Research on Security Incident Analysis: Scenarios and Challenges
Xuan Liu
1†
, Kehang Zhou
2†
, Qixuan Chen
3†
and Jianing Zheng
4†
1
Internet of Things Beijing University of Technology, Beijing, China
2
Software Engineering Chongqing University of Posts and Telecommunications, Chongqing, China
3
Guangdong Experimental High School Guangdong, China
4
Management Information System & Supply Chain Management University of Minnesota Twin Cities, Minnesota, U.S.A.
†
These authors contributed equally
Keywords: Event Detection, Risk Pre-warning, Systematic Review, Data Analysis.
Abstract: This paper systematically reviews the research of safety analysis, which includes the detection of adverse
events, the prediction of events, and the discovery of potential safety hazards. It mainly reviews the three
aspects that are suitable for people's lives, namely, facility safety, complete medical care, and the prediction
of the Internet of things. This study intends to analyze from the following dimensions: describing the current
safety accidents in people's lives and their potential hazards; how to predict the possibility of crisis;
summarizing the methods proposed in the literature. In addition, the limitations of the literature have been
summed up: the prediction method mentioned in this paper needs to be improved in a few aspects, which
means that might not meet the needs of some special cases; the prediction accuracy of logistics needs to be
improved; the error in medical treatment is difficult to avoid. This review has certain theoretical and practical
significance. To be theoretically speaking, relevant scholars are enabled to have a systematic understanding
of security analysis and help them to formulate the future research agenda. From reality, practitioners can
systematically understand the methods of safety detection and prediction, to formulate corresponding
preventive measures and emergency plans.
1 INTRODUCTION
In the history of human development, the surging
development of technology and science ensure many
aspects of people's life. People's travel and the
products that they use are all the outputs of the
development of them. Meanwhile, in our daily life,
the security of facilities also attracted people's
attention. During the process of using innovations,
people are more inclined to how to correctly use the
security facilities with higher efficiency at the same
time. There are a lot of existing literates on facilities
and safety prediction. Several articles are summarized
which are widely used in different fields so that
practitioners or scholars can understand the
significance of the safety field and the impact of it in
the future, as well as the benefits of ensuring the
safety of facilities to the development of human
society, however, there is no relevant literature
review. Therefore, the objective of this paper is to
systematically review the research of safety analysis,
in which safety analysis includes the detection of
adverse events, event prediction and the discovery of
safety hazards. This study intends to analyze from the
following dimensions: firstly, describing the current
safety accidents in people’s lives and their potential
hazards; second, how to predict the possibility of
crisis and the methods proposed in the cited literature;
third, the potential significance of this paper. This
review article mainly focuses on event security,
information prediction and the Internet of Things
based on historical data, including the fields of
medical and facility security, then the way of
predicting the possibility of the event that people
avoiding to let it happen based on the given
information. The purpose of this event is attributed to
the field of analysis, which includes the current
situation of the event and the prediction of the
probability of an accident in the future. This paper
introduces examples of event safety in different fields.
Besides, the technology that can be used in the
process of forecasting, the mathematical calculation
based on the historical model, and what needs to be
improved in selected articles have also been focused
on.
Liu, X., Zhou, K., Chen, Q. and Zheng, J.
Research on Security Incident Analysis: Scenarios and Challenges.
DOI: 10.5220/0011767100003607
In Proceedings of the 1st International Conference on Public Management, Digital Economy and Internet Technology (ICPDI 2022), pages 745-752
ISBN: 978-989-758-620-0
Copyright
c
2023 by SCITEPRESS – Science and Technology Publications, Lda. Under CC license (CC BY-NC-ND 4.0)
745
This review has several theoretical and practical
implications. From a theoretical point of view, it can
enable relevant scholars to have a systematic
understanding of safety analysis and help them to
shape future research agendas. From a practical point
of view, practitioners can systematically understand
the methods of safety detection and prediction so as
to formulate corresponding preventive measures and
emergency plans.
2 METHODS AND RESULTS
2.1 Search Strategy
The purpose of this paper is to help people predict
events more reasonably. So, to choose articles about
facilities and the Internet of things, most of the
previous articles are about medicine. Therefore, in
order to avoid paying too much attention to the
medical field, the articles at the bottom of the article
list are excluded. The main sources of articles are
Google, Google Scholar, and school libraries. After
searching for keywords like Event Prediction, Event
Security, Event Detection, and Facility Prediction, the
most relevant articles with a preference for the
number of references are collected. Eventually,
articles about medical, facilities and IoT were
obtained.
