. Quickdraw SCADA IDS. http://www.digitalbond.com/ tools/quickdraw. Accessed: February 2012.
• [29] W. DuMouchel. Computer intrusion detection based on Bayes factors for comparing command transition probabilities. Technical report no TR91. Technical report, National Institute of Statistical Sciences (NISS), 1999.
• [30] V. Estivill-Castro. Why so many clustering algorithms. ACM SIGKDD Explorations Newsletter, 4(1):65–75, 2002.
• [31] H.V. Fuchs and R. Riehle. Ten years of experience with leak detection by acoustic signal analysis. Applied Acoustics, 33(1):1–19, 1991.
• [32] J. Gale and J. Davison. Transmission of CO2 – safety and economic considerations. Energy, 29(9-10):1319–1328, 2004.
• [33] R. Ghafurian, J. Dominguez, A. Santini, and C. Sobel. New advances in mitigating environmental impact of pipe-type cables. IEEE Transactions on Power Delivery, 14(2):314–318, 1999.
• [34] V. Gowadia, C. Farkasand, and M. Valtorta. PAID: A probabilistic agentbased intrusion detection system. Computers & Security, 24:529–545, 2005.
• [35] I. Graham. Achieving zero-loss multi-gigabit IDS results from testing Snort on Endace accelerated multi-CPU platforms. http://www.touchbriefings. com/pdf/2259/graham.pdf. Accessed: February 2012.
• [36] W. Guizeng, D. Dong, and F. Chongzhi. Leak detection for transport pipelines based on autoregressive modeling. IEEE Transactions on Instrumentation and Measurement, 42(1):68–71, 1993.
• [37] Hacker jailed for revenge sewage attacks. http://www.theregister.co.uk/ 2001/10/31/hacker_jailed_for_revenge_sewage/, 2001. Accessed: April 2013.
• [38] L. Hao, P.L. Lewin, S.G. Swingler, and C. Bradley. Leak detection for selfcontained fluid-filled cables using regression analysis. In IEEE International Symposium on Electrical Insulation, pages 1–5, 2010.
• [39] K.E. Holbert, A. Mishra, and L. Mili. Intrusion detection through SCADA systems using fuzzy logic-based state estimation methods. Int. J. of Critical Infrastructures, 3(1/2):58–87, 2007.
• [40] C. Howard and M. Stumptner. Probabilistic reasoning techniques for the tactical military domain. In R. Khosla, R.J. Howlett, and L.C. Jain, editors, Knowledge-Based Intelligent Information and Engineering Systems, volume 3683 of Lecture Notes in Computer Science, pages 46–53. Springer Berlin Heidelberg, 2005.
• [41] IEEEXplore digital libray. http://ieeexplore.ieee.org/. Accessed: April 2013.
• [42] F. Jemili, M. Zaghdoud, and M. Ben Ahmed. A framework for an adaptive intrusion detection system using Bayesian network. In Proceedings of the IEEE International Conference on Intelligence and Security Informatics, pages 66–70, New Brunswick, 2007.
• [43] KDD Cup 1999 data. http://kdd.ics.uci.edu/databases/kddcup99/ kddcup99.html, 1999. Accessed: April 2013.
• [44] K.C. Khor, C.Y. Ting, and S. Phon-Amnuaisuk. A probabilistic approach for network intrusion detection. In Proceedings of the Second Asia International Conference on Modelling and Simulation, pages 463–468, Kuala Lumpur, 2008.
• [45] J. Kolczynski, W. Tylman, and G.J. Anders. Detecting small fluid leaks in pipe-type cable installations. IEEE Transactions on Power Delivery, 25(1):279–288, 2010.
• [46] D. Koller and N. Friedman. Probabilistic Grapgical Models. Principles and Techniques. The MIT Press, Cambridge, Massachusetts, 2009.
• [47] D. Koller and A. Pfeffer. Object-oriented Bayesian networks. In Proceedings of the Thirteenth Annual Conference on Uncertainty in Artificial Intelligence (UAI-97), pages 302–313, Providence, Rhode Island, 1997. Morgan Kaufmann.
• [48] H.-P. Kriegel, P. Kröger, and A. Zimek. Clustering high-dimensional data: A survey on subspace clustering, pattern-based clustering, and correlation clustering. ACM Transactions on Knowledge Discovery from Data, 3(1):1– 58, 2009.
