his.sePublications
Change search
Link to record
Permanent link

Direct link
BETA
Brax, Christoffer
Publications (10 of 16) Show all publications
Jiang, Y., Ding, J., Atif, Y., Jeusfeld, M., Andler, S., Lindström, B., . . . Haglund, D. (2018). Complex Dependencies Analysis: Technical Description of Complex Dependencies in Critical Infrastructures, i.e. Smart Grids. Work Package 2.1 of the ELVIRA Project. Skövde: University of Skövde
Open this publication in new window or tab >>Complex Dependencies Analysis: Technical Description of Complex Dependencies in Critical Infrastructures, i.e. Smart Grids. Work Package 2.1 of the ELVIRA Project
Show others...
2018 (English)Report (Other academic)
Abstract [en]

This document reports a technical description of ELVIRA project results obtained as part of Work-package 2.1 entitled “Complex Dependencies Analysis”. In this technical report, we review attempts in recent researches where connections are regarded as influencing factors to  IT systems monitoring critical infrastructure, based on which potential dependencies and resulting disturbances are identified and categorized. Each kind of dependence has been discussed based on our own entity based model. Among those dependencies, logical and functional connections have been analysed with more details on modelling and simulation techniques.

Place, publisher, year, edition, pages
Skövde: University of Skövde, 2018. p. 22
Series
IKI Technical Reports ; HS-IIT-TR-18-003
Keywords
Dependencies, Interdependencies, Modelling and Simulation, Influence Factors
National Category
Computer and Information Sciences Embedded Systems
Research subject
Distributed Real-Time Systems; Information Systems
Identifiers
urn:nbn:se:his:diva-15114 (URN)
Projects
ELVIRA
Note

This is a technical report related to the ELVIRA project www.his.se/elvira

Available from: 2018-05-02 Created: 2018-05-02 Last updated: 2018-05-29Bibliographically approved
Atif, Y., Jiang, Y., Lindström, B., Ding, J., Jeusfeld, M., Andler, S., . . . Haglund, D. (2018). Multi-agent Systems for Power Grid Monitoring: Technical report for Package 4.1 of ELVIRA project. Skövde: University of Skövde
Open this publication in new window or tab >>Multi-agent Systems for Power Grid Monitoring: Technical report for Package 4.1 of ELVIRA project
Show others...
2018 (English)Report (Other academic)
Abstract [en]

This document reports a technical description of ELVIRA project results obtained as part of Work- package 4.1 entitled “Multi-agent systems for power Grid monitoring”. ELVIRA project is a collaboration between researchers in School of IT at University of Skövde and Combitech Technical Consulting Company in Sweden, with the aim to design, develop and test a testbed simulator for critical infrastructures cybersecurity. This report outlines intelligent approaches that continuously analyze data flows generated by Supervisory Control And Data Acquisition (SCADA) systems, which monitor contemporary power grid infrastructures. However, cybersecurity threats and security mechanisms cannot be analyzed and tested on actual systems, and thus testbed simulators are necessary to assess vulnerabilities and evaluate the infrastructure resilience against cyberattacks. This report suggests an agent-based model to simulate SCADA- like cyber-components behaviour when facing cyber-infection in order to experiment and test intelligent mitigation mechanisms. 

Place, publisher, year, edition, pages
Skövde: University of Skövde, 2018. p. 16
Series
IKI Technical Reports ; HS-IIT-TR-18-002
Keywords
Smart grid security, Agent model, Multi-agent system
National Category
Computer and Information Sciences
Research subject
Distributed Real-Time Systems; Information Systems
Identifiers
urn:nbn:se:his:diva-15111 (URN)
Projects
Elvira project funded by EU Internal Security Fund (ISF) A431.678-2016
Available from: 2018-05-02 Created: 2018-05-02 Last updated: 2018-05-29Bibliographically approved
Atif, Y., Ding, J., Lindström, B., Jeusfeld, M., Andler, S. F., Yuning, J., . . . Gustavsson, P. M. (2017). Cyber-Threat Intelligence Architecture for Smart-Grid Critical Infrastructures Protection. In: : . Paper presented at The International Conference on Critical Information Infrastructures Security, CRITIS 2017, Lucca, Italy, October 8-13, 2017.
Open this publication in new window or tab >>Cyber-Threat Intelligence Architecture for Smart-Grid Critical Infrastructures Protection
Show others...
2017 (English)Conference paper, Poster (with or without abstract) (Refereed)
Abstract [en]