2.2 Security Analysis in Public Facility
Scenarios
To create a comfortable, reasonable, and safe living
environment for residents with an effective plan of
development of the country, decision-makers have to
work hard to come up with better solutions to achieve
this goal. This part briefly introduces three kinds of
daily life scenarios which need to be guaranteed
safety and the technology applied in this paper,
furthermore, a wireless sensor application technology
is also explained. Those methods are used to provide
reference ideas for decision-makers.
2.2.1 Event Detection in the Crowded Video
Most of the dangerous emergencies occur in the
crowd which prone to the crowded dangerous
situation in real life (Ke 2007). So to ensure people's
safety, this paper provides some methods to detect
dangerous events by using the video of the
technology. But this method also has some errors. For
example, first, the tracker is often affected by the
noise of the environment; second, the 2D modeling
has a similar disadvantage - it can't capture some
motions and objects; third, the model is built
manually and is derived from a single sample of
events, thus it is impossible to predict the change of
events, some problems are not involved in this model.
The experimental process of this method will be
described in the following paragraph.
This experiment takes the object being tracked as
a speck, based on observations detection of the
distance between the position of it and the spot.
Further, the event which has spatial interaction
activities are classified with training vertical and
horizontal vectors, processing the sequence in the
video. In this method, the volume of video space is a
3D object, so that different objects in the video can be
distinguished - the object in events produce different
shapes. The next step is shape matching which is used
to identify events to detect the distance. This
algorithm needs to set a minimum threshold, using
sliding window detection technology to keep the error
rate as less as possible.
Another way is to use unsupervised clustering
technology to extract the contour of spatial shape
model in the video, that is used to segment objects and
backgrounds, besides, the background might have
Optical Flow often makes noise which often causes
errors. The model build in this method is combined
with Shechtman and Irani's Flow Consistency method
(Ke 2007), which is a complementary feature, so it
can be calculated corresponding functions in the
complex environment with graph and ground
separation, to reduce the interference. To match and
recognize between objects and the model, the author
introduces a baseline matching algorithm of volume
shape matching model based on parts so that the
method organizes the part model into a tree structure
and models the relative position of each part as a
Gaussian distribution with diagonal covariance
matrix to improve the matching efficiency.
The event is detected in the shape model of time
and space in this method, demonstrating how to do
shape matching in a cluttered scene with dynamic
background, and it complements the previous
dynamic description to calculate in the complex
environment so that it can be extended to 3D for event
recognition. This technology realizes low precision
and recalls near all actions, and the behavior based on
the part shape and description flow is better than
previous studies, which shows the powerful
performance of the recorded video.
ICPDI 2022 - International Conference on Public Management, Digital Economy and Internet Technology
746
2.2.2 Smart City
With the development of the times, the impact of
computing public infrastructure on the smart city is
crucial, such as supermarkets, hospitals, office space,
to meet the different needs of people. These affect
people's way of life, at the same time, the vehicles
people drive will also affect the changes in the
facilities, for example, traffic flow at different times.
Using sensor technology to obtain the movement
mode in space can find the problems faced by the city
and provide a new perspective to overview the
modern city, so that helps the city planners make
more reasonable decisions. There are two challenges
at the beginning (Wang, et al. 2016): the first is how
to effectively calculate the influence degree when the
data is a large number of vehicles and facilities; the
second is how to predict the influence when the
current position of vehicles is known. Based on these
two aspects, the experiment uses the following
methods to achieve the goal.
This article (Wang, et al. 2016) using a network
(grid) index method is to map the position of a vehicle
to a specific unit. In this unit, the number of vehicles
will be added to the area which is the nearest facility
around it. That means although each vehicle has its
trace, when the tracks of the two cars are similar, the
destination that they are going to is homologous. So a
model based on the Markov Chain is used, which is
one of the various versions of it, that can be learned
through the historical trail. This model predicts the
movement of vehicles in the following days so that
designers can get the range of more, it is used to
change and update the planning of future facilities.
Index method of the grid. It is a kind of grid that
divides the geographical area into the same size and
provides an index for each grid. Trace can be replaced
by a grid, which is represented by an index in the grid.