• [49] Z. Kulesza and W. Tylman. Implementation of Bayesian network in FPGA circuit. In Mixed Design of Integrated Circuits and SystemInternational Conference, pages 711–715, 2006.
• [50] David Kushner. The real story of Stuxnet. IEEE Spectrum, 2013. Accessed: April 2013.
• [51] K.B. Laskey. MEBN: A language for first-order Bayesian knowledge bases. Artificial Intelligence, 172:140–178, 2008.
• [52] K.B. Laskey, G. AlGhamdi, X. Wang, D. Barbará, T. Shackelford, E.J. Wright, and J. Fitzgerald. Detecting threatening behavior using Bayesian networks. In Conference on Behavioral Representation in Modeling and Simulation, 2004.
• [53] K.B. Laskey, P.C.G. Costa, and T. Janssen. Probabilistic ontologies for knowledge fusion. In 11th International Conference on Information Fusion, pages 1–8, 2008.
• [54] K.B. Laskey and P.G. Costa. Uncertainty representation and reasoning in complex systems. In A. Tolk and L.C. Jain, editors, Complex Systems in Knowledge-based Environments: Theory, Models and Applications, volume 168 of Studies in Computational Intelligence, pages 7–40. Springer Berlin Heidelberg, 2009.
• [55] O. Linda, T. Vollmer, and M. Manic. Neural network based intrusion detection system for critical infrastructures. In International Joint Conference on Neural Networks, pages 1827–1834, 2009.
• [56] T. Liu, A. Qi, Y. Hou, and X. Chang. Method for network anomaly detection based on Bayesian statistical model with time slicing. In Proceedings of the 7th World Congress on Intelligent Control and Automation, pages 3881–3885, Chongqing, 2007.
• [57] J. Mashford, D. De Silva, D. Marney, and S. Burn. An approach to leak detection in pipe networks using analysis of monitored pressure values by support vector machine. In Third International Conference on Network and System Security, pages 534–539, 2009.
• [58] O. Mazhelis. One-class classifiers: a review and analysis of suitability in the context of mobile-masquerader detection. South African Computer Journal, 36:29–48, 2006.
• [59] J. McHugh. Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM transactions on Information and system Security, 3(4):262–294, 2000.
• [60] MEBN modeling tutorial. http://sourceforge.net/apps/mediawiki/ unbbayes/index.php?title=MEBN_Modeling_Tutorial. Accessed: April 2013.
• [61] Modbus specification and implementation guides. http://www.modbus.org/ specs.php. Accessed: April 2013.
• [62] T. Morris and K. Pavurapu. A retrofit network transaction data logger and intrusion detection system for transmission and distribution substations. In IEEE International Conference on Power and Energy (PECon), pages 958– 963, Kuala Lumpur, Malaysia, 2010.
• [63] T. Morris, R. Vaughn, and Y. Dandass. A retrofit network intrusion detection system for Modbus RTU and ASCII industrial control systems. In International Conference on System Sciences, pages 2338–2345, Maui, Hawaii, USA, 2012.
• [64] M.M. Moya, M.W. Koch, and L.D. Hostetler. One-class classifier networks for target recognition applications. Technical report, NASA, 1993.
• [65] K. Murphy. Dynamic Bayesian Networks: Representation, Inference and Learning. PhD thesis, University of California, Berkeley, 1998.
• [66] P. Krömer, J. Platoš, V. Snášel, and A. Abraham. Towards intrusion detection by information retrieval and genetic programming. In Information Assurance and Security (IAS), 2010 Sixth International Conference on, pages 112–117, 2010.
• [67] Oracle. Java Native Interface. http://docs.oracle.com/javase/7/docs/ technotes/guides/jni/index.html. Accessed: April 2013.
• [68] C.Y. Park, K.B. Laskey, P. Costa, and S. Matsumoto. Study of MEBN learning for relational model. In Seventh International Conference on Semantic Technologies for Intelligence, Defense, and Security, pages 121–124, 2012.
• [69] J. Pearl. Bayesian networks: A model of self-activated memory for evidential reasoning. In 7th Conference of the Cognitive Science Society, pages 329–334, University of California, Irvine, 1985.
