Security Information and Event Management (SIEM) platforms are critical for organizations to monitor and manage their security operations centers. However, organizations using SIEM platforms have several challenges su...Security Information and Event Management (SIEM) platforms are critical for organizations to monitor and manage their security operations centers. However, organizations using SIEM platforms have several challenges such as inefficiency of alert management and integration with real-time communication tools. These challenges cause delays and cost penalties for organizations in their efforts to resolve the alerts and potential security breaches. This paper introduces a cybersecurity Alert Distribution and Response Network (Adrian) system. Adrian introduces a novel enhancement to SIEM platforms by integrating SIEM functionalities with real-time collaboration platforms. Adrian leverages the uniquity of mobile applications of collaboration platforms to provide real-time alerts, enabling a two-way communication channel that facilitates immediate response to security incidents and efficient SIEM platform management. To demonstrate Adrian’s capabilities, we have introduced a case-study that integrates Wazuh, a SIEM platform, to Slack, a collaboration platform. The case study demonstrates all the functionalities of Adrian including the real-time alert distribution, alert customization, alert categorization, and enablement of management activities, thereby increasing the responsiveness and efficiency of Adrian’s capabilities. The study concludes with a discussion on the potential expansion of Adrian’s capabilities including the incorporation of artificial intelligence (AI) for enhanced alert prioritization and response automation.展开更多
Modern cloud services are monitored by numerous multidomain and multivendor monitoring tools,which generate massive numbers of alerts and events that are not actionable.These alerts usually carry isolated messages tha...Modern cloud services are monitored by numerous multidomain and multivendor monitoring tools,which generate massive numbers of alerts and events that are not actionable.These alerts usually carry isolated messages that are missing service contexts.Administrators become inundated with tickets caused by such alert events when they are routed directly to incident management systems.Noisy alerts increase the risk of crucial warnings going undetected and leading to service outages.One of the feasible ways to cope with the above problems involves revealing the correlations behind a large number of alerts and then aggregating the related alerts according to their correlations.Based on these guidelines,AlertInsight,a framework for alert event reduction,is proposed in this paper.In AlertInsight,the correlations among event sources are found by mining a sequence of historical events.Then,event correlation knowledge is employed to build an online detector targeting the correlated events that are hidden in the event stream.Finally,the correlated events are aggregated into a single high-level event for alert reduction.Because of theweaknesses of the commonly used pairwise correlation analysis methods in complex environments,an innovative approach for multiple correlation mining,which overcomes computational complexity challenges by scanning panoramic views of historical episodes from the perspective of holism,is proposed in this paper.In addition,a neural network-based correlated event detector that can learn the event correlation knowledge generated from correlation mining and then detect the correlated events in a sequence online is proposed.Experiments are conducted to test the effectiveness of AlertInsight.The experimental results(precision=0.92,recall=0.93,and F1-score=0.93)demonstrate the performance of AlertInsight for the recognition of multiple correlated alerts and its competence for alert reduction.展开更多
A large part of our daily lives is spent with audio information. Massive obstacles are frequently presented by the colossal amounts of acoustic information and the incredibly quick processing times. This results in th...A large part of our daily lives is spent with audio information. Massive obstacles are frequently presented by the colossal amounts of acoustic information and the incredibly quick processing times. This results in the need for applications and methodologies that are capable of automatically analyzing these contents. These technologies can be applied in automatic contentanalysis and emergency response systems. Breaks in manual communication usually occur in emergencies leading to accidents and equipment damage. The