Detection Rules Research Articles

SmartLLMSentry: A Comprehensive LLM Based Smart Contract Vulnerability Detection Framework

Smart contracts are essential for managing digital assets in blockchain networks, highlighting the need for effective security measures. This paper introduces SmartLLMSentry, a novel framework that leverages large language models (LLMs), specifically ChatGPT with in-context training, to advance smart contract vulnerability detection. Traditional rule-based frameworks have limitations in integrating new detection rules efficiently. In contrast, SmartLLMSentry utilizes LLMs to streamline this process. We created a specialized dataset of five randomly selected vulnerabilities for model training and evaluation. Our results show an exact match accuracy of 91.1% with sufficient data, although GPT-4 demonstrated reduced performance compared to GPT-3 in rule generation. This study illustrates that SmartLLMSentry significantly enhances the speed and accuracy of vulnerability detection through LLM-driven rule integration, offering a new approach to improving Blockchain security and addressing previously underexplored vulnerabilities in smart contracts.

Warning values of serum total kappa/lambda ratio for M-proteinemia

BackgroundTo introduce the serum total kappa/lambda ratio (K/L) in humoral immunity testing reports to improve the detection rate of M-proteinemia.Methods156 M protein-positive and 5464 M protein-negative samples confirmed by serum immunofixation electrophoresis(sIFE) were accumulated from January 2021 to December 2023 in the First Affiliated Hospital of Soochow University and the contents of immunoglobulins (IgG, IgA, IgM, kappa and lambda) were tested by Beckman IMMAGE800. All the samples were divided into two groups by time: the modeling group and the validation group. The K/L values in the modeling group were analyzed by SPSS 27.0 to get the receiver operating characteristic curve (ROC). Furthermore, a more in-depth analysis was conducted to verify the reliability of the optimal cutoff values in the validation group. In addition, the levels of immunoglobulins of another group including 106 patients with definite diagnosis of monoclonal gammopathy ranging from January 2021 to June 2024 were traced back to improve the diagnostic efficiency.ResultsThe optimal cutoff values of K/L were 2.31 and 1.43 corresponding to K-type and L-type M-proteinemia respectively by ROC analysis. The sensitivity and specificity were validated as 76.14% and 77.42%. False positives were mainly found in samples with systemic sclerosis (36.84%), hypohepatia (28.71%) and sicca syndrome (27.27%). While false negatives were mainly found in IgA monoclonal gammopathy (38.39%) and IgM monoclonal gammopathy (28.57%). Combining with the detection rules of IgG, IgA and IgM, the sensitivities for the diagnosis of immunoglobulin light chain amyloidosis(AL) and monoclonal gammopathy of undetermined significance(MGUS) can be increased to 83.33% and 85%.ConclusionsK/L > 2.31 and K/L < 1.43 can be used as warning values for M-proteinemia. In addition, the content of the heavy chain in IgA- or IgM-type M-proteinemia may be considered to improve the detection rate.

Method for Detecting Fire Indoors Based on Differences in Sample Averages of an Arbitrary Gas Environment Dangerous Parameter at Adjacent Observation Intervals

The object of the research is the series average of the dangerous parameters of the gas environment during the ignition of materials. The practical importance consists of using the difference between the average dangerous parameters of the gas environment on the intervals of absence and the presence of ignition to detect the ignition of materials. The theoretical substantiation of the method of detecting fires in premises is carried out based on sample averages fixed samples of current measurements of an arbitrary, dangerous parameter of the gas environment, which correspond to the general population of reliable absence and presence of fire. At a given significance level, the method determines the unbiased, uniformly most powerful fire detection rule. This allows you to determine how significant differences in sample means with a given significance level are due to ignition or are random. Laboratory experiments were conducted to verify the method of detecting the ignition of test materials. It was established, for example, that the maximum size of the effect ignition on the carbon monoxide concentration is typical for alcohol (exceeds the threshold by 8.9 times) and textiles (exceeds the threshold by 9.3 times). The size of the effect of the smoke density upon ignition of all materials is approximately the same and is determined by exceeding the corresponding thresholds from 4.62 to 3.9 times. The size of the effect on the temperature of the gaseous environment during ignition of all test materials is approximately the same order. It is characterized by exceeding the corresponding thresholds from 5.95 to 3.58 times. It is shown that the method of detecting fires allows to establish the extent to which the detected differences in sample means for samples from the general population of hazardous parameters of the gas environment are reliable with a given level of significance and are due to the ignition of materials or the action of random factors.