Critical infrastructures (CIs) are becoming increasingly sophisticated with embedded cyber-physical systems (CPSs) that provide managerial automation and autonomic controls. Yet these advances expose CI components to new cyber-threats, leading to a chain of dysfunctionalities with catastrophic socio-economical implications. We propose a comprehensive architectural model to support the development of incident management tools that provide situation-awareness and cyber-threats intelligence for CI protection, with a special focus on smart-grid CI. The goal is to unleash forensic data from CPS-based CIs to perform some predictive analytics. In doing so, we use some AI (Artificial Intelligence) paradigms for both data collection, threat detection, and cascade-effects prediction. 

Keywords
critical infrastructures, cyber-threat, situation awareness, smart-grid, machine-learning, artificial intelligence, multi-agent systems
National Category
Computer Sciences Embedded Systems Energy Systems Remote Sensing Infrastructure Engineering
Research subject
Distributed Real-Time Systems; Information Systems
Identifiers
urn:nbn:se:his:diva-14516 (URN)
Conference
The International Conference on Critical Information Infrastructures Security, CRITIS 2017, Lucca, Italy, October 8-13, 2017
Projects
ELVIRA
Available from: 2017-11-28 Created: 2017-11-28 Last updated: 2018-02-01Bibliographically approved
Brax, C. & Dahlbom, A. (2012). A Study of Anomaly Detection in Data from Urban Sensor Networks. In: Vicenç Torra, Yasuo Narukawa, Beatriz López, Mateu Villaret (Ed.), Modeling Decisions for Artificial Intelligence: 9th International Conference, MDAI 2012, Girona, Catalonia, Spain, November 21-23, 2012. Proceedings. Paper presented at 9th International Conference on Modeling Decisions for Artificial Intelligence, MDAI 2012; Girona, Catalonia; 21 November 2012 through 23 November 2012 (pp. 185-196). Springer Berlin/Heidelberg
Open this publication in new window or tab >>A Study of Anomaly Detection in Data from Urban Sensor Networks
2012 (English)In: Modeling Decisions for Artificial Intelligence: 9th International Conference, MDAI 2012, Girona, Catalonia, Spain, November 21-23, 2012. Proceedings / [ed] Vicenç Torra, Yasuo Narukawa, Beatriz López, Mateu Villaret, Springer Berlin/Heidelberg, 2012, p. 185-196Conference paper, Published paper (Refereed)
Abstract [en]

In many sensor systems used in urban environments, the amount of data produced can be vast. To aid operators of such systems, high-level information fusion can be used for automatically analyzing the surveillance information. In this paper an anomaly detection approach for finding areas with traffic patterns that deviate from what is considered normal is evaluated. The use of such approaches could help operators in identifying areas with an increased risk for ambushes  or improvised explosive devices (IEDs).

Place, publisher, year, edition, pages
Springer Berlin/Heidelberg, 2012
Series
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), ISSN 0302-9743 ; 7647 LNAI
Keywords
Anomaly detection, decision support, traffic flow analysis
National Category
Computer and Information Sciences
Research subject
Technology
Identifiers
urn:nbn:se:his:diva-6920 (URN)10.1007/978-3-642-34620-0_18 (DOI)2-s2.0-84869487128 (Scopus ID)978-3-642-34169-4 (ISBN)978-3-642-34620-0 (ISBN)
Conference
9th International Conference on Modeling Decisions for Artificial Intelligence, MDAI 2012; Girona, Catalonia; 21 November 2012 through 23 November 2012
Available from: 2012-12-17 Created: 2012-12-17 Last updated: 2018-01-11Bibliographically approved
Brax, C. (2011). Anomaly Detection in the Surveillance Domain. (Doctoral dissertation). Örebro universitet
Open this publication in new window or tab >>Anomaly Detection in the Surveillance Domain
2011 (English)Doctoral thesis, monograph (Other academic)
Abstract [en]

In the post September 11 era, the demand for security has increased in virtually all parts of the society. The need for increased security originates from the emergence of new threats which differ from the traditional ones in such a way that they cannot be easily defined and are sometimes unknown or hidden in the “noise” of daily life.