In this model, the scope and coverage of different
facilities are different due to the size, so the number
of grids covered by it is also variance. The number of
taxis in the grid and then get the impact of this facility
on the city based on the qualities of each facility are
calculated. Although this method seems remarkably
simple, there may be facilities crossing range that
reflect the nearby grid. And the size of grid selection
also affects the distribution of future devices to a
certain extent. However, this method also has
advantages, it can be used to predict the impact of
facilities management, meanwhile can also avoid
many issues, such as traffic jams, furthermore, it can
solve data separately in predicting future location.
The previous Markov model uses the way of
transferring the state of each grid to the matrix, and
its working rate is trained by the number of historical
steps of movements which means this method is
changing the data from one unit to the corresponding
matrix. Besides, the number of transferring efficiency
is used for the transition probability between two
units. The basic Markov model is to predict unknown
traces. Another situation is that if the traces are
known, the Bayesian theorem can help to calculate
the probability of these objects will go to the
destination (Wang, et al. 2016).
This experiment provides how to predict the
influence degree of facilities in the smart city
according to the traffic flow and predict the future
movement through grid division and historical
training model. Although the prediction location may
introduce uncertainty and affect the prediction results,
as long as the distance between the prediction grid
and the actual distance is not far, and around the same
public facilities, the impact is small. The influence
and precision of the experiment are acceptable. So,
people can use the method mentioned in the article to
predict a public facility to meet people's needs for
urban life.
2.2.3 High Voltage Transmission System
People's daily life is inseparable from the voltage
system. To maintain continuous supply, High Voltage
Transmission Systems (HVTS) need to be maintained
reliably (Jaya 2019). Because the system failure will
lead to huge economic losses, but also endanger
people's lives and use. Therefore, in the process of
maintenance, the safety of a high voltage
transmission system is of great significance in the real
scene. This paper introduces the safety assessment
and control of the voltage system. According to the
failure rate of a historical model, the possibility of
future failure is predicted, besides, the accuracy of
this method is as high as 89.88%. Next, the
implementation of this method will be focused on.
This experiment (Jaya 2019) applies a kind of K-
neural network technology which is a simple and
efficient way to be used in object recognition. So, in
various searching for research, it is common to use
for prediction. One of the main methods is that K-and
can be used to classify and evaluate by decision trees,
discriminant analysis, and logistic regression. This
function offers active training and searching for the
best classification model which has almost 90%
accuracy, but the speed is at a medium level around
all the functions of finding. The method adapts
various metrics to determine the distance, according
to the given set 'X' of 'n' points, the KNN nearest
searching can help to find the point which is closest
Research on Security Incident Analysis: Scenarios and Challenges
747
to the target in X. This way is widely used in machine
learning. In check the safety of the facility, there will
be less time on finding the place that needs to be
repaired.
To predict events, the more mistake made, the less
efficiency people will have. Thus, the correct range
of calculating is important. One of the solutions is that
using the failure rate of the power system which can
be expressed by Gaussian function by using a fuzzy
security index binary- the least square method. And
this way is to find the state of keeping the facility run
normally.
𝜇
𝑥
=exp−(
(
𝑒
−𝑥
2𝜎
) (1)
In general, this method uses the Markov model
which is divided into 16 states for modeling and is
divided into five security levels. The accuracy of
prediction is determined by Safety Index. The
conclusion of the experiment is according to the
exception and the prediction is accurate. Through this
method, this method can be applied to more facility's
safety prediction to ensure the safety of the staff.
2.2.4 Wireless Technology
Wireless sensor technology is used for detection and
prediction. At the same time, this paper (Zhong, et al.
2015) demonstrates that sound is predictable, and
introduces a fuzzy logic system based on the sound
signal that can be a prediction. Also, a double sliding
window detection model is applied to reduce the error.
Wireless sensors can monitor machine facilities.
If the sound increases abnormally, it indicates that the
machine may appear some mistakes, this can be seen
as an event. So, machines can be check and predicted
by the wireless sensor with sound signals.
Variance time chart is widely used in verifying the
time series. The common character of the sound
signal is automorphism, which is the principle of the
following method adapted by the author. So, this way
can be applied to the prediction. A fuzzy logic system
is also a kind of time series prediction that can be used
to calculate intensive time. It can capture the
characteristics of the sound signal made by the
machine, which means that it can be predicted by
historical behavior and then check. For the potential
application of prediction of the sound signal, in this
paper, a new algorithm applying for reducing errors
of event detection - 'double sliding window event
detection' is proposed, this method is used to regulate
noise range in the uncontrollable environment and
determine a fixed threshold of different surroundings.