A unified object and keypoint detection framework for Personal Protective Equipment use

Accurately detecting whether workers wear Personal Protective Equipment (PPE) in real time plays an important role in safety management. Previous studies mainly used multiple models jointly or only object detection for wearing relationship judgments. This makes it difficult to provide real-time, accurate detection of security relationships. Therefore, this paper proposes safe-wearing detection rules and a novel multi-targets and keypoints detection framework (MTKF), which is capable of accomplishing multiple classes of targets and keypoints detection simultaneously in one-stage, to get more accurate results. In order to improve the performance in the PPE and worker keypoints detection in challenging construction scenes, the detection head transformation strategy, mix group shuffle attention (MGSA) module, and the improved dual and cross-class suppression algorithm (DC-NMS) are proposed. The experimental results are implemented on one established dataset (Joint dataset) and two public datasets (SHWD and COCO), which conduct a comprehensive evaluation in multiple dimensions. Compared to the baseline model, our method improves the mAP by 2.6%–7.1%, reduces the number of parameters by at least 70%, and is able to achieve an inference speed of 155 fps.

DeepQCD: An end-to-end deep learning approach to quickest change detection

This paper aims to generalize the quickest change detection (QCD) framework via a data-driven approach. To this end, a generic neural network architecture is proposed for the QCD task, composed of feature transformation, recurrent, and dense layers. The neural network is trained end-to-end to learn the change detection rule directly from data without needing the knowledge of probabilistic data models. Specifically, the feature transformation layers can perform a broad range of operations including feature extraction, scaling, and normalization. The recurrent layers keep an internal state summarizing the time-series data seen so far and update the state as new information comes in. Finally, the dense layers map the internal state into a decision statistic, defined as the posterior probability that a change has taken place. Comparisons with the existing model-based QCD algorithms demonstrate the power of the proposed data-driven approach, called DeepQCD, under several scenarios including transient changes and temporally correlated data streams. Experiments with real-world data illustrate superior performance of DeepQCD compared to state-of-the-art algorithms in real-time anomaly detection over surveillance videos and real-time attack detection over Internet of Things (IoT) networks.

Iterative outlier detection and refinement rule of compensation for phase aberrations in digital holographic microscopy.

We propose a robust and accurate compensation method for phase aberrations based on the iterative outlier detection and refinement (ODR) rule. This method does not require additional steps to select the known flat region manually or by image segmentation. Based on the proposed method, the phase aberration in regions of a specimen can be detected and refined iteratively. Then, the least squares fitting can be carried out to estimate the coefficients of Zernike polynomials and obtain the accurate phase aberration finally. Computer simulations and real experiments validate the feasibility and effectiveness, and the results show that the proposed method is robust to noise and has superior accuracy even when the specimen occupies half of the field of view.

An Efficient Adaptive Multi-Kernel Learning With Safe Screening Rule for Outlier Detection

An Efficient Adaptive Multi-Kernel Learning With Safe Screening Rule for Outlier Detection

Detecting malicious encrypted traffic with privacy set intersection in cloud-assisted industrial internet

Encryption technology provides the ability of confidential transmission to ensure the security of Industrial Internet communication, but it makes detecting malicious encrypted traffic very difficult. To resolve the conflict between the difficulty of malicious encrypted traffic detection and the requirements of traffic privacy protection, we propose a cloud-assisted Industrial Internet malicious encrypted traffic detection scheme with privacy protection. To accurately match the encrypted traffic and the detection rules, a privacy set intersection protocol based on the oblivious pseudorandom function and random garbled Bloom filter is constructed, which can detect malicious traffic without revealing data content. Meanwhile, our scheme can allow semi-trusted cloud servers to assist resource-constrained end devices to participate in private calculations. The key-homomorphic encryption is introduced to obfuscate the detection rules, making the detection rules always transparent to end users and semi-trusted cloud servers. We also design the random input verification to make the malicious end users do not have any opportunity to participate in the privacy set intersection calculation using arbitrary data. The scheme analysis and performance evaluation results show that our scheme can effectively guarantee the security of encrypted traffic detection with better detection performance and limited resource consumption.