When the threats are known and definable, methods based on situation recognition can be used find them. However, when the threats are hard or impossible to define, other approaches must be used. One such approach is data-driven anomaly detection, where a model of normalcy is built and used to find anomalies, that is, things that do not fit the normal model. Anomaly detection has been identified as one of many enabling technologies for increasing security in the society.

In this thesis, the problem of how to detect anomalies in the surveillance domain is studied. This is done by a characterisation of the surveillance domain and a literature review that identifies a number of weaknesses in previous anomaly detection methods used in the surveillance domain. Examples of identified weaknesses include: the handling of contextual information, the inclusion of expert knowledge and the handling of joint attributes. Based on the findings from this study, a new anomaly detection method is proposed. The proposed method is evaluated with respect to detection performance and computational cost on a number datasets, recorded from real-world sensors, in different application areas of the surveillance domain. Additionally, the method is also compared to two other commonly used anomaly detection methods. Finally, the method is evaluated on a dataset with anomalies developed together with maritime subject matter experts. The conclusion of the thesis is that the proposed method has a number of strengths compared to previous methods and is suitable foruse in operative maritime command and control systems.

Place, publisher, year, edition, pages
Örebro universitet, 2011. p. 208
Series
Örebro Studies in Technology, ISSN 1650-8580 ; 50
Keywords
Anomaly Detection, Information Fusion, Visual Surveillance, Maritime Domain Awareness
National Category
Computer and Information Sciences
Research subject
Technology
Identifiers
urn:nbn:se:his:diva-5684 (URN)978-91-7668-810-6 (ISBN)
Available from: 2012-08-20 Created: 2012-04-04 Last updated: 2018-01-12Bibliographically approved
Brax, C., Karlsson, A., Andler, S. F., Johansson, R. & Niklasson, L. (2010). Evaluating Precise and Imprecise State-Based Anomaly Detectors for Maritime Surveillance. In: Proceedings of the 13th International Conference on Information Fusion. Paper presented at 13th Conference on Information Fusion, Fusion 2010; Edinburgh; 26 July 2010 through 29 July 2010 (pp. Article number 5711997). IEEE conference proceedings
Open this publication in new window or tab >>Evaluating Precise and Imprecise State-Based Anomaly Detectors for Maritime Surveillance
Show others...
2010 (English)In: Proceedings of the 13th International Conference on Information Fusion, IEEE conference proceedings, 2010, p. Article number 5711997-Conference paper, Published paper (Refereed)
Abstract [en]

We extend the State-Based Anomaly Detection approach by introducing precise and imprecise anomaly detectors using the Bayesian and credal combination operators, where evidences over time are combined into a joint evidence. We use imprecision in order to represent the sensitivity of the classification regarding an object being  normal or anomalous. We evaluate the detectors on a real-world maritime dataset containing recorded AIS data and show that the anomaly detectors outperform   previously proposed detectors based on Gaussian mixture models and kernel density estimators. We also show that our introduced anomaly detectors perform slightly better than the State-Based Anomaly Detection approach with a sliding window.

Place, publisher, year, edition, pages
IEEE conference proceedings, 2010
Keywords
Anomaly detection, maritime surveillance, Bayesian combination operator, credal combination opr
National Category
Computer and Information Sciences
Research subject
Technology
Identifiers
urn:nbn:se:his:diva-4636 (URN)2-s2.0-79952419500 (Scopus ID)978-1-9824438-1-1 (ISBN)
Conference
13th Conference on Information Fusion, Fusion 2010; Edinburgh; 26 July 2010 through 29 July 2010
Available from: 2011-01-25 Created: 2011-01-25 Last updated: 2018-01-12Bibliographically approved
Brax, C. & Niklasson, L. (2009). An approach for increased supply chain security by using automatic detection of anomalous vehicle behavior. In: CD-ROM Proceedings of the 6th International Conference on Modeling Decisions for Artificial Intelligence (MDAI 2009): . Paper presented at 6th International Conference, MDAI 2009, Awaji Island, Japan, November 30–December 2, 2009 (pp. 165-176).
Open this publication in new window or tab >>An approach for increased supply chain security by using automatic detection of anomalous vehicle behavior
2009 (English)In: CD-ROM Proceedings of the 6th International Conference on Modeling Decisions for Artificial Intelligence (MDAI 2009), 2009, p. 165-176Conference paper, Published paper (Refereed)
Abstract [en]

