With the continuous expansion of digital infrastructures,malicious behaviors in host systems have become increasingly sophisticated,often spanning multiple processes and employing obfuscation techniques to evade detec...With the continuous expansion of digital infrastructures,malicious behaviors in host systems have become increasingly sophisticated,often spanning multiple processes and employing obfuscation techniques to evade detection.Audit logs,such as Sysmon,offer valuable insights;however,existing approaches typically flatten event sequences or rely on generic graph models,thereby discarding the natural parent-child process hierarchy that is critical for analyzing multiprocess attacks.This paper proposes a structure-aware threat detection framework that transforms audit logs into a unified two-dimensional(2D)spatio-temporal representation,where process hierarchy is modeled as the spatial axis and event chronology as the temporal axis.In addition,entropy-based features are incorporated to robustly capture obfuscated and non-linguistic strings,overcoming the limitations of semantic embeddings.The model’s performance was evaluated on publicly available datasets,achieving competitive results with an accuracy exceeding 95%and an F1-score of at least 0.94.The proposed approach provides a promising and reproducible solution for detecting attacks with unknown indicators of compromise(IoCs)by analyzing the relationships and behaviors of processes recorded in large-scale audit logs.展开更多
As Deepfake technology continues to evolve,the distinction between real and fake content becomes increasingly blurred.Most existing Deepfake video detectionmethods rely on single-frame facial image features,which limi...As Deepfake technology continues to evolve,the distinction between real and fake content becomes increasingly blurred.Most existing Deepfake video detectionmethods rely on single-frame facial image features,which limits their ability to capture temporal differences between frames.Current methods also exhibit limited generalization capabilities,struggling to detect content generated by unknown forgery algorithms.Moreover,the diversity and complexity of forgery techniques introduced by Artificial Intelligence Generated Content(AIGC)present significant challenges for traditional detection frameworks,whichmust balance high detection accuracy with robust performance.To address these challenges,we propose a novel Deepfake detection framework that combines a two-stream convolutional network with a Vision Transformer(ViT)module to enhance spatio-temporal feature representation.The ViT model extracts spatial features from the forged video,while the 3D convolutional network captures temporal features.The 3D convolution enables cross-frame feature extraction,allowing the model to detect subtle facial changes between frames.The confidence scores from both the ViT and 3D convolution submodels are fused at the decision layer,enabling themodel to effectively handle unknown forgery techniques.Focusing on Deepfake videos and GAN-generated images,the proposed approach is evaluated on two widely used public face forgery datasets.Compared to existing state-of-theartmethods,it achieves higher detection accuracy and better generalization performance,offering a robust solution for deepfake detection in real-world scenarios.展开更多
Current spatio-temporal action detection methods lack sufficient capabilities in extracting and comprehending spatio-temporal information. This paper introduces an end-to-end Adaptive Cross-Scale Fusion Encoder-Decode...Current spatio-temporal action detection methods lack sufficient capabilities in extracting and comprehending spatio-temporal information. This paper introduces an end-to-end Adaptive Cross-Scale Fusion Encoder-Decoder (ACSF-ED) network to predict the action and locate the object efficiently. In the Adaptive Cross-Scale Fusion Spatio-Temporal Encoder (ACSF ST-Encoder), the Asymptotic Cross-scale Feature-fusion Module (ACCFM) is designed to address the issue of information degradation caused by the propagation of high-level semantic information, thereby extracting high-quality multi-scale features to provide superior features for subsequent spatio-temporal information modeling. Within the Shared-Head Decoder structure, a shared classification and regression detection head is constructed. A multi-constraint loss function composed of one-to-one, one-to-many, and contrastive denoising losses is designed to address the problem of insufficient constraint force in predicting results with traditional methods. This loss function enhances the accuracy of model classification predictions and improves the proximity of regression position predictions to ground truth objects. The proposed method model is evaluated on the popular dataset UCF101-24 and JHMDB-21. Experimental results demonstrate that the proposed method achieves an accuracy of 81.52% on the Frame-mAP metric, surpassing current existing methods.展开更多
Automatic analysis of student behavior in classrooms has gained importance with the rise of smart education and vision technologies.However,the limited real-time accuracy of existing methods severely constrains their ...Automatic analysis of student behavior in classrooms has gained importance with the rise of smart education and vision technologies.However,the limited real-time accuracy of existing methods severely constrains their practical classroom deployment.To address this issue of low accuracy,we propose an improved YOLOv11-based detector that integrates CARAFE upsampling,DySnakeConv,DyHead,and SMFA fusion modules.This new model for real-time classroom behavior detection captures fine-grained student behaviors with low latency.Additionally,we have developed a visualization system that presents data through intuitive dashboards.This system enables teachers to dynamically grasp classroom engagement by tracking student participation and involvement.The enhanced YOLOv11 model achieves an mAP@0.5 of 87.2%on the evaluated datasets,surpassing baseline models.This significance lies in two aspects.First,it provides a practical technical route for deployable live classroom behavior monitoring and engagement feedback systems.Second,by integrating this proposed system,educators could make data-informed and fine-grained teaching decisions,ultimately improving instructional quality and learning outcomes.展开更多
The task of detecting fraud in credit card transactions is crucial to ensure the security and stability of a financial system,as well as to enforce customer confidence in digital payment systems.Historically,credit ca...The task of detecting fraud in credit card transactions is crucial to ensure the security and stability of a financial system,as well as to enforce customer confidence in digital payment systems.Historically,credit card companies have used rulebased approaches to detect fraudulent transactions,but these have proven inadequate due to the complexity of fraud strategies and have been replaced by much more powerful solutions based on machine learning or deep learning algorithms.Despite significant progress,the current approaches to fraud detection suffer from a number of limitations:for example,it is unclear whether some transaction features are more effective than others in discriminating fraudulent transactions,and they often neglect possible correlations among transactions,even though they could reveal illicit behaviour.In this paper,we propose a novel credit card fraud detection(CCFD)method based on a transaction behaviour-based hierarchical gated network.First,we introduce a feature-oriented extraction module capable of identifying key features from original transactions,and such analysis is effective in revealing the behavioural characteristics of fraudsters.Second,we design a transaction-oriented extraction module capable of capturing the correlation between users’historical and current transactional behaviour.Such information is crucial for revealing users’sequential behaviour patterns.Our approach,called transactional-behaviour-based hierarchical gated network model(TbHGN),extracts two types of new transactional features,which are then combined in a feature interaction module to learn the final transactional representations used for CCFD.We have conducted extensive experiments on a real-world credit card transaction dataset with an increase in average F1 between 1.42%and 6.53%and an improvement in average AUC between 0.63%and 2.78%over the state of the art.展开更多