• [70] J. Pearl. Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference. Morgan Kaufmann Publishers, San Mateo, 1988.
• [71] W.H. Press, S.A. Teukolsky, W.T. Vetterling, and B.P. Flannery. Numerical Recipes 3rd Edition: The Art of Scientific Computing. Cambridge University Press, 2007.
• [72] D.W. Purnhagen. DRUMS leak detection for HPFF pipe-type cable systems. Technical report, Underground Systems, Inc., 1995.
• [73] C. Sandberg, J. Holmes, K. McCoy, and H. Koppitsch. The application of a continuous leak detection system to pipelines and associated equipment. IEEE Transactions on Industry Applications, 25(5):906–909, 1989.
• [74] E. Santos, N. Hien, Y. Fei, K. Keumjoo, L. Deqing, J.T. Wilkinson, A. Olson, and R. Jacob. Intent-driven insider threat detection in intelligence analyses. In International Conference on Web Intelligence and Intelligent Agent Technology, volume 2, pages 345–349, 2008.
• [75] S.S. Shapiro and M.B. Wilk. An analysis of variance test for normality (complete samples). Biometrika, 52:591–611, 1965.
• [76] Simplified leak detection system for HPFF cable systems: Update on evaluation of a new leak detection technology. Technical report, EPRI and Consolidated Edison Company of New York, 2005.
• [77] A. Siraj, R.B. Vaughn, and S.M. Bridges. Intrusion sensor data fusion in an intelligent intrusion detection system architecture. In 37th Annual Hawaii International Conference on System Sciences, 2004.
• [78] Snort user manual. http://manual.snort.org/. Accessed: April 2013.
• [79] T. Sommestad, M. Ekstedt, and P. Johnson. Cyber security risks assessment with Bayesian defense graphs and architectural models. In Hawaii International Conference on System Sciences, pages 1–10, 2009.
• [80] Sourcefire, Inc. External DAQ modules. http://www.snort.org/snort-downloads/external-daq/. Accessed: April 2013.
• [81] G. Stephens and M. Maloof. Insider threat detection, 2008. US patent application No. 20080271143.
• [82] K. Takeda. Gas leak location method for pressurized cable networks using pattern matching. IEEE Transactions on Instrumentation and Measurement, 44(3):764–767, 1995.
• [83] M. Takikawac, B B. d’Ambrosio, and E. Wright. Real-time inference with large-scale temporal Bayes nets. In Proceedings of the Eighteenth Conference on Uncertainty in Artificial Intelligence (UAI-2002), pages 477–484, Edmonton, Alberta, 2002.
• [84] A. Tamilarasan, S. Mukkamala, A.H. Sung, and K. Yendrapalli. Feature ranking and selection for intrusion detection using artificial neural networks and statistical methods. In International Joint Conference on Neural Networks, pages 4754–4761, 2006.
• [85] M. Tavallaee, E. Bagheri, L. Wei Lu, and A.A. Ghorbani. A detailed analysis of the KDD Cup 99 data set. In IEEE Symposium on Computational Intelligence for Security and Defense Applications, pages 1–6, 2009.
• [86] D. Tax. One-class classification. PhD thesis, Delft University of Technology, 2001.
• [87] C. Te-Shun and K.K. Yen. Fuzzy belief k-nearest neighbors anomaly detection of user to root and remote to local attacks. In IEEE SMC Information Assurance and Security Workshop, pages 207–213, 2007.
• [88] Timeline: Critical infrastructure attacks increase steadily in past decade. http://www.computerworld.com/s/article/9233173/Timeline_Critical_infrastructure_attacks_increase_steadily_in_past_decade/, 2012. Accessed: April 2013.
• [89] W. Tylman. Development of the oil leak detection system. Master’s thesis, Technical University of Łódź, 1999.
• [90] W. Tylman. Advanced Numerical Algorithms for Monitoring Pressure Vessel Installations. PhD thesis, Technical University of Łódź, 2004.
• [91] W. Tylman. Anomaly-based intrusion detection using Bayesian networks. In Third International Conference on Dependability of Computer Systems DepCos-RELCOMEX ’08, pages 211–218, 2008.