In recent years, the development of low-cost GPS transceivers has made it possible to equip all trucks in a fleet with equipment for automatically reporting the status of the trucks to a fleet management system. The downside is that the huge amount of information that is gathered must be evaluated in real-time by an operator. We propose the use of a data-driven anomaly detection algorithm that learns "normal" vehicle behaviour and detects anomalous behaviour such as smuggling, accidents and hijacking, The algorithm is evaluated on real-world data from trucks and commuters equipped with GPS transceivers. The results give initial support to the claim that anomaly detection based on statistical learning can be used to support human descision making. This ability can increase supply chain security by alerting an operator on anomalous vehicle behaviour.

Keywords
Anomaly detection, Decision support system, Situation awareness, Statistical learning
National Category
Computer and Information Sciences
Research subject
Technology
Identifiers
urn:nbn:se:his:diva-3535 (URN)978-84-00-08851-4 (ISBN)
Conference
6th International Conference, MDAI 2009, Awaji Island, Japan, November 30–December 2, 2009
Available from: 2010-01-04 Created: 2010-01-04 Last updated: 2018-01-12Bibliographically approved
Brax, C., Niklasson, L. & Laxhammar, R. (2009). An ensemble approach for increased anomaly detection performance in video surveillance data. In: Proceedings of the 12th International Conference on Information Fusion (FUSION 2009), Seattle, Washington, USA, 6–9 July 2009: . Paper presented at Fusion 2009 : the 12th International Conference on Information Fusion : Grand Hyatt Seattle, Seattle, Washington, USA, 6-9 July, 2009 (pp. 694-701). IEEE conference proceedings
Open this publication in new window or tab >>An ensemble approach for increased anomaly detection performance in video surveillance data
2009 (English)In: Proceedings of the 12th International Conference on Information Fusion (FUSION 2009), Seattle, Washington, USA, 6–9 July 2009, IEEE conference proceedings, 2009, p. 694-701Conference paper, Published paper (Refereed)
Abstract [en]

The increased societal need for surveillance and the decrease in cost of sensors have led to a number of new challenges. The problem is not to collect data but to use it effectively for decision support. Manual interpretation of huge amounts of data in real-time is not feasible; the operator of a surveillance system needs support to analyze and understand all incoming data. In this paper an approach to intelligent video surveillance is presented, with emphasis on finding behavioural anomalies. Two different anomaly detection methods are compared and combined. The results show that it is possible to best increase the total detection performance by combining two different anomaly detectors rather than employing them independently.

 

Place, publisher, year, edition, pages
IEEE conference proceedings, 2009
Keywords
anomaly detection, classifier fusion, CCTV, video content analysis, behaviour classification
National Category
Computer Sciences
Research subject
Technology
Identifiers
urn:nbn:se:his:diva-3413 (URN)000273560000090 ()2-s2.0-70449359707 (Scopus ID)978-0-9824438-0-4 (ISBN)
Conference
Fusion 2009 : the 12th International Conference on Information Fusion : Grand Hyatt Seattle, Seattle, Washington, USA, 6-9 July, 2009
Available from: 2009-10-09 Created: 2009-10-09 Last updated: 2018-01-13Bibliographically approved
Brax, C. & Niklasson, L. (2009). Enhanced situational Awareness in the Maritime Domain: An Agent-based Approach for Situation Management. In: Stephen Mott, John F Buford, Gabriel Jakobson (Ed.), Intelligent Sensing, Situation Management, Impact Assessment, and Cyber-Sensing: Proceedings of SPIE Defense, Security, and Sensing 2009. Paper presented at Intelligent sensing, situation management, impact assessment, and cyber-sensing : 15-17 April 2009, Orlando, Florida, United States (pp. Aticle ID 735203). SPIE Press
Open this publication in new window or tab >>Enhanced situational Awareness in the Maritime Domain: An Agent-based Approach for Situation Management
2009 (English)In: Intelligent Sensing, Situation Management, Impact Assessment, and Cyber-Sensing: Proceedings of SPIE Defense, Security, and Sensing 2009 / [ed] Stephen Mott, John F Buford, Gabriel Jakobson, SPIE Press , 2009, p. Aticle ID 735203-Conference paper, Published paper (Refereed)
Abstract [en]

