Analysis of a quantitative behavioral assessment program to identify and treat abnormal behaviors in captive primates

Martin, Allison L.

27 May 2016

Facilities housing non-human primates are required to make provisions for their psychological wellbeing, which may include monitoring animals for signs of decreased wellbeing such as the presence of abnormal behaviors or alopecia. By analyzing archival behavioral data collected by the Behavior Management Unit at the Yerkes National Primate Research Center (YNPRC), I aimed to identify behavioral predictors of self-wounding and alopecia and to evaluate the effectiveness of current treatments in reducing abnormal behavior and alopecia in rhesus macaques (Macaca mulatta). The behaviors of self-biting and hair plucking (conditional logistic regression, p < .05) as well as floating limb and self-oral behaviors (Mantel-Haenszel chi-square tests, p < .05) were identified as behavioral predictors of self-wounding. Fear behaviors were associated with an increased risk of developing alopecia (Mantel-Haenszel chi square, p < .05). An inverse relationship was found between alopecia and stereotypic locomotor behaviors such as pacing, with animals who displayed these behaviors being less likely to develop significant hair loss (conditional logistic regression, p < .05). Overall, the type of treatment provided (e.g., additional foraging opportunities, the provision of toys, or the provision of visual barriers) did not predict improvement in levels of abnormal behavior or alopecia (logistic regression, p > .05). The results of these analyses add to the literature on self-wounding and alopecia and will allow refinement of the quantitative behavioral monitoring system at YNPRC such that more at-risk animals can be identified and treated prior to the development of abnormal or harmful behaviors.

Abnormal behavior

Alopecia

Behavioral management

Captive primate management

Quantitative behavioral assessment

Rhesus macaque

Self-injury

An Anomaly Behavior Analysis Methodology for the Internet of Things: Design, Analysis, and Evaluation

Pacheco Ramirez, Jesus Horacio, Pacheco Ramirez, Jesus Horacio

January 2017

Advances in mobile and pervasive computing, social network technologies and the exponential growth in Internet applications and services will lead to the development of the Internet of Things (IoT). The IoT services will be a key enabling technology to the development of smart infrastructures that will revolutionize the way we do business, manage critical services, and how we secure, protect, and entertain ourselves. Large-scale IoT applications, such as critical infrastructures (e.g., smart grid, smart transportation, smart buildings, etc.) are distributed systems, characterized by interdependence, cooperation, competition, and adaptation. The integration of IoT premises with sensors, actuators, and control devices allows smart infrastructures to achieve reliable and efficient operations, and to significantly reduce operational costs. However, with the use of IoT, we are experiencing grand challenges to secure and protect such advanced information services due to the significant increase in the attack surface. The interconnections between a growing number of devices expose the vulnerability of IoT applications to attackers. Even devices which are intended to operate in isolation are sometimes connected to the Internet due to careless configuration or to satisfy special needs (e.g., they need to be remotely managed). The security challenge consists of identifying accurately IoT devices, promptly detect vulnerabilities and exploitations of IoT devices, and stop or mitigate the impact of cyberattacks. An Intrusion Detection System (IDS) is in charge of monitoring the behavior of protected systems and is looking for malicious activities or policy violations in order to produce reports to a management station or even perform proactive countermeasures against the detected threat. Anomaly behavior detection is a technique that aims at creating models for the normal behavior of the network and detects any significant deviation from normal operations. With the ability to detect new and novel attacks, the anomaly detection is a promising IDS technique that is actively pursued by researchers. Since each IoT application has its own specification, it is hard to develop a single IDS which works properly for all IoT layers. A better approach is to design customized intrusion detection engines for different layers and then aggregate the analysis results from these engines. On the other hand, it would be cumbersome and takes a lot of effort and knowledge to manually extract the specification of each system. So it will be appropriate to formulate our methodology based on machine learning techniques which can be applied to produce efficient detection engines for different IoT applications. In this dissertation we aim at formalizing a general methodology to perform anomaly behavior analysis for IoT. We first introduce our IoT architecture for smart infrastructures that consists of four layers: end nodes (devices), communications, services, and application. Then we show our multilayer IoT security framework and IoT architecture that consists of five planes: function specification or model plane, attack surface plane, impact plane, mitigation plane, and priority plane. We then present a methodology to develop a general threat model in order to recognize the vulnerabilities in each layer and the possible countermeasures that can be deployed to mitigate their exploitation. In this scope, we show how to develop and deploy an anomaly behavior analysis based intrusion detection system (ABA-IDS) to detect anomalies that might be triggered by attacks against devices, protocols, information or services in our IoT framework. We have evaluated our approach by launching several cyberattacks (e.g. Sensor Impersonation, Replay, and Flooding attacks) against our testbeds developed at the University of Arizona Center for Cloud and Autonomic Computing. The results show that our approach can be used to deploy effective security mechanisms to protect the normal operations of smart infrastructures integrated to the IoT. Moreover, our approach can detect known and unknown attacks against IoT with high detection rate and low false alarms.