Health monitoring of electro-mechanical actuator(EMA)is critical to ensure the security of airplanes.It is difficult or even impossible to collect enough labeled failure or degradation data from actual EMA.The autoenc...Health monitoring of electro-mechanical actuator(EMA)is critical to ensure the security of airplanes.It is difficult or even impossible to collect enough labeled failure or degradation data from actual EMA.The autoencoder based on reconstruction loss is a popular model that can carry out anomaly detection with only consideration of normal training data,while it fails to capture spatio-temporal information from multivariate time series signals of multiple monitoring sensors.To mine the spatio-temporal information from multivariate time series signals,this paper proposes an attention graph stacked autoencoder for EMA anomaly detection.Firstly,attention graph con-volution is introduced into autoencoder to convolve temporal information from neighbor features to current features based on different weight attentions.Secondly,stacked autoencoder is applied to mine spatial information from those new aggregated temporal features.Finally,based on the bench-mark reconstruction loss of normal training data,different health thresholds calculated by several statistic indicators can carry out anomaly detection for new testing data.In comparison with tra-ditional stacked autoencoder,the proposed model could obtain higher fault detection rate and lower false alarm rate in EMA anomaly detection experiment.展开更多
Focusing on the sensitive behaviors of malware, such as privacy stealing and money costing, this paper proposes a new method to monitor software behaviors and detect malicious applications on Android platform. Accordi...Focusing on the sensitive behaviors of malware, such as privacy stealing and money costing, this paper proposes a new method to monitor software behaviors and detect malicious applications on Android platform. According to the theory and implementation of Android Binder interprocess communication mechanism, a prototype system that integrates behavior monitoring and intercepting, malware detection, and identification is built in this work. There are 50 different kinds of samples used in the experiment of malware detection, including 40 normal samples and 10 malicious samples. The theoretical analysis and experimental result demonstrate that this system is effective in malware detection and interception, with a true positive rate equal to 100% and a false positive rate less than 3%.展开更多
Aiming at the difficulty of unknown Trojan detection in the APT flooding situation, an improved detecting method has been proposed. The basic idea of this method originates from advanced persistent threat (APT) atta...Aiming at the difficulty of unknown Trojan detection in the APT flooding situation, an improved detecting method has been proposed. The basic idea of this method originates from advanced persistent threat (APT) attack intents: besides dealing with damaging or destroying facilities, the more essential purpose of APT attacks is to gather confidential data from target hosts by planting Trojans. Inspired by this idea and some in-depth analyses on recently happened APT attacks, five typical communication characteristics are adopted to describe application’s network behavior, with which a fine-grained classifier based on Decision Tree and Na ve Bayes is modeled. Finally, with the training of supervised machine learning approaches, the classification detection method is implemented. Compared with general methods, this method is capable of enhancing the detection and awareness capability of unknown Trojans with less resource consumption.展开更多
A new approach for abnormal behavior detection was proposed using causality analysis and sparse reconstruction. To effectively represent multiple-object behavior, low level visual features and causality features were ...A new approach for abnormal behavior detection was proposed using causality analysis and sparse reconstruction. To effectively represent multiple-object behavior, low level visual features and causality features were adopted. The low level visual features, which included trajectory shape descriptor, speeded up robust features and histograms of optical flow, were used to describe properties of individual behavior, and causality features obtained by causality analysis were introduced to depict the interaction information among a set of objects. In order to cope with feature noisy and uncertainty, a method for multiple-object anomaly detection was presented via a sparse reconstruction. The abnormality of the testing sample was decided by the sparse reconstruction cost from an atomically learned dictionary. Experiment results show the effectiveness of the proposed method in comparison with other state-of-the-art methods on the public databases for abnormal behavior detection.展开更多
In this study,we propose a low-cost system that can detect the space outlier utilization of residents in an indoor environment.We focus on the users’app usage to analyze unusual behavior,especially in indoor spaces.T...In this study,we propose a low-cost system that can detect the space outlier utilization of residents in an indoor environment.We focus on the users’app usage to analyze unusual behavior,especially in indoor spaces.This is reflected in the behavioral analysis in that the frequency of using smartphones in personal spaces has recently increased.Our system facilitates autonomous data collection from mobile app logs and Google app servers and generates a high-dimensional dataset that can detect outlier behaviors.The density-based spatial clustering of applications with noise(DBSCAN)algorithm was applied for effective singular movement analysis.To analyze high-level mobile phone usage,the t-distributed stochastic neighbor embedding(t-SNE)algorithm was employed.These two clustering algorithms can effectively detect outlier behaviors in terms of movement and app usage in indoor spaces.The experimental results showed that our system enables effective spatial behavioral analysis at a low cost when applied to logs collected in actual living spaces.Moreover,large volumes of data required for outlier detection can be easily acquired.The system can automatically detect the unusual behavior of a user in an indoor space.In particular,this study aims to reflect the recent trend of the increasing use of smartphones in indoor spaces to the behavioral analysis.展开更多