Maritime Domain Awareness is important for both civilian and military applications. An important part of MDA is detection of unusual vessel activities such as piracy, smuggling, poaching, collisions, etc. Today's interconnected sensorsystems provide us with huge amounts of information over large geographical areas which can make the operators reach their cognitive capacity and start to miss important events. We propose and agent-based situation management system that automatically analyse sensor information to detect unusual activity and anomalies. The system combines knowledge-based detection with data-driven anomaly detection. The system is evaluated using information from both radar and AIS sensors.

Place, publisher, year, edition, pages
SPIE Press, 2009
Series
Proceedings of SPIE--the International Society for Optical Engineering ; v. 7352.
Keywords
Situation Management, Maritime Domain Awareness, Anomaly Detection, Situation Awareness
National Category
Computer and Information Sciences
Research subject
Technology
Identifiers
urn:nbn:se:his:diva-3217 (URN)10.1117/12.818477 (DOI)2-s2.0-69849092712 (Scopus ID)9780819476180 (ISBN)
Conference
Intelligent sensing, situation management, impact assessment, and cyber-sensing : 15-17 April 2009, Orlando, Florida, United States
Available from: 2009-06-26 Created: 2009-06-26 Last updated: 2018-01-13Bibliographically approved
Fooladvandi, F., Brax, C., Gustavsson, P. & Fredin, M. (2009). Signature-based activity detection based on Bayesian networks acquired from expert knowledge. In: Proceedings of the 12th International Conference on Information Fusion (FUSION 2009): . Paper presented at Fusion 2009 : the 12th International Conference on Information Fusion : Grand Hyatt Seattle, Seattle, Washington, USA, 6-9 July, 2009 (pp. 436-443). ISIF
Open this publication in new window or tab >>Signature-based activity detection based on Bayesian networks acquired from expert knowledge
2009 (English)In: Proceedings of the 12th International Conference on Information Fusion (FUSION 2009), ISIF , 2009, p. 436-443Conference paper, Published paper (Refereed)
Abstract [en]

 

The maritime industry is experiencing one of its longest and fastest periods of growth. Hence, the global maritime surveillance capacity is in a great need of growth as well. The detection of vessel activity is an important objective of the civil security domain. Detecting vessel activity may become problematic if audit data is uncertain. This paper aims to investigate if Bayesian networks acquired from expert knowledge can detect activities with a signature-based detection approach. For this, a maritime pilot-boat scenario has been identified with a domain expert. Each of the scenario’s activities has been divided up into signatures where each signature relates to a specific Bayesian network information node. The signatures were implemented to find evidences for the Bayesian network information nodes. AIS-data with real world observations have been used for testing, which have shown that it is possible to detect the maritime pilot-boat scenario based on the taken approach.

 

Place, publisher, year, edition, pages
ISIF, 2009
Keywords
Signature-based detection, Bayesian networks, Knowledge elicitation, Maritime situation awareness, Information fusion
National Category
Computer and Information Sciences
Research subject
Technology
Identifiers
urn:nbn:se:his:diva-3414 (URN)000273560000057 ()2-s2.0-70449356773 (Scopus ID)978-0-9824438-0-4 (ISBN)
Conference
Fusion 2009 : the 12th International Conference on Information Fusion : Grand Hyatt Seattle, Seattle, Washington, USA, 6-9 July, 2009
Available from: 2009-10-09 Created: 2009-10-09 Last updated: 2018-01-13Bibliographically approved
Organisations

Search in DiVA

Show all publications