The extremely diffused architecture of the Internet enables the propagation of malware and presents a significant challenge for the development of defenses against such malware propagation. Although ...machine learning-based malware detection models can improve approaches in response to this problem, their detection rates vary according to their features and classification methods. Single machine learning approaches for malware detection can vary in effectiveness according to the suitability of their classifiers despite the use of an appropriate training dataset. Some classifiers result in high detection rates with a malicious training dataset but have low detection rates with a benign training dataset, and false positive rates are particularly dependent on the use of appropriate classifiers. In this paper, we propose a machine learning-based hybrid decision model that can achieve a high detection rate with a low false positive rate. This hybrid model combines a random forest and a deep learning model using 12 hidden layers to determine malware and benign files, respectively. This model also includes certain proposed voting rules to make final decisions. In an experiment involving 6,395 atypical samples, this hybrid decision model achieved a higher detection rate (85.1% and standard deviation of 0.006) than that of the prior model (65.5%) without voting rules.
Abstract Insider threats refer to harmful actions carried out by authorized users within an organization, posing the most damaging risks. The increasing number of these threats has revealed the ...inadequacy of traditional methods for detecting and mitigating insider threats. These existing approaches lack the ability to analyze activity-related information in detail, resulting in delayed detection of malicious intent. Additionally, current methods lack advancements in addressing noisy datasets or unknown scenarios, leading to under-fitting or over-fitting of the models. To address these, our paper presents a hybrid insider threat detection framework. We not only enhance prediction accuracy by incorporating a layer of statistical criteria on top of machine learning-based classification but also present optimal parameters to address over/under-fitting of models. We evaluate the performance of our framework using a real-life threat test dataset (CERT r4.2) and compare it to existing methods on the same dataset (Glasser and Lindauer 2013). Our initial evaluation demonstrates that our proposed framework achieves an accuracy of 98.48% in detecting insider threats, surpassing the performance of most of the existing methods. Additionally, our framework effectively handles potential bias and data imbalance issues that can arise in real-life scenarios.
The widespread occurrence of hybridisation in fishes suggests the need to revisit its importance for both a basic understanding of biological principles and practical applications for management and ...conservation. Despite evidence of its pervasiveness, the phenomenon of hybridisation in fish is not uniformly studied across species and environments. We note how natural hybridisation in pelagic and deep‐sea fish has been rarely reported. For this reason, we carry out an analysis using both standard and phylogenetic comparative methods. Our results suggest a lack of evidence for the idea that pelagic and deep‐sea fish are inherently less prone to hybridise. Likely, hybridisation and introgression are systematically underestimated in these groups. In light of this, we discuss why underestimation of hybridisation is problematic, and what may be done to ameliorate the situation. We propose scalable and cost‐effective prioritisation, sampling and analysis strategies, to ease existing biases in assessing the impact of hybridisation among pelagic and deep‐sea species and to ultimately improve the management and conservation – as well as basic biological knowledge – of these important species.
The frequent occurrence of sludge bulking can influence the effluent qualities and destroy the stable operation of activated sludge process (ASP). In order to accurately detect the sludge bulking, a ...detection method, based on adaptive fuzzy neural network and mechanism model, is proposed in this paper. First, a novel detection scheme is designed, where hybrid detection model and intelligent identification algorithm, are designed to describe the dynamics of sludge bulking. Second, an error compensation model, by using adaptive fuzzy neural network, is established to make up for the errors caused by the assumptions set in hybrid detection model. Finally, an error-assisted detection strategy is designed to evaluate sludge bulking. To verify the effectiveness of the proposed detection method, operating data from ASP are applied. The results show that this proposed method can efficiently detect sludge bulking.