In order to enhance the accuracy of Air Traffic Control(ATC)cybersecurity attack detection,in this paper,a new clustering detection method is designed for air traffic control network security attacks.The feature set f...In order to enhance the accuracy of Air Traffic Control(ATC)cybersecurity attack detection,in this paper,a new clustering detection method is designed for air traffic control network security attacks.The feature set for ATC cybersecurity attacks is constructed by setting the feature states,adding recursive features,and determining the feature criticality.The expected information gain and entropy of the feature data are computed to determine the information gain of the feature data and reduce the interference of similar feature data.An autoencoder is introduced into the AI(artificial intelligence)algorithm to encode and decode the characteristics of ATC network security attack behavior to reduce the dimensionality of the ATC network security attack behavior data.Based on the above processing,an unsupervised learning algorithm for clustering detection of ATC network security attacks is designed.First,determine the distance between the clustering clusters of ATC network security attack behavior characteristics,calculate the clustering threshold,and construct the initial clustering center.Then,the new average value of all feature objects in each cluster is recalculated as the new cluster center.Second,it traverses all objects in a cluster of ATC network security attack behavior feature data.Finally,the cluster detection of ATC network security attack behavior is completed by the computation of objective functions.The experiment took three groups of experimental attack behavior data sets as the test object,and took the detection rate,false detection rate and recall rate as the test indicators,and selected three similar methods for comparative test.The experimental results show that the detection rate of this method is about 98%,the false positive rate is below 1%,and the recall rate is above 97%.Research shows that this method can improve the detection performance of security attacks in air traffic control network.展开更多
To improve the detection accuracy and robustness of crowd anomaly detection,especially crowd emergency evacuation detection,the abnormal crowd behavior detection method is proposed.This method is based on the improved...To improve the detection accuracy and robustness of crowd anomaly detection,especially crowd emergency evacuation detection,the abnormal crowd behavior detection method is proposed.This method is based on the improved statistical global optical flow entropy which can better describe the degree of chaos of crowd.First,the optical flow field is extracted from the video sequences and a 2D optical flow histogram is gained.Then,the improved optical flow entropy,combining information theory with statistical physics is calculated from 2D optical flow histograms.Finally,the anomaly can be detected according to the abnormality judgment formula.The experimental results show that the detection accuracy achieved over 95%in three public video datasets,which indicates that the proposed algorithm outperforms other state-of-the-art algorithms.展开更多
Abnormal behavior detection is challenging and one of the growing research areas in computer vision.The main aim of this research work is to focus on panic and escape behavior detections that occur during unexpected/u...Abnormal behavior detection is challenging and one of the growing research areas in computer vision.The main aim of this research work is to focus on panic and escape behavior detections that occur during unexpected/uncertain events.In this work,Pyramidal Lucas Kanade algorithm is optimized using EME-HOs to achieve the objective.First stage,OPLKT-EMEHOs algorithm is used to generate the opticalflow from MIIs.Second stage,the MIIs opticalflow is applied as input to 3 layer CNN for detect the abnormal crowd behavior.University of Minnesota(UMN)dataset is used to evaluate the proposed system.The experi-mental result shows that the proposed method provides better classification accu-racy by comparing with the existing methods.Proposed method provides 95.78%of precision,90.67%of recall,93.09%of f-measure and accuracy with 91.67%.展开更多
With technology constantly becoming present in people’s lives, smart homes are increasing in popularity. A smart home system controls lighting, temperature, security camera systems, and appliances. These devices and ...With technology constantly becoming present in people’s lives, smart homes are increasing in popularity. A smart home system controls lighting, temperature, security camera systems, and appliances. These devices and sensors are connected to the internet, and these devices can easily become the target of attacks. To mitigate the risk of using smart home devices, the security and privacy thereof must be artificially smart so they can adapt based on user behavior and environments. The security and privacy systems must accurately analyze all actions and predict future actions to protect the smart home system. We propose a Hybrid Intrusion Detection (HID) system using machine learning algorithms, including random forest, X gboost, decision tree, K -nearest neighbors, and misuse detection technique.展开更多
With the rapid urbanization and exponential population growth in China,two-wheeled vehicles have become a popular mode of transportation,particularly for short-distance travel.However,due to a lack of safety awareness...With the rapid urbanization and exponential population growth in China,two-wheeled vehicles have become a popular mode of transportation,particularly for short-distance travel.However,due to a lack of safety awareness,traffic violations by two-wheeled vehicle riders have become a widespread concern,contributing to urban traffic risks.Currently,significant human and material resources are being allocated to monitor and intercept non-compliant riders to ensure safe driving behavior.To enhance the safety,efficiency,and cost-effectiveness of traffic monitoring,automated detection systems based on image processing algorithms can be employed to identify traffic violations from eye-level video footage.In this study,we propose a robust detection algorithm specifically designed for two-wheeled vehicles,which serves as a fundamental step toward intelligent traffic monitoring.Our approach integrates a novel convolutional and attention mechanism to improve detection accuracy and efficiency.Additionally,we introduce a semi-supervised training strategy that leverages a large number of unlabeled images to enhance the model’s learning capability by extracting valuable background information.This method enables the model to generalize effectively to diverse urban environments and varying lighting conditions.We evaluate our proposed algorithm on a custom-built dataset,and experimental results demonstrate its superior performance,achieving an average precision(AP)of 95%and a recall(R)of 90.6%.Furthermore,the model maintains a computational efficiency of only 25.7 GFLOPs while achieving a high processing speed of 249 FPS,making it highly suitable for deployment on edge devices.Compared to existing detection methods,our approach significantly enhances the accuracy and robustness of two-wheeled vehicle identification while ensuring real-time performance.展开更多
