Saudi Cultural Missions Theses & Dissertations

Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10

Browse

Has files: YesSubject: search.filters.subject.Anomaly Detection

Search Results

Now showing 1 - 8 of 8
  • No Thumbnail Available
    ItemRestricted
    An Innovative Reputation System for Trustworthy and Secure Vehicle-to-Vehicle Communication
    (University of Nottingham, 2025) Amani, Dimah; Furnell, Steven; Muller, Tim
    Vehicular Ad Hoc Networks (VANETs) are a promising technology that ensures secure and efficient transportation by allowing vehicles to seamlessly communicate with each other and with infrastructure to share real-time information and make better decisions while travelling. However, determining which information is accurate under certain circumstances, such as in the event of an accident, may become challenging when receiving messages from multiple nearby vehicles. Therefore, trusting these messages requires a reliable and secure system to guard against insider attackers, who may intentionally send misleading information, particularly in scenarios without extensive Roadside Units (RSUs) to mediate these exchanges. Existing standards, such as the Security Credential Management System (SCMS), supply vehicles with pseudonym certificates to meet security and privacy requirements. However, this system has difficulties ensuring that the revoked certificates are updated in regions with limited connectivity access. In order to solve this issue, this research proposes a novel reputation system to maximize the chance of making an accurate decision based on the received messages. This builds upon existing standards and specifications to integrate an innovative Pre Signature scheme for effective reputation dissemination. The Pre-Signature scheme enables vehicles to assess dynamically and rely on the most trustworthy information available, even in challenging and limited environments. The research develops realistic simulations of 24-hour rural scenarios to replicate real-time communication challenges. The simulation work also includes accident and malicious attack scenarios, thus giving a wide-ranging performance evaluation of the Pre-Signature scheme under typical infrastructural constraints. The results revealed a significant enhancement in decision-making accuracy with conflicting information, achieving an improvement ranging from 36% in Accidents and 44.4% in No-Accident scenarios in a rural environment compared to the existing certification system. Finally, a new reporting scheme, Distributed Reputation for Accurate Vehicle Misbehaviour Reporting (DRAMBR), is proposed to improve reporting efficiency in disconnected areas by effectively mitigating false reports while distinguishing between honest reporters, system errors and malicious behaviours. Experimental results indicate that the DRAMBR system achieves 98% effectiveness in distinguishing between behaviours, highlighting its overall performance. The contribution of the thesis is related to the development of VANETs, in particular, to improve the reliability and efficiency of V2V communications in critical areas, enabling safer, more secure, and efficient transport networks.
    16 0
  • No Thumbnail Available
    ItemRestricted
    Credit Card Fraud Prediction Using Machine Learning Model
    (University of Essex, 2024-08) Alanazi, Mohammed; Walton, Michael
    The widespread adoption of credit cards has significantly increased the frequency of fraudulent activities. This has resulted in considerable financial losses for both consumers and financial institutions. As the use of credit cards continues to grow, the challenge of protecting transactions against unauthorized access has become more serious than ever. This research focuses on creating a solution using machine learning to accurately and effectively identify fraudulent credit card transactions. It addresses the issue of uneven transaction data by employing advanced methods such as logistic regression, XGBoost, LightGBM, and a hybrid model. The research involves thorough data preparation, model development, and careful assessment using measures “such as accuracy, precision, recall, F1 score, and ROC AUC”. This research leverages sophisticated machine learning techniques and tackles the specific challenges associated with imbalanced data. The study aims to significantly enhance the detection of fraudulent transactions while reducing false positives. The ultimate goal is to boost the security of financial systems, thus providing better protection against fraud, and to improve trust and reliability in credit card transactions.