Kinnow (Citrus nobilis × C. deliciosa) is a commercially important mandarin but contains large number of seeds. Mukaku Kishu (C. kinokuni), a seedless mandarin can be used to transfer seedlessness in ...Kinnow through hybridization. But, the polyembryony in Kinnow and absence of any heritable morphological trait in Mukaku Kishu are limiting factors in early identification of hybrids. SSR markers due to their high polymorphism and co-dominant nature are useful for hybrid identification. We performed hybridization between Kinnow (♀) and Mukaku Kishu (♂) and differentiated hybrids using SSR markers. A total of 134 SSR markers were tested for polymorphism between the parents; 20 were found polymorphic while four (CMS04, Ci06A05b, CiBE1500 and TAA15) were suitable for hybrid detection. The hybrid detection ability varied among the markers. The marker CMS04 identified 67 hybrids while the remaining three markers independently identified 104 hybrids from the total analysed 697 seedlings. The hybrid seedlings differed for height and number of spines per plant. The two traits also showed moderate positive association (Pearson correlation = 0.69). The study demonstrated the practical utility of SSR markers in enhancing the efficiency of breeding programmes in absence of distinct morphological distinguishers for hybrid detection. The identified hybrids progeny will serve as a foundation for identification of potentially seedless candidates.
To detect trace level of tumor markers (TMs) plays a crucial role in the early diagnosis of cancer. However, the fabrication of assays to simultaneously detect trace levels of TMs was still ...challengeable. The study was aimed to develop a novel microchip electrophoresis (MC) and antibody-aptamer based hybrid detection strategy for simultaneous determination of prostate specific antigen (PSA), carcino-embryonic antigen (CEA) and carbohydrate antigen 125 (CA125) in human serum. The assay comprises the generation of magnetic aptamer capture probes and anti-TMs labeled encoded signal tags, then employment of nicking enzyme for signal amplification. Firstly, the aptamers of TMs were co-immobilized on surface of Fe3O4@AuNPs (AuMPs) as capture probes. Simultaneously, the antibodies of TMs labeled with different double stranded DNA (dsDNA) as nicked fragment-induced strand was prepared as encoded signal tags. Secondly, the TMs, capture probes and encoded signal tags were simultaneously incubated to form sandwich complex. After magnetic separation, the complex was collected by adding the nicking enzyme. As a result, the dsDNA on the complex can initiate nicking enzyme cleavage reaction to produce many single stranded DNA (ssDNA) products with different length corresponding to different targets. Finally, the ssDNA products were injected into MC for separation and determination of TMs, respectively. Under optimized conditions, the assay can simultaneously detect three TMs with detection limits of 0.1, 0.15, 0.12 pg mL−1 for PSA, CEA and CA125, respectively (S/N = 3). Moreover, the magnetic aptamer probes exhibited good stability and can be reused for 20 times with the recovery above 80% after heat treatments. The multianalysis method exhibits distinct advantages such as high-throughput, -sensitivity, easy-to-operate and offers a powerful tool for early diagnosis of cancers.
•An antibody-aptamer based hybrid detection strategy was developed for signal conversion.•A microfluidic chip based multianalysis method was developed to simultaneously detect three TMs.•Polymerization nicking reactions was used to amplify signals.•The assay was successfully to detect three TMs with LOD of 0.1 pg mL−1 magnitude.
The openness of the Android operating system and its immense penetration into the market makes it a hot target for malware writers. This work introduces Androtomist, a novel tool capable of ...symmetrically applying static and dynamic analysis of applications on the Android platform. Unlike similar hybrid solutions, Androtomist capitalizes on a wealth of features stemming from static analysis along with rigorous dynamic instrumentation to dissect applications and decide if they are benign or not. The focus is on anomaly detection using machine learning, but the system is able to autonomously conduct signature-based detection as well. Furthermore, Androtomist is publicly available as open source software and can be straightforwardly installed as a web application. The application itself is dual mode, that is, fully automated for the novice user and configurable for the expert one. As a proof-of-concept, we meticulously assess the detection accuracy of Androtomist against three different popular malware datasets and a handful of machine learning classifiers. We particularly concentrate on the classification performance achieved when the results of static analysis are combined with dynamic instrumentation vis-à-vis static analysis only. Our study also introduces an ensemble approach by averaging the output of all base classification models per malware instance separately, and provides a deeper insight on the most influencing features regarding the classification process. Depending on the employed dataset, for hybrid analysis, we report notably promising to excellent results in terms of the accuracy, F1, and AUC metrics.