Abnormal Behavior Analysis

Autonomic Computing

Cybersecurity

Internet of Things

Security Framework

Threat Model

A Dissection of Pacing in Zoo-Housed Polar Bears: How Details of the Behavior Can Suggest Motivational and Causal Factors

Cless, Isabelle T.

02 September 2015

No description available.

Animals

Zoology

Welfare

Animal Sciences

Μοντέλα ασυνήθους δικτυακής κυκλοφορίας σε TCP/IP δικτυακά υπολογιστικά περιβάλλοντα / Models of abnormal network traffic in TCP/IP networking computer environments

Κομνηνός, Θεόδωρος

16 March 2009

Στην διδακτορική διατριβή αναπτύξαμε μοντέλα για την ασυνήθη δικτυακή κυκλοφορία βασισμένη σε χαρακτηριστικά της TCP/IP επικοινωνίας ανάμεσα σε υπολογιστικά συστήματα, αλλά και στην συμπεριφορά συστημάτων και χρηστών κάτω από επιθέσεις ιών και δικτυακών σκουληκιών. Για την ανάπτυξη συνδυάσαμε το μαθηματικό φορμαλισμό πάνω σε πραγματικά χαρακτηριστικά που εντοπίσαμε πως υπάρχουν σχεδόν σε όλες τις προσπάθειες επίθεσης προς υπολογιστικά και δικτυακά συστήματα από προσπάθειες επιτιθέμενων, αλλά και με αυτοματοποιημένα συστήματα μετάδοσης ιών. Υλοποιήσαμε ένα πραγματικό κατανεμημένο σύστημα έγκαιρης και έγκυρης προειδοποίησης και λήψης άμεσων μέτρων για την προστασία δικτύων υπολογιστών από τη διάδοση των ιών και από τις διαρκώς εξελισσόμενες επιθέσεις των hackers. Τέλος η αυξανόμενη παρουσία δυνατοτήτων για fast worms μας παρακίνησε να μοντελοποιήσουμε την συμπεριφορά ιών που μεταδίδονται μέσα από τα κοινωνικά δίκτυα που σχηματίζονται από τον κατάλογο που έχουν οι χρήστες για γνωστούς και φίλους σε e-mail και Instant Messaging. Προτείνουμε λοιπόν δύο μοντέλα: ένα μοντέλο που περιγράφει την συμπεριφορά fast worms βασισμένα σε κοινωνικά δίκτυα στηριζόμενοι στο μαθηματικό μοντέλο σε Constraint Satisfaction Problems (CSP), αλλά και ένα μοντέλο για τη μετάδοση ιών και την εξουδετέρωσή τους, που λαμβάνει υπόψη την δικτυακή κίνηση και την λειτουργία των εξυπηρετητών βασισμένοι στο M/M/1 μοντέλο ουρών. Στην διατριβή προτείνουμε ένα είδος διαδραστικότητας ανάμεσα στους antivirus Agents και τους ιούς και αναλύουμε ένα μαθηματικό μοντέλο για την διάδοση πληθυσμού ιών και antivirus βασισμένα σε θεωρίες ουρών. / In this PhD Thesis we developed models for the abnormal network traffic based on TCP/IP communication protocol of computer systems, and the behavior of systems and users under viruses and worms attacks. For the development we combined mathematical formalism on real attributes that characterize almost all attacking efforts of hackers, virus and worms against computers and networking systems. Our main goal was based upon the theoretic models we proposed, to provide a useful tool to deal with intrusions. Thus we developed a Software Tool for Distributed Intrusion Detection in Computer Networks. Based on an improved model we produced a real time distributed detection system for early warning administrators of worm and virus propagation and hackers’ attacks. Also in this work we propose a discrete worm rapid propagation model based on social networks that are built using the address book of e-mail and instant messaging clients using the mathematic formalism of Constraint Satisfaction Problems (CSP). The address book, which reflects the acquaintance profiles of people, is used as a “hit-list”, to which the worm can send itself in order to spread fast. We also model user reaction against infected email as well as the rate at which antivirus software is installed. We then propose a worm propagation formulation based on a token propagation algorithm, further analyzed with a use of a system of continuous differential equations, as dictated by Wormald’s theorem on approximating “well-behaving” random processes with deterministic functions. Finally in this work we present a virus propagation and elimination model that takes into account the traffic and server characteristics of the network computers. This model partitions the network nodes into perimeter and non-perimeter nodes. Incoming/outgoing traffic of the network passes through the perimeter of the network, where the perimeter is defined as the set of the servers which are connected directly to the internet. All network nodes are assumed to process tasks based on the M/M/1 queuing model. We study burst intrusions (e.g. Denial of Service Attacks) at the network perimeter and we propose a kind of interaction between these agents that results using the formalism of distribution of network tasks for Jackson open networks of queues.