    57 0
  • No Thumbnail Available
    ItemRestricted
    Utilizing Data Analytics for Fraud Detection and Prevention in Online Banking Systems of Saudi Arabia
    (University of Portsmouth, 2024-09) Almotairy, Yazeed; Jiacheng, Tan
    This thesis addresses the critical issues of online banking and online banking fraud in Saudi Arabia. The thesis focusses on the older methodologies of the online banking systems in Saudi Arabia. The frauds are discussed in detail that are occurring in the online banking systems and are causing inconvenience to the users and account holders of the online banks and applications. In this thesis, online banking frauds are discussed thoroughly, and the traditional fraud detection methods are elaborated as well. The vulnerabilities in the current systems are explored. It discusses how the older systems are not performing well and why the new system encompasses the power of data analytics and machine learning. The methods proposed use a set of data analytics and machine learning algorithms and techniques to detect fraud or any fraudulent activity that a scammer or fraudster may perform. The results of this study explain how the proposed system can outperform the traditional methodologies being used in Saudi Arabian online banking systems. The proposed system can also enhance the user experience. The possible privacy and ethical concerns are also discussed. In the end, it is also discussed what the future prospects are for the researchers who are looking to enhance this research or want to work in the field of data analytics and machine learning to improve the security of the security of online banking applications. In conclusion, this thesis not only contributes to the body of knowledge on online banking frauds in Saudi Arabia and their detection but also features future research topics for new researchers.
    51 0
  • Thumbnail Image
    ItemRestricted
    SMART AUTHENTICATION MECHANISMS: UTILIZING BIG DATA FOR DYNAMIC AND PERSONALIZED SECURITY SOLUTIONS
    (The University of Western Ontario, 2024-08-25) Abu Sulayman, Iman; Ouda, Abdelkader
    The exponential growth of digital data is revolutionizing information security and reshaping defense strategies against unknown threats. Organizations are amassing vast amounts of personal data, collectively termed ”Big Data,” from various sources like social media, online transactions, and GPS signals. This surge in data presents new research challenges in information security, prompting organizations to leverage big data analytics for valuable insights within secure environments. As a result, organizations are redesigning network security protocols to effectively manage the characteristics of big data. While traditional research focuses on authenticating users to protect big data environments, an alternative perspective emerges: utilizing big data to raise a new generation of authentication mechanisms to safeguard other environments. To this end, we developed novel security solutions that harness big data analytics to generate unique patterns of users’ dynamic behaviors, enabling the design of smart knowledge-based authentication mechanisms to fulfill the requirements of the new era of the digital world. These solutions include three main modules. ”Data Security-based Analytics (DSA),” the first module, develops an innovative data transformation model. The model adapts big data’s characteristics to relevant human dynamic measures. The second module, known as ”Big Data Driven Authentication (BDA),” includes the Security User Profiles (SUP) creation model, which is responsible for identifying patterns in DSA’s output and then uses said patterns to detect legitimate but anomalous activity from the user and assemble a security profile about the user. BDA also includes another model, known as Just-in-time Human Dynamics-Based Authentication Engine (JitHDA), which uses the user’s security profiles to dynamically create secure challenge questions in real-time that derive from the user’s recent behavior. The third module describes the development of a novel “Big Data-Driven Authentication as a Service (AUTHaaS)” model. AUTHaaS is an authentication mechanism that is powered by SUP and JitHDA technologies to offer authentication services on the cloud. Another model in AUTHaaS is ”iAuth,” which is an integration framework for authentication services. We developed this model to offer a unified interface that enables collaboration and interoperability among various AUTHaaS service providers. Additionally, we have developed an algorithm-based data generation (ADG) engine that is capable of processing synthetic user data. We designed ADG to accommodate dual-mode user behavioral data, encompassing both normal and abnormal instances. More importantly, the engine does not necessitate an initial dataset or data distribution and serves as the dataset source for the DSA model as it generates data from five different application domains.