48 novel tetranucleotide microsatellite loci were developed for the noble crayfish (Astacus astacus) using Illumina MiSeq next generation sequencing technology. It was demonstrated that 25 loci were ...polymorphic and 19 loci could be co-amplified in a single multiplex polymerase chain reaction (PCR) assay and genotyped as a single panel on Applied Biosystems 3500 Genetic Analyser. The 19-plex assay was tested on 232 individuals of A. astacus originating from seven wild populations in Czech Republic and in Estonia. The multiplex assay designed in this study can be successfully applied in studies requiring high genetic resolution, such as population structuring, relatedness analysis, and stock identification. 21 loci were also successfully cross-amplified in the narrow-clawed crayfish (Astacus leptodactylus) from which 14 were polymorphic. In addition, 13 loci (both monomorphic and polymorphic) possessed species-specific allele size range in A. astacus and A. leptodactylus and can be applied for detecting possible hybrids between these sister species.
The novel 19-plex microsatellite assay can be applied for genetic management of captive stocks of the noble crayfish (selection of strains, planning of matings, avoiding of inbreeding) and in studies requiring high genetic resolution, such as parentage assessment, relatedness analysis or strain identification.
•25 polymorphic tetranucleotide repeat microsatellite markers were developed for Astacus astacus.•19 microsatellite loci can be cost-efficiently genotyped in a multiplexed panel.•21 microsatellite loci (from which 14 were polymorphic) were also successfully cross-amplified in A. leptodactylus.•13 loci possessed species-specific allele size ranges and can be applied for detecting of possible hybrids.
Small-scale low-altitude unmanned aerial vehicles (UAVs) equipped with perception capability for military targets will become increasingly essential for strategic reconnaissance and stationary ...patrols in the future. To respond to challenges such as complex terrain and weather variations, as well as the deception and camouflage of military targets, this paper proposes a hybrid detection model that combines Convolutional Neural Network (CNN) and Transformer architecture in a decoupled manner. The proposed detector consists of the C-branch and the T-branch. In the C-branch, Multi-gradient Path Network (MgpNet) is introduced, inspired by the multi-gradient flow strategy, excelling in capturing the local feature information of an image. In the T-branch, RPFormer, a Region–Pixel two-stage attention mechanism, is proposed to aggregate the global feature information of the whole image. A feature fusion strategy is proposed to merge the feature layers of the two branches, further improving the detection accuracy. Furthermore, to better simulate real UAVs’ reconnaissance environments, we construct a dataset of military targets in complex environments captured from an oblique perspective to evaluate the proposed detector. In ablation experiments, different fusion methods are validated, and the results demonstrate the effectiveness of the proposed fusion strategy. In comparative experiments, the proposed detector outperforms most advanced general detectors.
Genetic Algorithm (GA) is an excellent optimization algorithm which has attracted the attention of researchers in various fields. Many papers have been published on works done on GA, but no single ...paper ever utilized this algorithm for misbehavior detection in VANETs. This is because GA requires manual definition of fitness function and defining a fitness function for VANETs is a complex task. Automating the creation of these fitness functions is still a difficulty, even though studies have found several successful applications of GA. In this study, a neuro-genetic security framework has been built with ANN classifier for detecting misbehavior in VANETs. It leverages a genetic algorithm for feature reduction with ANN as a dynamic fitness function, considering both node behaviors and contextual GPS data. Deployed at the Roadside Unit (RSU) level, the framework detects misbehaving nodes, broadcasting alerts to RSUs, Central Authority and the vehicles. The ANN based fitness function has been employed in GA that enabled the GA to select the best results. The 10- fold CV used enabled the whole system to be unbiased giving a precision accuracy of 0.9976 with recall and F1 scores as 0.9977, and 0.9977 respectively. Comparative evaluations, using the VeReMi Extension dataset, demonstrate the framework's superiority in precision, recall, and F1 score for binary and multiclass classification. This hybrid genetic algorithm with ANN fitness function presents a robust, adaptive solution for VANET misbehavior detection. Its context-aware nature accommodates dynamic scenarios, offering an effective security framework for the evolving threats in vehicular environments.
PDF