In recent years,unmanned air vehicles(UAVs)are widely used in many military and civilian applications.With the big amount of UAVs operation in air space,the potential security and privacy problems are arising.This can...In recent years,unmanned air vehicles(UAVs)are widely used in many military and civilian applications.With the big amount of UAVs operation in air space,the potential security and privacy problems are arising.This can lead to consequent harm for critical infrastructure in the event of these UAVs being used for criminal or terrorist purposes.Therefore,it is crucial to promptly identify the suspicious behaviors from the surrounding UAVs for some important regions.In this paper,a novel fuzzy logic based UAV behavior detection system has been presented to detect the different levels of risky behaviors of the incoming UAVs.The heading velocity and region type are two input indicators proposed for the risk indicator output in the designed fuzzy logic based system.The simulation has shown the effective and feasible of the proposed algorithm in terms of recall and precision of the detection.Especially,the suspicious behavior detection algorithm can provide a recall of 0.89 and a precision of 0.95 for the high risk scenario in the simulation.展开更多
Quantification of behaviors in macaques provides crucial support for various scientific disciplines,including pharmacology,neuroscience,and ethology.Despite recent advancements in the analysis of macaque behavior,rese...Quantification of behaviors in macaques provides crucial support for various scientific disciplines,including pharmacology,neuroscience,and ethology.Despite recent advancements in the analysis of macaque behavior,research on multi-label behavior detection in socially housed macaques,including consideration of interactions among them,remains scarce.Given the lack of relevant approaches and datasets,we developed the Behavior-Aware Relation Network(BARN)for multi-label behavior detection of socially housed macaques.Our approach models the relationship of behavioral similarity between macaques,guided by a behavior-aware module and novel behavior classifier,which is suitable for multi-label classification.We also constructed a behavior dataset of rhesus macaques using ordinary RGB cameras mounted outside their cages.The dataset included 65?913 labels for19 behaviors and 60?367 proposals,including identities and locations of the macaques.Experimental results showed that BARN significantly improved the baseline SlowFast network and outperformed existing relation networks.In conclusion,we successfully achieved multilabel behavior detection of socially housed macaques with both economic efficiency and high accuracy.展开更多
A novel image sequence-based risk behavior detection method to achieve high-precision risk behavior detection for power maintenance personnel is proposed in this paper.In this method,the original image sequence data i...A novel image sequence-based risk behavior detection method to achieve high-precision risk behavior detection for power maintenance personnel is proposed in this paper.In this method,the original image sequence data is first separated from the foreground and background.Then,the free anchor frame detection method is used in the foreground image to detect the personnel and correct their direction.Finally,human posture nodes are extracted from each frame of the image sequence,which are then used to identify the abnormal behavior of the human.Simulation experiment results demonstrate that the proposed algorithm has significant advantages in terms of the accuracy of human posture node detection and risk behavior identification.展开更多
Undoubtedly,uncooperative or malicious nodes threaten the safety of Internet of Vehicles(IoV)by destroying routing or data.To this end,some researchers have designed some node detection mechanisms and trust calculatin...Undoubtedly,uncooperative or malicious nodes threaten the safety of Internet of Vehicles(IoV)by destroying routing or data.To this end,some researchers have designed some node detection mechanisms and trust calculating algorithms based on some different feature parameters of IoV such as communication,data,energy,etc.,to detect and evaluate vehicle nodes.However,it is difficult to effectively assess the trust level of a vehicle node only by message forwarding,data consistency,and energy sufficiency.In order to resolve these problems,a novel mechanism and a new trust calculating model is proposed in this paper.First,the four tuple method is adopted,to qualitatively describing various types of nodes of IoV;Second,analyzing the behavioral features and correlation of various nodes based on route forwarding rate,data forwarding rate and physical location;third,designing double layer detection feature parameters with the ability to detect uncooperative nodes and malicious nodes;fourth,establishing a node correlative detection model with a double layer structure by combining the network layer and the perception layer.Accordingly,we conducted simulation experiments to verify the accuracy and time of this detection method under different speed-rate topological conditions of IoV.The results show that comparing with methods which only considers energy or communication parameters,the method proposed in this paper has obvious advantages in the detection of uncooperative and malicious nodes of IoV;especially,with the double detection feature parameters and node correlative detection model combined,detection accuracy is effectively improved,and the calculation time of node detection is largely reduced.展开更多
The cumulative sum (CUSUM) algorithm is proposed to detect the selfish behavior of a node in a wireless ad hoc network. By tracing the statistics characteristic of the backoff time between successful transmissions, ...The cumulative sum (CUSUM) algorithm is proposed to detect the selfish behavior of a node in a wireless ad hoc network. By tracing the statistics characteristic of the backoff time between successful transmissions, a wireless node can distinguish if there is a selfish behavior in the wireless network. The detection efficiency is validated using a Qualnet simulator. An IEEE 802.11 wireless ad hoc network with 20 senders and 20 receivers spreading out randomly in a given area is evaluated. The well-behaved senders use minimum contention window size of 32 and maximum con- tention window size of I 024, and the selfish nodes are assumed not to use the binary exponential strategy for which the contention window sizes are both fixed as 16. The transmission radius of all nodes is 250 m. Two scenarios are investigated: a single-hop network with nodes spreading out in 100 m^100 m, and all the nodes are in the range of each other; and a multi-hop network with nodes spreading out in 1 000 m~ 1 000 m. The node can monitor the backoff time from all the other nodes and run the detection algorithms over those samples. It is noted that the threshold can significantly affect the detection time and the detection accuracy. For a given threshold of 0.3 s, the false alarm rates and the missed alarm rates are less than 5%. The detection delay is less than 1.0 s. The simulation results show that the algorithm has short detection time and high detection accuracy.展开更多
基金supported by the Nuclear Safety Research Program through Korea Foundation of Nuclear Safety(KoFONS)using the financial resource granted by the Nuclear Safety and Security Commission(NSSC)of the Republic of Korea(Grant number:2106061,50%)supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(RS-2025-25394739,Development of Security Enhancement Technology for Industrial Control Systems Based on S/HBOM Supply Chain Protection,50%).