• [92] W. Tylman. Misuse-based intrusion detection using Bayesian networks. In Third International Conference on Dependability of Computer Systems DepCos-RELCOMEX ’08, pages 203–210, 2008.
• [93] W. Tylman. Data mining techniques for semi-automatic signature generation. In Fourth International Conference on Dependability of Computer Systems DepCos-RELCOMEX ’09, pages 210–217, 2009.
• [94] W. Tylman. Detecting computer intrusions with Bayesian networks. In E. Corchado and H. Yin, editors, Intelligent Data Engineering and Automated Learning - IDEAL 2009, volume 5788 of Lecture Notes in Computer Science, pages 82–91. Springer Berlin Heidelberg, 2009.
• [95] W. Tylman. Misuse-based intrusion detection using Bayesian networks. International Journal of Critical Computer-Based Systems, 1:178–190, 2010.
• [96] W. Tylman. Native support for Modbus RTU protocol in Snort intrusion detection system. In New Results in Dependability and Computer Systems, volume 224 of Advances in Intelligent Systems and Computing, pages 479– 487. Springer International Publishing, 2013.
• [97] W. Tylman. SCADA intrusion detection based on modelling of allowed communication patterns. In New Results in Dependability and Computer Systems, volume 224 of Advances in Intelligent Systems and Computing, pages 489–500. Springer International Publishing, 2013.
• [98] W. Tylman and G.J. Anders. Application of probabilistic networks for decision support in power system analysis. Energy, 31:2874–2889, 2006.
• [99] W. Tylman, G.J. Anders, and R. Ghafurian. Novel leak detection system for pipe type cable installations. IEEE Transactions on Power Delivery, 21:1028–1034, 2006.
• [100] W. Tylman, M. Janicki, and A. Napieralski. Computer-aided approach to evaluation of burn wounds. In 18th International Conference Mixed Design of Integrated Circuits and Systems, pages 653–656, 2011.
• [101] W. Tylman, J. Kolczyński, and G.J. Anders. Fully automatic AI-based leak detection system. Energy, 35(9):3838–3848, 2010.
• [102] W. Tylman, W. Kuzański, M. Janicki, and A. Napieralski. Automatic image registration for computer-aided burn wounds evaluation. Elektronika: konstrukcje, technologie, zastosowania, 53:73–76, 2012.
• [103] W. Tylman, T. Waszyrowski, A. Napieralski, M. Kamiński, Z. Kulesza, R. Kotas, P. Marciniak, R. Tomala, and M. Wenerski. System for estimation of patient’s state – discussion of the approach. In New Results in Dependability and Computer Systems, volume 224 of Advances in Intelligent Systems and Computing, pages 501–511. Springer International Publishing, 2013.
• [104] W. Tylman, M. Wenerski, and G.J. Anders. Leak detection in slow oscillation High Pressure Fluid Filled circuits. 2013. Submitted for publication.
• [105] D.A. Tziouvaras. Protection of high-voltage AC cables. In Power Systems Conference: Advanced Metering, Protection, Control, Communication, and Distributed Resources, 2006. PS ’06, pages 316–328, March 2006.
• [106] A. Valdes and S. Cheung. Communication pattern anomaly detection in process control systems. In IEEE Conference on Technologies for Homeland Security, pages 22–29. IEEE, 2009.
• [107] A. Valdes and K. Skinner. Adaptive, model-based monitoring for cyber attack detection. In Recent Advances in Intrusion Detection, volume 1907 of LNCS, pages 80–92. Springer, Berlin, 2000.
• [108] Viking project. http://www.vikingproject.eu. Accessed: April 2013.
• [109] K. Wang and S.J. Stolfo. Anomalous payload-based network intrusion detection. In Recent Advances in Intrusion Detection, Lecture Notes in Computer Science, pages 203–222. 2004.
• [110] J. Williams. Analysis of potential 230 kV cable system as alternatives to proposed overhead lines for the north central reliability project. Technical report, Power Delivery Consultants, Inc., 2011.
• [111] V. Zotov and G. Xiaoguang. Passive air defense threat detection and location for UAV swarms based on dynamic Bayesian networks. In International Conference on System Science, Engineering Design and Manufacturing Informatization, volume 2, pages 167–171, 2011.