Deep domain-adversarial anomaly detection with robust one-class transfer learning

Establishing an anomaly detection model as quickly as possible with a small number of measurement samples for use with new equipment or working conditions has been a research focus. In recent years, despite the effectiveness of transfer learning techniques in terms of coping with such problems, it is still challenging to map the detection rules of an existing device to a target device to enhance its single-class anomaly detection capabilities. In addition, the robustness requirement of the detection rule transfer process makes the problem further complicated, particularly in cases where limited target device data still have unknown outliers. To achieve good anomaly detection performance in such a complex scenario, we propose a robust deep one-class support vector description-based anomaly detection algorithm built on adversarial transfer learning. First, we designed a new hyperspherical adversarial training mechanism that integrates robust adaptive constraints into an improved domain-adversarial neural network. Additionally, to eliminate outlier interference to the greatest extent possible during the domain-adversarial process, we aimed to compute the probability of a sample being normal based on the utilized anomaly detection module and embedded this probability in a domain discriminator. Finally, an end-to-end optimization strategy was derived to find the optimal network parameters that could separate the anomalous classes as much as possible while promoting the consistency of the normal class data in the source and target domains. To validate the performance of our model, we experimented with three scenarios, i.e., digit image detection (with the MNIST and USPS datasets), object recognition (with the Office-Home dataset), and rolling bearing anomaly detection. The results showed that the proposed algorithm outperformed the state-of-the-art methods in terms of detection accuracy and robustness.

DNS root server resolution anomaly detection

The DNS root server is at the top of the hierarchical structure of the DNS system and is the initial node that bootstraps all DNS queries. If the root server resolves abnormally, all domain name resolutions will fail, and many users cannot access the Internet. For this reason, this paper detects the root server itself resolution anomalies and non-self resolution anomalies by constructing high-confidence root zone file and anomaly judgment rules. First, we use the weighted voting statistics method to build high-confidence root zone file by calculating the confidence of multi-source root zone files. Based on high-confidence root zone files, we construct three types of anomaly detection judgment rules: (1) root-side resolution anomaly judgment rules based on feature value matching, (2) response hijacking judgment rules by correlating response anomaly features and resolution routing information, (3) root zone file synchronization anomaly judgment rules by calculating the relative synchronization delay of multi-source root zone files. Finally, using three anomaly judgment rules, we perform anomaly detection on the root resolution data obtained by active measurement. Our detection results show that root zone file synchronization delay distributions of different root server instances vary greatly. Some instances even show minute-level convergence, resulting in incorrect resolution for some TLDs. We also detect one response hijacking incident for 2 TLDs resolution, caused by the domain takeover mechanism adopted by the ISP to reduce inter-domain traffic settlement and decrease resolution latency. Except for the unresponsive exception caused by network packet loss, no root-side resolution anomaly is found, indicating that there is no artificial manipulation of TLD resolution on the root server and reflecting the responsibility of each root server operator aiming to maintain global Internet interconnection. The detection results show that the detection rules proposed in this paper can effectively achieve the anomaly detection of root server resolution and help to maintain the health and stability of the DNS system.

Fuzzy models for cyber incident detection in military information and communication systems databases

Protecting databases of military information and communication systems is an extremely important task in the modern cybersecurity sphere. Growing threats from cyberattacks, the need to effectively detect, counteract and prevent them require the use of new, more effective models and methods. The main disadvantages of existing models and methods include insufficient sensitivity to new threats, a large number of detection errors, low response to new threats, the possibility of bypassing protective measures, and low scalability, which are key challenges for further improvement and development of cybersecurity. The article analyzes the existing fuzzy models for detecting cyber incidents, identifies their shortcomings and emphasizes the need for their further improvement and development. An improved fuzzy model for detecting cyber incidents in databases of military information and communication systems and an improved fuzzy model for detecting cyber incidents in databases of military information and communication systems with weighted rules based on the expansion of cyber incident signs by obtaining them from different levels of cyber security of the data are proposed. The main levels of database cybersecurity include: the operating system level, the network level, and the database management system level. To eliminate the shortcomings associated with the false triggering of cyber incident detection rules and the complexity of their configuration in a dynamically changing cyberattack landscape, as well as the dimensionality of the knowledge base of the information and security event management system, a fuzzy model for detecting cyber incidents in databases of military information and communication systems with weights of rule antecedents is proposed. The expediency of applying the developed model is shown.

Dinamika Temperature Ekstrem di Kepulauan Bangka Belitung Periode 1981-2022

This research was carried out to find out the dynamics of climate change in the Bangka Belitung Islands, by utilizing BMKG observer station data at Depati Meteorological Station, starting in 1981 until 2022 that the official obtained from the BMKG website online. This research was conducted at the Education laboratory of FKIP Physics University of Sriwijaya. The research method used is secondary data research with a quantitative approach. Data analysis was used using the RClimDex application with the Expert Team on Climate Change Detection and Indices (ETCCDI) rules. Trend analysis was carried out with non-pithelmetry statistical tests Man-Kendall and Sens tests. The temperature indexes experience significant trends, which indicates that the longer the temperature in the Bangka Belitung Islands will increase.