文摘With the continuous expansion of digital infrastructures,malicious behaviors in host systems have become increasingly sophisticated,often spanning multiple processes and employing obfuscation techniques to evade detection.Audit logs,such as Sysmon,offer valuable insights;however,existing approaches typically flatten event sequences or rely on generic graph models,thereby discarding the natural parent-child process hierarchy that is critical for analyzing multiprocess attacks.This paper proposes a structure-aware threat detection framework that transforms audit logs into a unified two-dimensional(2D)spatio-temporal representation,where process hierarchy is modeled as the spatial axis and event chronology as the temporal axis.In addition,entropy-based features are incorporated to robustly capture obfuscated and non-linguistic strings,overcoming the limitations of semantic embeddings.The model’s performance was evaluated on publicly available datasets,achieving competitive results with an accuracy exceeding 95%and an F1-score of at least 0.94.The proposed approach provides a promising and reproducible solution for detecting attacks with unknown indicators of compromise(IoCs)by analyzing the relationships and behaviors of processes recorded in large-scale audit logs.
基金supported by National Natural Science Foundation of China(Nos.62477026,62177029,61807020)Humanities and Social Sciences Research Program of the Ministry of Education of China(No.23YJAZH047)the Startup Foundation for Introducing Talent of Nanjing University of Posts and Communications under Grant NY222034.
文摘As Deepfake technology continues to evolve,the distinction between real and fake content becomes increasingly blurred.Most existing Deepfake video detectionmethods rely on single-frame facial image features,which limits their ability to capture temporal differences between frames.Current methods also exhibit limited generalization capabilities,struggling to detect content generated by unknown forgery algorithms.Moreover,the diversity and complexity of forgery techniques introduced by Artificial Intelligence Generated Content(AIGC)present significant challenges for traditional detection frameworks,whichmust balance high detection accuracy with robust performance.To address these challenges,we propose a novel Deepfake detection framework that combines a two-stream convolutional network with a Vision Transformer(ViT)module to enhance spatio-temporal feature representation.The ViT model extracts spatial features from the forged video,while the 3D convolutional network captures temporal features.The 3D convolution enables cross-frame feature extraction,allowing the model to detect subtle facial changes between frames.The confidence scores from both the ViT and 3D convolution submodels are fused at the decision layer,enabling themodel to effectively handle unknown forgery techniques.Focusing on Deepfake videos and GAN-generated images,the proposed approach is evaluated on two widely used public face forgery datasets.Compared to existing state-of-theartmethods,it achieves higher detection accuracy and better generalization performance,offering a robust solution for deepfake detection in real-world scenarios.
基金support for this work was supported by Key Lab of Intelligent and Green Flexographic Printing under Grant ZBKT202301.
文摘Current spatio-temporal action detection methods lack sufficient capabilities in extracting and comprehending spatio-temporal information. This paper introduces an end-to-end Adaptive Cross-Scale Fusion Encoder-Decoder (ACSF-ED) network to predict the action and locate the object efficiently. In the Adaptive Cross-Scale Fusion Spatio-Temporal Encoder (ACSF ST-Encoder), the Asymptotic Cross-scale Feature-fusion Module (ACCFM) is designed to address the issue of information degradation caused by the propagation of high-level semantic information, thereby extracting high-quality multi-scale features to provide superior features for subsequent spatio-temporal information modeling. Within the Shared-Head Decoder structure, a shared classification and regression detection head is constructed. A multi-constraint loss function composed of one-to-one, one-to-many, and contrastive denoising losses is designed to address the problem of insufficient constraint force in predicting results with traditional methods. This loss function enhances the accuracy of model classification predictions and improves the proximity of regression position predictions to ground truth objects. The proposed method model is evaluated on the popular dataset UCF101-24 and JHMDB-21. Experimental results demonstrate that the proposed method achieves an accuracy of 81.52% on the Frame-mAP metric, surpassing current existing methods.
文摘Automatic analysis of student behavior in classrooms has gained importance with the rise of smart education and vision technologies.However,the limited real-time accuracy of existing methods severely constrains their practical classroom deployment.To address this issue of low accuracy,we propose an improved YOLOv11-based detector that integrates CARAFE upsampling,DySnakeConv,DyHead,and SMFA fusion modules.This new model for real-time classroom behavior detection captures fine-grained student behaviors with low latency.Additionally,we have developed a visualization system that presents data through intuitive dashboards.This system enables teachers to dynamically grasp classroom engagement by tracking student participation and involvement.The enhanced YOLOv11 model achieves an mAP@0.5 of 87.2%on the evaluated datasets,surpassing baseline models.This significance lies in two aspects.First,it provides a practical technical route for deployable live classroom behavior monitoring and engagement feedback systems.Second,by integrating this proposed system,educators could make data-informed and fine-grained teaching decisions,ultimately improving instructional quality and learning outcomes.
基金supported in part by the National Natural Science Foundation of China(61972241)the Natural Science Foundation of Shanghai(24ZR1427500,22ZR1427100)+1 种基金the Key Projects of Natural Science Research in Anhui Higher Education Institutions(2022AH051909)Bengbu University 2021 High-Level Scientific Research and Cultivation Project(2021pyxm04).