Ασφάλεια υπολογιστών

Ασφάλεια δικτύων

Ασυνήθη κυκλοφορία

Διάδοση ιών

Μοντελοποίηση

TCP/IP

005.84

Computer security

Network security

Abnormal behavior

Virus propagation

Modelling

TCP/IP

Implicita attityder till frivilligt barnfria : En kvantitativ studie om hur olika grupptillhörigheter påverkar individens attityd till frivilligt barnfria / Implicit attitudes towards the voluntatily childfree : A quantitative study about how different group belongings affect individuals attitudes towards the voluntarily childfree

Kamber Jussila, Linda, Fermby, Gabrielle

January 2017

Det finns en skillnad mellan att vara barnlös och barnfri, nämligen att inte kunna få och att välja bort barn. Enligt tidigare forskning beskrivs frivilligt barnfria ofta som avvikande och stigmatiseras av samhället. Att detta även är fallet i Sverige kan ses som förvånande då landets befolkning överlag har starkt individualistiska attityder som står i kontrast till traditionella värderingar, till exempel barnfamiljens starka ställning.   Denna kvantitativa studie avser att mäta implicita attityder till frivilligt barnfria individer och individer med barn med hjälp av ett implicita associationstest. Åttio respondenter med olika ålder, kön, utbildningsnivå, civilstatus och boendesituation genomförde testet. Vi undersöker deras implicita attityder till barnlöshet generellt, samt huruvida dessa attityder varierar mellan olika grupper bland respondenterna. Vi undersöker också om det finns någon korrelation mellan implicita och explicita attityder till barnfrihet.   Studien är sociologisk och resultaten analyseras genom en sociologisk socialpsykologisk ansats. Detta är ett relativt nytt sätt att hantera data från ett implicit associationstest. / There is a difference between childlessness and being childfree, namely to not be able and to voluntarily choose not to have children. According to previous research, childfree individuals are often described as deviant and are stigmatised in society. It may be surprising however to find that this is the case also in Sweden, a country where population generally has strong individualistic attitudes, in contrast to holding traditional values such as the value of the nuclear family.   This quantitative study measures implicit attitudes to voluntarily childfree individuals and individuals with children respectively, using an implicit association test. Eighty respondents with different genders, ages, levels of education, civil status and living conditions, took the test. We investigate their implicit attitudes to being childfree, as well as whether those attitudes vary between different groups of respondents. We also investigate if there are any correlations between implicit and explicit attitudes to being childfree.   The study is sociological and the results are analysed using a sociological social psychological approach. This is a relatively new way to process data from an implicit association test.

Sociology

Social psychology

Childfree

Childless

Implicit attitudes

Implicit associations test

Pronatalism

Individualism

Abnormal behavior

Sociologi

Socialpsykologi

Barnfri

Barnlös

Implicita attityder

Implicit associationstest

Pronatalism

Individualism

Avvikande beteende

Social Sciences

Samhällsvetenskap

Sociology

Sociologi