    7 0
  • Thumbnail Image
    ItemRestricted
    Machine Learning (ML) Technologies
    (John Jay College of Criminal Justice, 2024-04-03) Alanazi, Mosa; Seferaj, Gentiana
    Integrating Machine Learning (ML) technologies into physical security has ignited significant discourse within scholarly circles, focusing on identifying specific ML technologies currently employed and elucidating their tangible outcomes. This integration occurs against a rapidly evolving technological landscape, encompassing advancements such as cloud computing, 5G wireless technology, real-time Internet of Things (IoT) data, surveillance cameras fortified with biometric technologies, and predictive data analytics. Collectively, these innovations augment the transformative potential of ML within security frameworks, ranging from sophisticated video analytics facilitating advanced threat detection to predictive algorithms aiding in comprehensive risk assessment. Moreover, the seamless fusion of disparate data streams and the capability to extract actionable insights in real-time present profound implications for the future trajectory of security protocols, heralding a paradigm shift in the conceptualization, implementation, and Student No: 10001 Page 2 of 14 Comprehensive Exam/Project ̶̶̶ Spring24 Department of Security, Fire and Emergency Management maintenance of physical security measures. This study endeavors to delve into the specifics of ML technologies currently operationalized in physical security contexts, scrutinize the tangible outcomes they yield, and forecast how these trends will shape the future security landscape— additionally, strategic recommendations aimed at optimizing the efficacy of ML-driven security solutions in safeguarding physical environments.
    133 0
  • Thumbnail Image
    ItemRestricted
    Towards Effective and Adaptive Anomalybased Intrusion Detection Methods for Industrial Network Systems
    (RMIT University, 2024-04-18) Alsaedi, Abdullah; Tari, Zahir
    Modern Industrial Network Systems, characterised by the integration of Cyber-Physical Systems (CPSs) and the Internet of Things (IoT), are at the forefront of technological progress in Industry 4.0. They enable advanced automation, data exchange, and system monitoring on a global scale. However, these advancements also increase their vulnerability to cyber threats, particularly to targeted attacks launched by adversaries with high motivation and domain knowledge. These attacks aim to cause significant damage to the physical operation of critical infrastructures. The direct impact of these systems on physical processes means that compromises can lead to severe equipment damage, environmental disruptions, and even loss of human life. Hence, securing these systems requires advanced, robust, and adaptive cybersecurity measures. Anomaly-based Intrusion Detection Systems (IDSs) are crucial for securing IT systems but often fail to fully protect Industrial Network Systems against targeted attacks. Traditional IDSs cannot monitor the physical operations integral to these systems, making it vital to develop detection methods to oversee physical activities, as attacks may impact these operations. Current detection methods face challenges, including a lack of comprehensive benchmark datasets for modern industrial setups and difficulties adapting to the dynamic nature of industrial environments. This underscores the urgent need for research to address these significant issues. This thesis addresses the critical challenges of securing modern Industrial Network Systems, given their growing prevalence and the increasing sophistication of cyber threats. The primary aim is to develop innovative, advanced anomaly-based intrusion detection methods specifically tailored to these systems. These methods aim to identify targeted attacks that subtly alter system behaviour while evading detection. The emphasis is on real-time monitoring of multi-sensor measurements to identify threats in large-scale, evolving data streams, thus preventing significant damage to the physical infrastructure and protecting it from emerging threats. This research will tackle four significant research challenges. The first involves creating a representative benchmark dataset for evaluating intrusion detection solutions in Industrial Network Systems, addressing the lack of existing datasets that capture the specific nuances of these systems. The subsequent three challenges will focus on developing a set of effective, robust and adaptive IDS solutions. Collectively, these solutions aim to address the primary objectives of this research, thereby achieving its overall aim. First, practical