文摘The task of detecting fraud in credit card transactions is crucial to ensure the security and stability of a financial system,as well as to enforce customer confidence in digital payment systems.Historically,credit card companies have used rulebased approaches to detect fraudulent transactions,but these have proven inadequate due to the complexity of fraud strategies and have been replaced by much more powerful solutions based on machine learning or deep learning algorithms.Despite significant progress,the current approaches to fraud detection suffer from a number of limitations:for example,it is unclear whether some transaction features are more effective than others in discriminating fraudulent transactions,and they often neglect possible correlations among transactions,even though they could reveal illicit behaviour.In this paper,we propose a novel credit card fraud detection(CCFD)method based on a transaction behaviour-based hierarchical gated network.First,we introduce a feature-oriented extraction module capable of identifying key features from original transactions,and such analysis is effective in revealing the behavioural characteristics of fraudsters.Second,we design a transaction-oriented extraction module capable of capturing the correlation between users’historical and current transactional behaviour.Such information is crucial for revealing users’sequential behaviour patterns.Our approach,called transactional-behaviour-based hierarchical gated network model(TbHGN),extracts two types of new transactional features,which are then combined in a feature interaction module to learn the final transactional representations used for CCFD.We have conducted extensive experiments on a real-world credit card transaction dataset with an increase in average F1 between 1.42%and 6.53%and an improvement in average AUC between 0.63%and 2.78%over the state of the art.
基金supported by the National Natural Science Foundation of China (No.52075349)the National Natural Science Foundation of China (No.62303335)+1 种基金the Postdoctoral Researcher Program of China (No.GZC20231779)the Natural Science Foundation of Sichuan Province (No.2022NSFSC1942).
文摘Health monitoring of electro-mechanical actuator(EMA)is critical to ensure the security of airplanes.It is difficult or even impossible to collect enough labeled failure or degradation data from actual EMA.The autoencoder based on reconstruction loss is a popular model that can carry out anomaly detection with only consideration of normal training data,while it fails to capture spatio-temporal information from multivariate time series signals of multiple monitoring sensors.To mine the spatio-temporal information from multivariate time series signals,this paper proposes an attention graph stacked autoencoder for EMA anomaly detection.Firstly,attention graph con-volution is introduced into autoencoder to convolve temporal information from neighbor features to current features based on different weight attentions.Secondly,stacked autoencoder is applied to mine spatial information from those new aggregated temporal features.Finally,based on the bench-mark reconstruction loss of normal training data,different health thresholds calculated by several statistic indicators can carry out anomaly detection for new testing data.In comparison with tra-ditional stacked autoencoder,the proposed model could obtain higher fault detection rate and lower false alarm rate in EMA anomaly detection experiment.
基金Supported by the National Natural Science Foundation of China(61103220)the Fundamental Research Funds for the Central Universities (6082013)+1 种基金the National Natural Science Foundation of Hubei(2011CDB456)Chenguang Program(2012710367)
文摘Focusing on the sensitive behaviors of malware, such as privacy stealing and money costing, this paper proposes a new method to monitor software behaviors and detect malicious applications on Android platform. According to the theory and implementation of Android Binder interprocess communication mechanism, a prototype system that integrates behavior monitoring and intercepting, malware detection, and identification is built in this work. There are 50 different kinds of samples used in the experiment of malware detection, including 40 normal samples and 10 malicious samples. The theoretical analysis and experimental result demonstrate that this system is effective in malware detection and interception, with a true positive rate equal to 100% and a false positive rate less than 3%.
基金Supported by the National Natural Science Foundation of China (61202387, 61103220)Major Projects of National Science and Technology of China(2010ZX03006-001-01)+3 种基金Doctoral Fund of Ministry of Education of China (2012014110002)China Postdoctoral Science Foundation (2012M510641)Hubei Province Natural Science Foundation (2011CDB456)Wuhan Chenguang Plan Project(2012710367)
文摘Aiming at the difficulty of unknown Trojan detection in the APT flooding situation, an improved detecting method has been proposed. The basic idea of this method originates from advanced persistent threat (APT) attack intents: besides dealing with damaging or destroying facilities, the more essential purpose of APT attacks is to gather confidential data from target hosts by planting Trojans. Inspired by this idea and some in-depth analyses on recently happened APT attacks, five typical communication characteristics are adopted to describe application’s network behavior, with which a fine-grained classifier based on Decision Tree and Na ve Bayes is modeled. Finally, with the training of supervised machine learning approaches, the classification detection method is implemented. Compared with general methods, this method is capable of enhancing the detection and awareness capability of unknown Trojans with less resource consumption.
基金Project(50808025) supported by the National Natural Science Foundation of ChinaProject(20090162110057) supported by the Doctoral Fund of Ministry of Education,China
文摘A new approach for abnormal behavior detection was proposed using causality analysis and sparse reconstruction. To effectively represent multiple-object behavior, low level visual features and causality features were adopted. The low level visual features, which included trajectory shape descriptor, speeded up robust features and histograms of optical flow, were used to describe properties of individual behavior, and causality features obtained by causality analysis were introduced to depict the interaction information among a set of objects. In order to cope with feature noisy and uncertainty, a method for multiple-object anomaly detection was presented via a sparse reconstruction. The abnormality of the testing sample was decided by the sparse reconstruction cost from an atomically learned dictionary. Experiment results show the effectiveness of the proposed method in comparison with other state-of-the-art methods on the public databases for abnormal behavior detection.