Paediatric Emergency Care; Applied Research Network Prediction Rule for Early Detection of Intra-Abdominal Injuries in Children

Paediatric Emergency Care; Applied Research Network Prediction Rule for Early Detection of Intra-Abdominal Injuries in Children

Diversity, Complexity, and Specificity of Bacterial Lipopolysaccharide (LPS) Structures Impacting Their Detection and Quantification.

Endotoxins are toxic lipopolysaccharides (LPSs), extending from the outer membrane of Gram-negative bacteria and notorious for their toxicity and deleterious effects. The comparison of different LPSs, isolated from various Gram-negative bacteria, shows a global similar architecture corresponding to a glycolipid lipid A moiety, a core oligosaccharide, and outermost long O-chain polysaccharides with molecular weights from 2 to 20 kDa. LPSs display high diversity and specificity among genera and species, and each bacterium contains a unique set of LPS structures, constituting its protective external barrier. Some LPSs are not toxic due to their particular structures. Different, well-characterized, and highly purified LPSs were used in this work to determine endotoxin detection rules and identify their impact on the host. Endotoxin detection is a major task to ensure the safety of human health, especially in the pharma and food sectors. Here, we describe the impact of different LPS structures obtained under different bacterial growth conditions on selective LPS detection methods such as LAL, HEK-blue TLR-4, LC-MS2, and MALDI-MS. In these various assays, LPSs were shown to respond differently, mainly attributable to their lipid A structures, their fatty acid numbers and chain lengths, the presence of phosphate groups, and their possible substitutions.

A New Classification Rule-Set for Mapping Surface Water in Complex Topographical Regions Using Sentinel-2 Imagery

Surface water is a critical natural resource, but its mapping accuracy is vulnerable to cloud cover, snow, shadows, and diverse roofing materials. Recognizing the limitations of a single threshold segmentation method that fails to achieve high-precision extraction of surface water in complex terrain areas, this study introduces a multiple threshold water detection rule (MTWDR) method to improve water extraction results. This method uses the multi-band reflectance characteristics of ground features to construct a water index and combines brightness features with the Otsu algorithm to eliminate interference from highly reflective ground features like ice, snow, bright material buildings, and clouds. The Yunan–Guizhou Plateau was selected as the study area due to its complex terrain and multiple types of surface water, and experiments were conducted using Sentinel-2 data on the Google Earth Engine (GEE). The results demonstrate that: (1) The proposed method achieves an overall accuracy of 94.08% and a kappa coefficient of 0.8831 in mountainous areas. In urban areas, the overall accuracy reaches 95.15%, accompanied by a kappa coefficient of 0.8945. (2) Compared to five widely used water indexes and rules, the MTWDR method improves accuracy by more than 3%. (3) It effectively overcomes interference from highly reflective ground features while maintaining the integrity and accuracy of water boundary extraction. In conclusion, the proposed method enhances extraction accuracy across different types of surface water within complex terrain areas, and can provide significant theoretical implications and practical value for researching and applying surface water resources.

SafeCheck: Detecting smart contract vulnerabilities based on static program analysis methods

AbstractEthereum smart contracts are a special type of computer programs. Once deployed on the blockchain, they cannot be modified. This presents a significant challenge to the security of smart contracts. Previous research has proposed static and dynamic detection tools to identify vulnerabilities in smart contracts. These tools check contract vulnerabilities based on predefined rules, and the accuracy of detection strongly depends on the design of the rules. However, the constant emergence of new vulnerability types and strategies for vulnerability protection leads to numerous false positives and false negatives by tools. To address this problem, we analyze the characteristics of vulnerabilities in smart contracts and the corresponding protection strategies. We convert the contracts' bytecode into an intermediate representation to extract semantic information of the contracts. Based on this semantic information, we establish a set of detection rules based on semantic facts and implement a vulnerability detection tool SafeCheck using static program analysis methods. The tool is used to detect six common types of vulnerabilities in smart contracts. We have extensively evaluated SafeCheck on real Ethereum smart contracts and compared it to other tools. The experimental results show that SafeCheck performs better in smart contract vulnerability detection compared to other typical tools, with a high F‐measure (up to 83.1%) for its entire dataset.

