Automatic human behaviour anomaly detection in surveillance video

Leach, Michael Jeremy Vincent

January 2015

This thesis work focusses upon developing the capability to automatically evaluate and detect anomalies in human behaviour from surveillance video. We work with static monocular cameras in crowded urban surveillance scenarios, particularly air- ports and commercial shopping areas. Typically a person is 100 to 200 pixels high in a scene ranging from 10 - 20 meters width and depth, populated by 5 to 40 peo- ple at any given time. Our procedure evaluates human behaviour unobtrusively to determine outlying behavioural events, agging abnormal events to the operator. In order to achieve automatic human behaviour anomaly detection we address the challenge of interpreting behaviour within the context of the social and physical environment. We develop and evaluate a process for measuring social connectivity between individuals in a scene using motion and visual attention features. To do this we use mutual information and Euclidean distance to build a social similarity matrix which encodes the social connection strength between any two individuals. We de- velop a second contextual basis which acts by segmenting a surveillance environment into behaviourally homogeneous subregions which represent high tra c slow regions and queuing areas. We model the heterogeneous scene in homogeneous subgroups using both contextual elements. We bring the social contextual information, the scene context, the motion, and visual attention features together to demonstrate a novel human behaviour anomaly detection process which nds outlier behaviour from a short sequence of video. The method, Nearest Neighbour Ranked Outlier Clusters (NN-RCO), is based upon modelling behaviour as a time independent se- quence of behaviour events, can be trained in advance or set upon a single sequence. We nd that in a crowded scene the application of Mutual Information-based social context permits the ability to prevent self-justifying groups and propagate anomalies in a social network, granting a greater anomaly detection capability. Scene context uniformly improves the detection of anomalies in all the datasets we test upon. We additionally demonstrate that our work is applicable to other data domains. We demonstrate upon the Automatic Identi cation Signal data in the maritime domain. Our work is capable of identifying abnormal shipping behaviour using joint motion dependency as analogous for social connectivity, and similarly segmenting the shipping environment into homogeneous regions.

005.8

Implementation of onboard watermarking for satellite images

Chikouche, A.

January 2004

Digital representation of data has many advantages over analogue formats; however these advantages present serious problems of copyright violation, illegal copying and distribution. Consequently, protection for multimedia distribution against piracy is needed. A part of the solution is to use a watermark indicating content owner or distribution route, which is transparently and robustly embedded into the material. The thesis presents work addressing specific issues of concern for satellite images. These include complexity of implementation and reversibility of the insertion as well as the obvious robustness issues. Methods have been defined and tested to reduce the complexity of finding appropriate insertion positions in DCT-based watermarking. However, to further reduce the implementation complexity, the final selected method is based on the fast Hadamard transform which has been shown to be suitable and robust. In addition, using predefined positions of insertion, the reversibility property is achieved. Finally, the hardware implementation of the above method is described; the simulations have proven that the hardware design has delivered the same functionality as the software algorithm. Most important is that we have demonstrated the feasibility of performing real time watermarking onboard satellites, using reconfigurable logic devices. The first hardware watermarking design for onboard micro satellite imaging system is presented. The design can be run at 50 Megapixels/second which will ensure the real time processing of the watermarking process with accordance of the process flow of the data handling payload.

005.8

VMX-rootkit : implementing malware with hardware virtual machine extensions

Esoul, O.

January 2008

Stealth Malware (Rootkit) is a malicious software used by attackers who wish to run their code on a compromised computer without being detected. Over the years, rootkits have targeted different operating systems and have used different techniques and mechanisms to avoid detection. In late 2005 and early 2006, both, Intel™ and AMD™ incorporated explicit hardware support for virtualization into their CPUs. While this hardware support can help simplify the design and the implementation of a light-weight and efficient Virtual Machine Monitors (VMMs), this technology has introduced a new powerful mechanism that can be used by malware to create extremely stealthy rootkit called hardware-assisted virtual machine rootkit (HVM rootkit). An HVM rootkit is capable of totally controlling a compromised system by installing a small VMM (a.k.a. hyper- visor) underneath the operating system and its applications without altering any part of the target operating system or any part of its applications. It places the existing operating system into a virtual machine and turns it into a guest operating system on-the-fly without a reboot. The guest operating system is then totally governed and manipulated by the malicious hypervisor. In this thesis I have investigated the design and implementation of a minimal hypervisor based Rootkit that takes advantage of Intel Visualization Technology (Intel VT) for the IA-32 architecture (VT-x) and Microsoft Windows XP SP2 as the target operating system.