文摘In this study,we propose a low-cost system that can detect the space outlier utilization of residents in an indoor environment.We focus on the users’app usage to analyze unusual behavior,especially in indoor spaces.This is reflected in the behavioral analysis in that the frequency of using smartphones in personal spaces has recently increased.Our system facilitates autonomous data collection from mobile app logs and Google app servers and generates a high-dimensional dataset that can detect outlier behaviors.The density-based spatial clustering of applications with noise(DBSCAN)algorithm was applied for effective singular movement analysis.To analyze high-level mobile phone usage,the t-distributed stochastic neighbor embedding(t-SNE)algorithm was employed.These two clustering algorithms can effectively detect outlier behaviors in terms of movement and app usage in indoor spaces.The experimental results showed that our system enables effective spatial behavioral analysis at a low cost when applied to logs collected in actual living spaces.Moreover,large volumes of data required for outlier detection can be easily acquired.The system can automatically detect the unusual behavior of a user in an indoor space.In particular,this study aims to reflect the recent trend of the increasing use of smartphones in indoor spaces to the behavioral analysis.
基金National Natural Science Foundation of China(U2133208,U20A20161)National Natural Science Foundation of China(No.62273244)Sichuan Science and Technology Program(No.2022YFG0180).
文摘In order to enhance the accuracy of Air Traffic Control(ATC)cybersecurity attack detection,in this paper,a new clustering detection method is designed for air traffic control network security attacks.The feature set for ATC cybersecurity attacks is constructed by setting the feature states,adding recursive features,and determining the feature criticality.The expected information gain and entropy of the feature data are computed to determine the information gain of the feature data and reduce the interference of similar feature data.An autoencoder is introduced into the AI(artificial intelligence)algorithm to encode and decode the characteristics of ATC network security attack behavior to reduce the dimensionality of the ATC network security attack behavior data.Based on the above processing,an unsupervised learning algorithm for clustering detection of ATC network security attacks is designed.First,determine the distance between the clustering clusters of ATC network security attack behavior characteristics,calculate the clustering threshold,and construct the initial clustering center.Then,the new average value of all feature objects in each cluster is recalculated as the new cluster center.Second,it traverses all objects in a cluster of ATC network security attack behavior feature data.Finally,the cluster detection of ATC network security attack behavior is completed by the computation of objective functions.The experiment took three groups of experimental attack behavior data sets as the test object,and took the detection rate,false detection rate and recall rate as the test indicators,and selected three similar methods for comparative test.The experimental results show that the detection rate of this method is about 98%,the false positive rate is below 1%,and the recall rate is above 97%.Research shows that this method can improve the detection performance of security attacks in air traffic control network.
基金National Natural Science Foundation of China(61701029)。
文摘To improve the detection accuracy and robustness of crowd anomaly detection,especially crowd emergency evacuation detection,the abnormal crowd behavior detection method is proposed.This method is based on the improved statistical global optical flow entropy which can better describe the degree of chaos of crowd.First,the optical flow field is extracted from the video sequences and a 2D optical flow histogram is gained.Then,the improved optical flow entropy,combining information theory with statistical physics is calculated from 2D optical flow histograms.Finally,the anomaly can be detected according to the abnormality judgment formula.The experimental results show that the detection accuracy achieved over 95%in three public video datasets,which indicates that the proposed algorithm outperforms other state-of-the-art algorithms.
文摘Abnormal behavior detection is challenging and one of the growing research areas in computer vision.The main aim of this research work is to focus on panic and escape behavior detections that occur during unexpected/uncertain events.In this work,Pyramidal Lucas Kanade algorithm is optimized using EME-HOs to achieve the objective.First stage,OPLKT-EMEHOs algorithm is used to generate the opticalflow from MIIs.Second stage,the MIIs opticalflow is applied as input to 3 layer CNN for detect the abnormal crowd behavior.University of Minnesota(UMN)dataset is used to evaluate the proposed system.The experi-mental result shows that the proposed method provides better classification accu-racy by comparing with the existing methods.Proposed method provides 95.78%of precision,90.67%of recall,93.09%of f-measure and accuracy with 91.67%.
文摘With technology constantly becoming present in people’s lives, smart homes are increasing in popularity. A smart home system controls lighting, temperature, security camera systems, and appliances. These devices and sensors are connected to the internet, and these devices can easily become the target of attacks. To mitigate the risk of using smart home devices, the security and privacy thereof must be artificially smart so they can adapt based on user behavior and environments. The security and privacy systems must accurately analyze all actions and predict future actions to protect the smart home system. We propose a Hybrid Intrusion Detection (HID) system using machine learning algorithms, including random forest, X gboost, decision tree, K -nearest neighbors, and misuse detection technique.
基金supported by the Natural Science Foundation Project of Fujian Province,China(Grant No.2023J011439 and No.2019J01859).
文摘With the rapid urbanization and exponential population growth in China,two-wheeled vehicles have become a popular mode of transportation,particularly for short-distance travel.However,due to a lack of safety awareness,traffic violations by two-wheeled vehicle riders have become a widespread concern,contributing to urban traffic risks.Currently,significant human and material resources are being allocated to monitor and intercept non-compliant riders to ensure safe driving behavior.To enhance the safety,efficiency,and cost-effectiveness of traffic monitoring,automated detection systems based on image processing algorithms can be employed to identify traffic violations from eye-level video footage.In this study,we propose a robust detection algorithm specifically designed for two-wheeled vehicles,which serves as a fundamental step toward intelligent traffic monitoring.Our approach integrates a novel convolutional and attention mechanism to improve detection accuracy and efficiency.Additionally,we introduce a semi-supervised training strategy that leverages a large number of unlabeled images to enhance the model’s learning capability by extracting valuable background information.This method enables the model to generalize effectively to diverse urban environments and varying lighting conditions.We evaluate our proposed algorithm on a custom-built dataset,and experimental results demonstrate its superior performance,achieving an average precision(AP)of 95%and a recall(R)of 90.6%.Furthermore,the model maintains a computational efficiency of only 25.7 GFLOPs while achieving a high processing speed of 249 FPS,making it highly suitable for deployment on edge devices.Compared to existing detection methods,our approach significantly enhances the accuracy and robustness of two-wheeled vehicle identification while ensuring real-time performance.