Enhancing Incipient Fault Detection for Interface Converter Sensors through Signal Correlation Analysis

Incipient faults in interface converters can potentially lead to catastrophic failures. Detection of incipient faults contributes to proactive fault management and predictive maintenance, which effectively improves system reliability. In this paper, a detection method in correlation space is proposed to address this problem, which is based on the inherent feature of correlation changes when a fault occurs. First, a convolution process is used to weaken noise and highlight the correlation feature. Second, the current signals are transmitted to correlation space by using the Pearson correlation coefficient. Third, an accumulation and a reference compensation method are designed for enhancing the features and equalizing influence of reference adjustment. Finally, a fault detection rule is designed based on correlation features and fault excitation. Experiments on a hardware‐in‐loop(HIL) semi‐physical platform indicate that the proposed method outperforms three commonly used correlation analysis algorithms. © 2024 Institute of Electrical Engineer of Japan and Wiley Periodicals LLC.

Method for early ignition detection based on the sampling dispersion of dangerous parameter

The object of the study is the selective dispersion of dangerous parameters of the gas environment during material fires. The practical importance of research consists in using the difference of sample dispersions of dangerous parameters of the gas environment on the intervals of absence and presence of ignition of materials for detection of ignition. The theoretical substantiation of the method of detecting fires in premises based on sample dispersions of current measurements of an arbitrary dangerous parameter of the gas environment, corresponding to the general populations of reliable absence and presence of fire, has been carried out. The method, at a given level of significance, determines the unbiased uniformly most powerful fire detection rule. This makes it possible to determine how much differences in sample variances are significant with a given level of significance and are caused by ignition or are random factors. Laboratory experiments were conducted to verify the proposed method. It was established that the influence of ignition on the value of the difference in the sample dispersion at the corresponding intervals of monitoring the carbon monoxide concentration, smoke density, and temperature of the gaseous environment of the laboratory chamber is different and depends on the type of ignition material. At the same time, the minimum difference of the sample dispersions is characteristic for observing the smoke density for all the studied materials. However, early detection of ignition of alcohol, paper, wood, and textiles when observing the smoke density is carried out when the threshold is exceeded by 9.01, 5.31, 2.13 and 2.55 times, respectively. It is shown that the method of early detection of fires, which is based on the detection of significant differences in sample dispersions of data from the relevant general populations

In defense of local descriptor-based few-shot object detection.

State-of-the-art image object detection computational models require an intensive parameter fine-tuning stage (using deep convolution network, etc). with tens or hundreds of training examples. In contrast, human intelligence can robustly learn a new concept from just a few instances (i.e., few-shot detection). The distinctive perception mechanisms between these two families of systems enlighten us to revisit classical handcraft local descriptors (e.g., SIFT, HOG, etc.) as well as non-parametric visual models, which innately require no learning/training phase. Herein, we claim that the inferior performance of these local descriptors mainly results from a lack of global structure sense. To address this issue, we refine local descriptors with spatial contextual attention of neighbor affinities and then embed the local descriptors into discriminative subspace guided by Kernel-InfoNCE loss. Differing from conventional quantization of local descriptors in high-dimensional feature space or isometric dimension reduction, we actually seek a brain-inspired few-shot feature representation for the object manifold, which combines data-independent primitive representation and semantic context learning and thus helps with generalization. The obtained embeddings as pattern vectors/tensors permit us an accelerated but non-parametric visual similarity computation as the decision rule for final detection. Our approach to few-shot object detection is nearly learning-free, and experiments on remote sensing imageries (approximate 2-D affine space) confirm the efficacy of our model.

A New Synthetic Aperture Radar Ship Detector Based on Clutter Intensity Statistics in Complex Environments

In complex environments, the clutter statistical characteristics of synthetic aperture radar (SAR) are inconstant, and the constant detection performance of a false alarm rate (CFAR) detector based on a clutter statistical model is also hard to achieve. As a result, the overestimated threshold leads to a degradation in detection probability. To this end, this paper proposes a SAR ship detector different from CFAR detectors, which is independent of traditional clutter statistical distribution models and the probability of a false alarm (PFA). The proposed detector aims to raise the ship detection probability and alleviate interference from complex environments such as multi-target areas, shores, and breakwaters. It estimates clutter-truncated thresholds based on clutter intensity statistics (CIS). Firstly, three statistical parameters, including the mean, standard deviation, and maximum intensity of background clutter contaminated by outliers, are calculated; secondly, these parameters are utilized to estimate the clutter-truncated threshold using the novel CIS; and finally, the pixel under test is determined according to the CIS detection rule. Compared with CFAR-based algorithms, CIS obtains a high probability of detection in complex environments. As for other aspects, the CIS detector is insensitive to the structure of the detection window, as well as the size. It is also computationally efficient due to its simple calculations. The superiority of the CIS detector is validated on scene-differed SAR images from the DSSDD dataset.