To alleviate the problem of a range selection.
The method (Zhong, et al. 2015) is superior to the
historical model. Through the signal-to-noise ratio
and self-discipline of sound, besides, the error is
reduced by using the time variance model - fuzzy
logic system and double sliding window detection.
The experiment proves that the wireless sensor can be
used to predict and detect the related security after
simulating the related experiment models.
2.3 Sequential Prediction on IoT
Scenarios
Nowadays, the Internet of Things (IoT) is becoming
more and more important in our life. The number of
devices connected to the IoT will reach 26 billion
devices by 2020, according to Gartner Group. The
Internet of things is the inevitable trend of this era. In
this part, the prediction of IoT will be discussed. Due
to the characteristics of the Internet of things in time
and space, the prediction of IoT will be necessary.
There are two kinds of prediction of IoT to discuss.
The first prediction used Bayesian Network and
association rules to predict associated events and the
second prediction used clustering and event detection
in social streams to do some predictions.
This part uses two algorithms to do some
sequential predictions on IoT. This sequential
prediction will be particularly useful in IoT. It can
predict delays in one transport phase provides
sufficient time for rescheduling activities in the next
and some goods that the user wants to buy can also be
predicted according to some of his shopping records
or logistics records and can also be predicted through
some purchase records of other users.
2.3.1 Bayesian Networks
Literature adopts a Bayesian network, which is used
to build a model with uncertainty (Karakostas 2016).
It is a directed acyclic graph, and each of its nodes
represents a discrete random variable. There is a
causal relationship between the variables represented
by its child node and those represented by its parent
node. The edge between two nodes represents the
probability dependence between events.
𝑒
->𝑒
: means the possibility of 𝑒
depends on e2, P
(𝑒
)! = 0.
𝑃
(
𝐴
|
𝐵
)
=
𝑃
(
𝐴
)
𝑃
(
𝐵
|
𝐴
)
𝑃
(
𝐵
)
(2)
In this case, it is assumed that event B is fixed,
that is,𝑃
(
𝐵
)
=1. The impact of the determined event
B on event A is needed to be considered.
𝑃
(
𝑒
|
𝑒
)
=
𝑝
(
𝑒
)
∗𝑝
(
𝑒
|
𝑒
)
𝑝
(
𝑒
)
(3)
ICPDI 2022 - International Conference on Public Management, Digital Economy and Internet Technology
748
Suppose that 𝑒
and 𝑒
are two potential causal
objects. This causality determines the subsequent
events triggered by the event generated by the object.
Statistical knowledge will be used to build a
conditional probability model and use the Bayesian
formula to give the above formula.
𝑃
(
𝑒
|
𝑒
)
= 𝑝
(
𝑒
)
∗𝑝
(
𝑒
|
𝑒
)
(4)
𝑝
(
𝑒
)
is the probability of observing E2
independently of other events, P ( 𝑒
- 𝑒
) is the
influence intensity of 𝑒
on 𝑒
probability. If E1 is
assumed to be 𝑃(𝑒
) = 1, the above formula is
obtained
Since some events can cause a chain reaction,
some events can be decomposed. For example, event
𝑒 can produce chain reactions 𝑒
, 𝑒
, 𝑒
, ..., 𝑒
. These
n intermediate events are linked to calculate the
probability of 𝑒
's dependence on event 𝑒 .
P ( 𝑒
| 𝑒
) is calculated the conditional
probability of 𝑃
(
𝑒
|
𝑒
)
.
2.3.2 Association Rules
Literature also adopts association rules (Rudin, et al.
2011), and the idea of the algorithm is as follows.
Algorithm 1: Subroutine GenRules.
- Input: (S, B, X ), that is, past orders S =
{zi}i=1,...,m, zi ⊆ X , current basket B ⊂ X , set of
items X
- Output: Set of all rules
𝑎𝑗→𝑏𝑗
𝑗 where 𝑏𝑗 is a
single item that is not in basket B, and where aj is
either a subset of items in basket B, or else it is the
empty set. Also, the left-hand side 𝑎𝑗 must be allowed
(meaning it is in A). That is, output rules {aj → bj}j
such that bj ∈ X \B and aj ⊆ B ⊂ X with aj ∈ A, or aj
= ∅.