基金supported by the Fundamental Research Funds for the Central Universities(No.NJ20160015)
文摘In recent years,unmanned air vehicles(UAVs)are widely used in many military and civilian applications.With the big amount of UAVs operation in air space,the potential security and privacy problems are arising.This can lead to consequent harm for critical infrastructure in the event of these UAVs being used for criminal or terrorist purposes.Therefore,it is crucial to promptly identify the suspicious behaviors from the surrounding UAVs for some important regions.In this paper,a novel fuzzy logic based UAV behavior detection system has been presented to detect the different levels of risky behaviors of the incoming UAVs.The heading velocity and region type are two input indicators proposed for the risk indicator output in the designed fuzzy logic based system.The simulation has shown the effective and feasible of the proposed algorithm in terms of recall and precision of the detection.Especially,the suspicious behavior detection algorithm can provide a recall of 0.89 and a precision of 0.95 for the high risk scenario in the simulation.
基金supported by the Major Project of the National Natural Science Foundation of China (82090051,81871442)Outstanding Member Project of Youth Innovation Promotion Association of the Chinese Academy of Sciences (Y201930)。
文摘Quantification of behaviors in macaques provides crucial support for various scientific disciplines,including pharmacology,neuroscience,and ethology.Despite recent advancements in the analysis of macaque behavior,research on multi-label behavior detection in socially housed macaques,including consideration of interactions among them,remains scarce.Given the lack of relevant approaches and datasets,we developed the Behavior-Aware Relation Network(BARN)for multi-label behavior detection of socially housed macaques.Our approach models the relationship of behavioral similarity between macaques,guided by a behavior-aware module and novel behavior classifier,which is suitable for multi-label classification.We also constructed a behavior dataset of rhesus macaques using ordinary RGB cameras mounted outside their cages.The dataset included 65?913 labels for19 behaviors and 60?367 proposals,including identities and locations of the macaques.Experimental results showed that BARN significantly improved the baseline SlowFast network and outperformed existing relation networks.In conclusion,we successfully achieved multilabel behavior detection of socially housed macaques with both economic efficiency and high accuracy.
基金supported by the project“Research and application of key technologies of safe production management and control of substation operation and maintenance based on video semantic analysis”(5700-202133259A-0-0-00)of the State Grid Corporation of China.
文摘A novel image sequence-based risk behavior detection method to achieve high-precision risk behavior detection for power maintenance personnel is proposed in this paper.In this method,the original image sequence data is first separated from the foreground and background.Then,the free anchor frame detection method is used in the foreground image to detect the personnel and correct their direction.Finally,human posture nodes are extracted from each frame of the image sequence,which are then used to identify the abnormal behavior of the human.Simulation experiment results demonstrate that the proposed algorithm has significant advantages in terms of the accuracy of human posture node detection and risk behavior identification.
基金This research is supported by the National Natural Science Foundations of China under Grants Nos.61862040,61762060 and 61762059The authors gratefully acknowledge the anonymous reviewers for their helpful comments and suggestions.
文摘Undoubtedly,uncooperative or malicious nodes threaten the safety of Internet of Vehicles(IoV)by destroying routing or data.To this end,some researchers have designed some node detection mechanisms and trust calculating algorithms based on some different feature parameters of IoV such as communication,data,energy,etc.,to detect and evaluate vehicle nodes.However,it is difficult to effectively assess the trust level of a vehicle node only by message forwarding,data consistency,and energy sufficiency.In order to resolve these problems,a novel mechanism and a new trust calculating model is proposed in this paper.First,the four tuple method is adopted,to qualitatively describing various types of nodes of IoV;Second,analyzing the behavioral features and correlation of various nodes based on route forwarding rate,data forwarding rate and physical location;third,designing double layer detection feature parameters with the ability to detect uncooperative nodes and malicious nodes;fourth,establishing a node correlative detection model with a double layer structure by combining the network layer and the perception layer.Accordingly,we conducted simulation experiments to verify the accuracy and time of this detection method under different speed-rate topological conditions of IoV.The results show that comparing with methods which only considers energy or communication parameters,the method proposed in this paper has obvious advantages in the detection of uncooperative and malicious nodes of IoV;especially,with the double detection feature parameters and node correlative detection model combined,detection accuracy is effectively improved,and the calculation time of node detection is largely reduced.
基金Supported by National Natural Science Foundation of China (No. 60702038)National High Technology Research and Development Program of China ("863"Program, No. 2007AA01Z220)Cultivation Fund of Innovation Project,Ministry of Education of China (No. 708024)
文摘The cumulative sum (CUSUM) algorithm is proposed to detect the selfish behavior of a node in a wireless ad hoc network. By tracing the statistics characteristic of the backoff time between successful transmissions, a wireless node can distinguish if there is a selfish behavior in the wireless network. The detection efficiency is validated using a Qualnet simulator. An IEEE 802.11 wireless ad hoc network with 20 senders and 20 receivers spreading out randomly in a given area is evaluated. The well-behaved senders use minimum contention window size of 32 and maximum con- tention window size of I 024, and the selfish nodes are assumed not to use the binary exponential strategy for which the contention window sizes are both fixed as 16. The transmission radius of all nodes is 250 m. Two scenarios are investigated: a single-hop network with nodes spreading out in 100 m^100 m, and all the nodes are in the range of each other; and a multi-hop network with nodes spreading out in 1 000 m~ 1 000 m. The node can monitor the backoff time from all the other nodes and run the detection algorithms over those samples. It is noted that the threshold can significantly affect the detection time and the detection accuracy. For a given threshold of 0.3 s, the false alarm rates and the missed alarm rates are less than 5%. The detection delay is less than 1.0 s. The simulation results show that the algorithm has short detection time and high detection accuracy.