audio signal does a good job by sending a signal underground, which warrants action from an emergency management team at the surface. This paper, therefore, seeks to design and simulate an audio signal alerting and automatic control system using Unity Pro XL to substitute manual communication of emergencies and manual control of equipment. Sound data were trained using the neural network technique of machine learning. The metrics used are Fast Fourier transform magnitude, zero crossing rate, root mean square, and percentage error. Sounds were detected with an error of approximately 17%;thus, the system can detect sounds with an accuracy of 83%. With more data training, the system can detect sounds with minimal or no error. The paper, therefore, has critical policy implications about communication, safety, and health for underground mine.展开更多
Light plays an essential role in psychobiological and psychophysiological processes,such as alertness.The alerting effect is influenced by light characteristics and the timing of interventions.This meta-analysis is th...Light plays an essential role in psychobiological and psychophysiological processes,such as alertness.The alerting effect is influenced by light characteristics and the timing of interventions.This meta-analysis is the first to systematically review the effect of light intervention on alertness and to discuss the optimal protocol for light intervention.In this meta-analysis,registered at PROSPERO(Registration ID:CRD42020181485),we conducted a systematic search of the Web of Science,PubMed,and PsycINFO databases for studies published in English prior to August 2021.The outcomes included both subjective and objective alertness.Subgroup analyses considered a variety of factors,such as wavelength,correlated color temperature(CCT),light illuminance,and timing of interventions(daytime,night-time,or all day).Twenty-seven crossover studies and two parallel-group studies were included in this meta-analysis,with a total of 1210 healthy participants(636(52%)male,mean age 25.62 years).The results revealed that light intervention had a positive effect on both subjective alertness(standardized mean difference(SMD)=-0.28,95%confidence interval(CI):-0.49 to-0.06,P=0.01)and objective alertness in healthy subjects(SMD=-0.34,95%CI:-0.68 to-0.01,P=0.04).The subgroup analysis revealed that cold light was better than warm light in improving subjective alertness(SMD=-0.37,95%CI:-0.65 to-0.10,P=0.007,I2=26%)and objective alertness(SMD=-0.36,95%CI:-0.66 to-0.07,P=0.02,I2=0).Both daytime(SMD=-0.22,95%CI:-0.37 to-0.07,P=0.005,I2=74%)and night-time(SMD=-0.32,95%CI:-0.61 to-0.02,P=0.04,I2=0)light exposure improved subjective alertness.The results of this meta-analysis and systematic review indicate that light exposure is associated with significant improvement in subjective and objective alertness.In addition,light exposure with a higher CCT was more effective in improving alertness than light exposure with a lower CCT.Our results also suggest that both daytime and night-time light exposure can improve subjective alertness.展开更多
文摘Security Information and Event Management (SIEM) platforms are critical for organizations to monitor and manage their security operations centers. However, organizations using SIEM platforms have several challenges such as inefficiency of alert management and integration with real-time communication tools. These challenges cause delays and cost penalties for organizations in their efforts to resolve the alerts and potential security breaches. This paper introduces a cybersecurity Alert Distribution and Response Network (Adrian) system. Adrian introduces a novel enhancement to SIEM platforms by integrating SIEM functionalities with real-time collaboration platforms. Adrian leverages the uniquity of mobile applications of collaboration platforms to provide real-time alerts, enabling a two-way communication channel that facilitates immediate response to security incidents and efficient SIEM platform management. To demonstrate Adrian’s capabilities, we have introduced a case-study that integrates Wazuh, a SIEM platform, to Slack, a collaboration platform. The case study demonstrates all the functionalities of Adrian including the real-time alert distribution, alert customization, alert categorization, and enablement of management activities, thereby increasing the responsiveness and efficiency of Adrian’s capabilities. The study concludes with a discussion on the potential expansion of Adrian’s capabilities including the incorporation of artificial intelligence (AI) for enhanced alert prioritization and response automation.