evaluation of anomaly-based intrusion detection methods tailored to Industrial Network Systems hinges on the availability of datasets that accurately reflect real-world systems dynamics. Such datasets are essential for assessing the accuracy and effectiveness of security solutions. However, there is a notable lack of such datasets, which often miss critical elements like sensor measurement data. To address this, this research introduces the TON_IoT dataset, a comprehensive compilation of telemetry data, operating system logs, and network traffic designed to reflect the complexity of modern Cyber-Physical Systems (CPSs) and the Internet of Things (IoT). Unlike existing datasets, TON_IoT integrates sensor measurement data crucial for identifying sophisticated, subtle cyber threats, thus serving as an invaluable resource for the research community. It aids in understanding CPS/IoT vulnerabilities and promotes advanced intrusion detection solutions suitable for the evolving threats in Industry 4.0. Second, with the proliferation of embedded sensors in modern industrial infrastructure, these systems produce a vast volume of multi-sensor data that hold valuable insights about their operational dynamics for anomaly-based intrusion detection tasks. However, capturing these insights is challenging due to the inherent complexities, temporal intricacies, and inherent noise. Existing detection methods struggle with these issues, leading to security inefficiencies within the systems they aim to protect. Addressing this challenge, this research introduces the UnSupervised Misbehaviour Detection (USMD) method, a novel unsupervised and model-free anomaly-based intrusion detection method tailored for multi-sensor industrial data. USMD consists of a robust Unified Learner Network and a misbehaviour detector, leveraging an innovative deep learning-based method to effectively learn and represent normal system behaviour for anomaly detection. Evaluated against state-of-the-art methods, USMD demonstrates superior performance, underscoring its potential as an effective solution for securing complex and noisy industrial environments. Thirdly, modern Industrial Network Systems are dynamic environments where changes such as environmental shifts cause unpredictable variations in operational/measurement data, leading to concept drift. This drift significantly impacts the accuracy and reliability of Machine Learning (ML)-based security measures in these systems, potentially leading to diminished effectiveness in anomaly detection and response capabilities. To tackle this, this research presents ReActive concept Drift mAnagement with Robust variational inference (RADAR), a novel unsupervised framework designed explicitly for evolving and high-dimensional data streams. RADAR addresses uncertainties and temporal dependencies in measurement data, significantly improving the dynamic adaptation of ML models to changing data statistics. At the heart of RADAR lies the innovative use of two main methods: temporal discrepancy measure, and intensity-aware analyser. Collectively, these methods enable RADAR to determine the effective adaptation decision to ensure sustained accuracy and reliability of ML-based analytics and security solutions. Experiments conducted using synthetic and real-world datasets demonstrate that RADAR outperforms other benchmarks with the best F-score of 0.86 and obtains efficient runtime, offering a reactive, robust solution to manage concept drift in critical industrial operations. Lastly, the primary challenge in intrusion detection is the ability to adapt to evolving “normal” behaviour, especially in the face of concept drift. Current methods struggle with this in dynamic environments, leading to decreased sensitivity and specificity in intrusion alerts due to issues like self-poisoning and catastrophic forgetting in real-time systems. Addressing these challenges, this research introduces the Robust and adaptive Deviation detection for StreAming and Dynamic Sensor Data (RDSAD) method. RDSAD is specifically designed to overcome the challenges of concept drift, self-poisoning, and catastrophic forgetting in real-time monitoring of high-dimensional measurement data. It features two novel components: Dynamic Deviation Recognition (DDR) for accurate deviation detection, and Drift-aware Model Adaptation (DMA) for incremental updates, maintaining historical knowledge. RDSAD has shown excellent performance in anomaly detection, achieving an AUC of 0.90 and efficient runtime with large data streams, offering a robust, efficient solution for real-time anomaly detection and enhanced cybersecurity in industrial environments.