005.8

A CSP approach to the analysis of security protocols

Hui, Mei Lin

January 2001

Security protocols involve an exchange of messages in order to achieve a goal such as authentication of a user or secrecy of a session key. Many established protocols have been found to be flawed using protocol analysis techniques. In this thesis we will be extending current CSP-based protocol modelling techniques. Recent techniques for analyzing security protocols have tended to concentrate upon the small protocols that are typically found in the academic literature. However, there is a huge gulf between these and most large commercial protocols. As a result, existing techniques are difficult to apply directly to these large protocols. In this thesis we develop the notion of safe simplifying transformations: transformations that have the property of preserving insecurities; the effect of such transformations is that if we can verify the transformed protocol, then we will have verified the original protocol. We identify a number of safe simplifying transformations, and use them in the analysis of two commercial protocols, the CyberCash Main Sequence protocol and SET. We extend the CSP-based analysis technique to model the property of non-repudiation and give a formal generalized definition. Our definition of non-repudiation is tested against our two case studies. Another property we model is that of key compromise: the reuse of a compromised session key that might lead to an authentication or secrecy attack. We look at how to model the intruder learning the value of a key and then using it in an attack. We apply this technique to our case studies, looking for key compromise attacks using the session keys.

005.8

A fair and anonymous e-commerce scheme : for smart card and terminal implementations

Zhang, Qing

January 2008

No description available.

005.8

Quantum key exchange and mutually unbiased bases

Shah, Illana

January 2008

No description available.

005.8

Enforcing complex policies in RBAC

Khambhammettu, Hemanth

January 2010

No description available.

005.8

Algorithmic algebraic techniques and their application to block cipher cryptanalysis

Albrecht, Martin

January 2010

No description available.

005.8

Persuasive password security

Weirich, Dirk

January 2006

An organization that gives users access to computing resources via a password mechanism needs to ensure that they perform certain secure behaviours if it wants those resources to be protected adequately. The research problem this thesis seeks to address is the question of how the likelihood of users performing these behaviours can be increased when some of those behaviours can neither be enforced nor monitored adequately. The primary substantive contribution of the thesis is a grounded theory model of the process users go through when choosing password-related behaviours in the absence of any organizational efforts to influence this choice. The model is subsequently extended to incorporate the effect on user behaviour of password regulations and their associated punishment regimes. The thesis then presents a discourse-analytic investigation of the interpretative repertoires users draw on to describe aspects of password security, and of the effect of those repertoires on users' password practices. This investigation also shows that users might at times structure their discourse about password security issues in a manner that makes it possible for them to justify malpractice. The use of discourse analysis to investigate these issues is a methodological contribution to the field of human-computer interaction. The opportunistic use of quantitative data that had been collected prior to a re-conceptualisation of the research approach is used to examine the extent to which users violate password regulations. An analysis of all the qualitative data collected allows a first insight into the specific insecure behaviours that users choose in particular situations. Persuasive password security, an integration of all these findings into an applicable approach to improving user behaviour, is presented, and specific recommendations on how to improve users' password practices in organizations are made.

005.8

Preserving individual privacy in context-aware ubiquitous computing environments : an intelligent and distributed agent technology for context-dependent privacy control

Zhang, Ni (Jenny)

January 2008

Context-aware computing aims to take advantage of contextual knowledge to make decisions about how to dynamically provide services or adapt to meet user requirements. A tradeoff exists between preserving individual privacy and disclosing information to benefit from rich and interesting services. Although privacy issues have been recognized as a great barrier to the adoption and a long-term success of the context-aware computing, an extensive literature review conducted by the author has indicated that only a small subset of the privacy needs and challenges have been moderately addressed, and demand for adequate privacy protection in the context-aware paradigm is significant. This doctoral work introduces a distributed privacy protection model to tackle the challenges and overcome the limitations of existing solutions, and proposes an intelligent agent technology to facilitate a relatively unobtrusive user participation in controlling the disclosure of their sensitive information. It aims at addressing two key concerns of preserving privacy in context-aware ubiquitous computing environments: privacy feedback (i.e. notifying individuals of relevant information disclosure) and privacy management (i.e. allowing individuals to express their privacy preferences and manage their privacy levels). The proposal of the intelligent privacy agent is characterized by developing automated privacy preference mechanisms to enforce privacy control in response to context changes. More specifically, the author has developed a Privacy Policy/Preference Language to facilitate a common understanding of privacy requirements, and has exploited ontology-based methods to enable semantic policy analysis of context-dependent privacy preferences. A proof-of-concept implementation using Web Service technologies demonstrates that the proposed privacy solution can be deployed to achieve interoperability across system platforms and devices, and is scalable to the global Internet Quantatitive performance evaluations are conducted to validate the novel approaches of using hybrid reasoning mechanisms to perform the task of semantic privacy policy evaluation, preference conflict and redundancy detection, and context perception.

005.8