Anomaly Detection with Diagnosis in Diversified Systems using Information Flow Graphs

Majorczyk, Frédéric; Totel, Éric; Mé, Ludovic; Saidane, Ayda

doi:10.1007/978-0-387-09699-5_20

Cited by 6 publications

(6 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We are able to find a number of applications of anomaly detection in engineering problems, mainly fault tolerance [19][20][21][22][23]. An application in medical studies is work on blood oxygen saturation and heart rate in obstructive sleep apnea [24][25][26].…”

Section: Discussionmentioning

confidence: 99%

Generating Evidence Based Interpretation of Hematology Screens via Anomaly Characterization

David¹

2011

TOCCHEMJ

View full text Add to dashboard Cite

Introduction:We propose a simple, workable algorithm that provides assistance for interpreting any set of data from the screen of a blood analysis with high accuracy, reliability, and inter-operability with an electronic medical record. This has been made possible at least recently as a result of advances in mathematics, low computational costs, and rapid transmission of the necessary data for computation. Materials and Methods:The database used for this study is a file of 22,000 laboratory hemograms generated by two Beckman-Coulter Gen-S analyzers over a two month period in a 630 bed acute care facility in Brooklyn. All control samples, patient identifiers, and patients under 23 years old were stripped from the dataset. An experienced medical practitioner reviewed all of the data used in generating the algorithm described. The differential diagnoses were outlined prior to beginning the study, and preliminary studies were done to determine the reference ranges for each predictor. An algorithm for anomaly detection and classification via anomaly characterization is proposed. For each patient, the algorithm characterizes its anomalous profile and builds a differential metric to identify similar patients who are mapped into a classification. Results:The algorithm successfully classified patients into the diagnosis that were sufficient in sample size, and others are still under observation. The algorithm correctly classified the patients as follows: Microcytic Anemia -99.63%, Normocytic Anemia -98.03%, Mild SIRS -73.42%, Thrombocytopenia -99.52%, Leukocytopenia -84.83%, Moderate / Severe SIRS -96.69% and Normal -93.18%.Discussion: This limited analysis of automated hematological results can be extended to the case of more complicated conditions than presented, and can be extended to a combination of chemistry, hematology, immunology, and other data.

show abstract

Section: Discussionmentioning

confidence: 99%

Generating Evidence Based Interpretation of Hematology Screens via Anomaly Characterization

David¹

2011

TOCCHEMJ

View full text Add to dashboard Cite

show abstract

“…In the literature we find a number of approaches for modeling security with information flow graphs, e.g. [3], [11], [8]. However, only Chivers [3] uses information flow trees and form attack paths for analyzing risk.…”

Section: Related Work and Conclusionmentioning

confidence: 99%

CRAC: Confidentiality risk assessment and IT-infrastructure comparison

Morali

Zambon

Etalle

et al. 2010

2010 International Conference on Network and Service Management

View full text Add to dashboard Cite

CRAC is an IT-infrastructure-based method for assessing and comparing confidentiality risks of distributed IT systems. The method determines confidentiality risks by taking into account the effects of the leakage of confidential information (e.g. industrial secrets), and the paths that may be followed by different attackers (e.g. insider and outsider). We evaluate its effectiveness by applying it to a real-world outsourcing case.

show abstract

“…It is the sole part of the architecture accessible directly by the clients. The IDS is in [15,26,28], system calls' sequences [14] or the information flow graphs [18]. Furthermore, in our work, it must compare the result status of the interpreter of the script language in which the web application is written.…”

Section: Architecturementioning

confidence: 99%

“…This idea has then been extended [26][27][28] to the actual web page responses from the servers. Other ideas have been proposed which consists, instead of focusing on the outputs of COTS, in monitoring their behavior by comparing the sequences of system calls [14] or the information flow graphs [18].…”

Section: Related Workmentioning

confidence: 99%

Automated Instruction-Set Randomization for Web Applications in Diversified Redundant Systems

Majorczyk

Demay

2009

2009 International Conference on Availability, Reliability and Security

Self Cite

View full text Add to dashboard Cite

The use of diversity and redundancy in the security domain is an interesting approach to prevent or detect intrusions. Many researchers have proposed architectures based on those concepts where diversity is either natural or artificial. These architectures are based on the architecture of N-version programming and were often instantiated for web servers without taking into account the web application(s) running on those. In this article, we present a solution to protect the web applications running on this kind of architectures in order to detect and tolerate code injection intrusions. Our solution consists in creating diversity in the web application scripts by randomizing the language understood by the interpreter so that an injected code can not be executed by all the servers. We also present the issues related to the automatization of our solution and present some solutions to tackle these issues.

show abstract

Anomaly Detection with Diagnosis in Diversified Systems using Information Flow Graphs

Cited by 6 publications

References 9 publications

Generating Evidence Based Interpretation of Hematology Screens via Anomaly Characterization

Generating Evidence Based Interpretation of Hematology Screens via Anomaly Characterization

CRAC: Confidentiality risk assessment and IT-infrastructure comparison

Automated Instruction-Set Randomization for Web Applications in Diversified Redundant Systems

Contact Info

Product

Resources

About