    39 0
  • Thumbnail Image
    ItemRestricted
    Anomaly Detection in Face Anti-spoofing: Algorithms, Training Set Construction, and Bias Analysis
    (Durham University, 2023-12-07) Abduh, Latifah Abdullah A; Lvrissimtzis, Loannis
    Face recognition is a mature and trustworthy method for identifying individuals. Thanks to the availability of high-definition cameras and accompanying devices, this particular biometric recognition modality is widely regarded as the fastest and least obtrusive option. Despite advancements in face recognition systems, it has been discovered that successful spoofing attempts are still possible. Various anti-spoofing algorithms, also known in the literature as liveness detection tests and presentation attack detection algorithms, have been devised to counteract such attacks. The first contribution of this research is to demonstrate the effectiveness of certain simple and direct spoofing attacks. Our approach involves utilizing ResNet50, a highly reliable deep neural network, as a binary classification method. We assess its performance by subjecting it to adversarial attacks that involve manipulating the saturation component of imposter images. We have found that it is particularly vulnerable to spoofing attacks that employ processed imposter images. To the best of our knowledge, this study represents the pioneering exploration of adversarial attacks on deep neural networks within the realm of face anti-spoofing detection. In addition, we conducted an experiment that revealed the potential of the proposed adversarial attack to be converted into a direct presentation attack. In a second contribution, we propose an alternative approach incorporating in the- wild images and non-specialised databases into anomaly detection to improve the face anti-spoofing algorithm’s performance on unseen databases. We developed a method for detecting anomalies in face anti-spoofing by employing a convolutional autoencoder. We assessed its effectiveness using the NUAA database, which had not been previously utilized in the training. Our results indicated improved performance when incorporating in-the-wild face images and face data from nonspecialized databases into the training dataset. Transformers are emerging as the new gold standard in various computer vision applications and have already been used in face anti-spoofing, demonstrating competitive performance. In a third contribution, we propose a network with the ViT transformer and ResNet18 as the backbone for anomaly detection in face anti-spoofing with a decoder as the head. Then, we validate various anomaly detectors to compare the results with our proposed method. Also, using the ViT with MLP as a binary classifier baseline and compare it with our model. Our comprehensive testing and evaluation have demonstrated that this proposed approach competes admirably as a method for detecting anomalies in the domain of face anti-spoofing. Finally, there are only a few papers that specifically address the issue of racial bias in anti-spoofing. As a fourth contribution, we present a systematic study of race bias in face anti-spoofing with three key characteristics: the focus is on analysing potential bias in bona fide errors, where significant ethical and legal issues lie; analyses of various stages of the classification process, and treating the value of the threshold that determines the classifier’s operating point on the ROC curve as a user-defined variable. We do not assume it is fixed by the vendor of the biometric verification system through a black-box process. To the best of our knowledge, this is the first investigation into racial bias within the face anti-spoofing domain that employs anomaly detection techniques while also incorporating a non-specialized database for analysis. Our results show that racial bias in face anti-spoofing is influenced by factors beyond mean response values, such as different variances, bimodality, and outliers. Overall, this thesis contributes to the ongoing development of anti-spoofing techniques and investigates some important issues regarding the potential for bias in these systems.
    10 0
  • Thumbnail Image
    ItemRestricted
    Physics and AI-Driven Anomaly Detection in Cyber-Physical Systems
    (Saudi Digital Library, 2023) Alotibi, Faris; Tipper, David
    Organizations across various sectors are moving rapidly to digitization. Multiple applications in cyber-physical systems (CPSs) emerged from interconnectivity such as smart cities, autonomous vehicles, and smart grids, utilizing advanced capabilities of the Internet of Things (IoTs), cloud computing, and machine learning. Interconnectivity also becomes a critical component in industrial systems such as smart manufacturing, smart oil, and gas distribution grid, smart electric power grid, etc. These critical infrastructures and systems rely on industrial IoT and learning-enabled components to handle the uncertainty and variability of the environment and increase autonomy in making effective operational decisions. The prosperity and benefits of systems interconnectivity demand the fulfillment of functional requirements such as interoperability of communication and technology, efficiency and reliability, and real-time communication. Systems need to integrate with various communication technologies and standards, process and analyze shared data efficiently, ensure the integrity and accuracy of exchanged data, and execute their processes with tolerable delay. This creates new attack vectors targeting both physical and cyber components. Protection of systems interconnection and validation of communicated data against cyber and physical attacks become critical due to the consequences of disruption attacks pose to critical systems. In this dissertation, we tackle one of the prominent attacks in the CPS space, namely the false data injection attack (FDIA). FDIA is an attack executed to maliciously influence decisions, that is CPSs operational decisions such as opening a valve, changing wind turbine configurations, charging/discharging energy storage system batteries, or coordinating autonomous vehicles driving. We focus on the development of anomaly detection techniques to protect CPSs from this emerging threat. The anomaly detection mechanisms leverage both physics of CPSs and AI to improve their detection capability as well as the CPSs' ability to mitigate the impact of FDIA on their operations.
    51 0

Copyright owned by the Saudi Digital Library (SDL) © 2025