文摘Modern cloud services are monitored by numerous multidomain and multivendor monitoring tools,which generate massive numbers of alerts and events that are not actionable.These alerts usually carry isolated messages that are missing service contexts.Administrators become inundated with tickets caused by such alert events when they are routed directly to incident management systems.Noisy alerts increase the risk of crucial warnings going undetected and leading to service outages.One of the feasible ways to cope with the above problems involves revealing the correlations behind a large number of alerts and then aggregating the related alerts according to their correlations.Based on these guidelines,AlertInsight,a framework for alert event reduction,is proposed in this paper.In AlertInsight,the correlations among event sources are found by mining a sequence of historical events.Then,event correlation knowledge is employed to build an online detector targeting the correlated events that are hidden in the event stream.Finally,the correlated events are aggregated into a single high-level event for alert reduction.Because of theweaknesses of the commonly used pairwise correlation analysis methods in complex environments,an innovative approach for multiple correlation mining,which overcomes computational complexity challenges by scanning panoramic views of historical episodes from the perspective of holism,is proposed in this paper.In addition,a neural network-based correlated event detector that can learn the event correlation knowledge generated from correlation mining and then detect the correlated events in a sequence online is proposed.Experiments are conducted to test the effectiveness of AlertInsight.The experimental results(precision=0.92,recall=0.93,and F1-score=0.93)demonstrate the performance of AlertInsight for the recognition of multiple correlated alerts and its competence for alert reduction.
文摘A large part of our daily lives is spent with audio information. Massive obstacles are frequently presented by the colossal amounts of acoustic information and the incredibly quick processing times. This results in the need for applications and methodologies that are capable of automatically analyzing these contents. These technologies can be applied in automatic contentanalysis and emergency response systems. Breaks in manual communication usually occur in emergencies leading to accidents and equipment damage. The audio signal does a good job by sending a signal underground, which warrants action from an emergency management team at the surface. This paper, therefore, seeks to design and simulate an audio signal alerting and automatic control system using Unity Pro XL to substitute manual communication of emergencies and manual control of equipment. Sound data were trained using the neural network technique of machine learning. The metrics used are Fast Fourier transform magnitude, zero crossing rate, root mean square, and percentage error. Sounds were detected with an error of approximately 17%;thus, the system can detect sounds with an accuracy of 83%. With more data training, the system can detect sounds with minimal or no error. The paper, therefore, has critical policy implications about communication, safety, and health for underground mine.
基金supported by the National Natural Science Foundation of China,No.82172530(to QT)Science and Technology Program of Guangdong,No.2018B030334001(to CRR)Guangzhou Science and Technology Project,No.202007030012(to QT).
文摘Light plays an essential role in psychobiological and psychophysiological processes,such as alertness.The alerting effect is influenced by light characteristics and the timing of interventions.This meta-analysis is the first to systematically review the effect of light intervention on alertness and to discuss the optimal protocol for light intervention.In this meta-analysis,registered at PROSPERO(Registration ID:CRD42020181485),we conducted a systematic search of the Web of Science,PubMed,and PsycINFO databases for studies published in English prior to August 2021.The outcomes included both subjective and objective alertness.Subgroup analyses considered a variety of factors,such as wavelength,correlated color temperature(CCT),light illuminance,and timing of interventions(daytime,night-time,or all day).Twenty-seven crossover studies and two parallel-group studies were included in this meta-analysis,with a total of 1210 healthy participants(636(52%)male,mean age 25.62 years).The results revealed that light intervention had a positive effect on both subjective alertness(standardized mean difference(SMD)=-0.28,95%confidence interval(CI):-0.49 to-0.06,P=0.01)and objective alertness in healthy subjects(SMD=-0.34,95%CI:-0.68 to-0.01,P=0.04).The subgroup analysis revealed that cold light was better than warm light in improving subjective alertness(SMD=-0.37,95%CI:-0.65 to-0.10,P=0.007,I2=26%)and objective alertness(SMD=-0.36,95%CI:-0.66 to-0.07,P=0.02,I2=0).Both daytime(SMD=-0.22,95%CI:-0.37 to-0.07,P=0.005,I2=74%)and night-time(SMD=-0.32,95%CI:-0.61 to-0.02,P=0.04,I2=0)light exposure improved subjective alertness.The results of this meta-analysis and systematic review indicate that light exposure is associated with significant improvement in subjective and objective alertness.In addition,light exposure with a higher CCT was more effective in improving alertness than light exposure with a lower CCT.Our results also suggest that both daytime and night-time light exposure can improve subjective alertness.