Algorithm 2: Max Confidence, Min Support
Algorithm
- Input: (θ, X , S, B, GenRules, c), that is,
minimum threshold parameter θ, set of items X , past
orders S = {zi}i=1,...,m, zi ⊆ X , current basket B ⊂
X , GenRules generates candidate rules GenRules (S,
B, X ) = {aj → bj}j , number of recommendations c ≥
1
- Output: Recommendation List, which is a subset
of c items in X
- Flow of the algorithm:
a) Apply GenRules (S, B, X ) to get rules {aj →
bj}j where aj is in the basket B and bj is not.
b) Compute score for each rule aj → bj as ¯fS,θ
(aj , bj ) = fS,0 (aj , bj ) = # (aj∪bj ) #aj when support
#aj ≥ θ, and ¯fS,θ (aj , bj ) = 0 otherwise.
c) Reorder rules by decreasing score.
d) Find the top c rules with distinct right-hand
sides, and let Recommendation List be the right-hand
sides of these rules
Algorithm 3: Adjusted Confidence Algorithm.
- Input: (K, X , S, B, GenRules, c), that is,
parameter K, set of items X , past orders S =
{zi}i=1,...,m, zi ⊆ X , current basket B ⊂ X ,
GenRules generates candidate rules GenRules (S, B,
X ) = {aj →
bj}j , number of recommendations c ≥ 1
- Output: Recommendation List, which is a subset
of c items in X
- Flow of the algorithm:
a) Apply GenRules (S, B, X ) to get rules {aj →
bj}j where aj is in the basket B and bj is not.
b) Compute adjusted confidence of each rule aj →
bj as fS,K (aj , bj ) = # (aj∪bj ) #aj+K .
c) Reorder rules by decreasing adjusted
confidence.
d) Find the top c rules with disti
2.3.3 General Architecture of IoT Prediction
This diagram is the general architecture of IoT
prediction. Different events are generated by the IoT
cloud and stored through the capture interface
supporting the M2M protocol of the typical IoT. In
the storage warehouse, events are cleaned up and
classified, and then the category probability of events
is calculated according to the above model. Since new
events are added to the warehouse periodically, the
probability is recalculated periodically. The time
prediction model is connected with the decision
support system.
2.4 Clinical Predictive Models in
Medical Scenarios
As medical equipment plays a more and more
important role in modern hospitals, the safety
detection and development of medical equipment has
become an important link in hospital management.
Different medical devices play different roles
depending on the severity of the disease. Some of the
devices are just adjunct to treatment and health care,
while most of the devices are lifesaving. Take dialysis
equipment for example. The patient's life is supported
by it. More than 350,000 patients receive dialysis in
the United States, and the safety of their care is
ultimately the responsibility of the medical director of
the facility. Dialysis facilities are a complex
organization that involves multiple disciplinary
providers and uses advanced technologies to care for
patients with a wide range of serious diseases. As
organizations become more complex and the
Research on Security Incident Analysis: Scenarios and Challenges
749
likelihood of errors increases, potential risks must be
identified and prioritized. To investigate the attitudes
of dialysis patients and health care providers toward
safety through a randomized national review of
dialysis patient data. According to the findings, safety
risks mainly come from patient safety hazards (such
as communication or machine design), dialysis
equipment failures, and medication errors.
Improve and change health care safety through the
use of QAPI programs. A successful QAPI program
requires a reliable collection and rigorous analysis of
data. One widely accepted form is the plan-dot-
check-action cycle. This approach first "plans" the
required process improvements with the available
data and literature, and then implements those
improvements ("do"). Evaluate the results to
determine whether performance has improved (the
"check"). If the results improve, the results are shared
and the new process ("act") is implemented across the
organization, and the results are re-validated to ensure
that the improvements are effective and ongoing. If
the expected results are not met, alternative or
additional improvements must be planned and
implemented, and the results reanalyzed.
In order to provide effective outcome prediction
for patients and provide a good basis for treatment
decisions, clinical prediction plays a very important
role. Clinical predictive models play an important
role in medical decision-making, such as risk
stratification and treatment allocation. Their
effectiveness needs to be tested systematically in
large scale trials. They have developed a dynamic
clinical prediction model with discrete time to event
data with competitive risk, and they extended
standard objective Bayesian variable selection
methods to address discrete-time competitive risk
models and identified the most relevant predictors of
ventilator-associated pneumonia (VAP) caused by a
specific microbe, Pseudomonas aeruginosa (PA).
By studying the competitive events between
pneumoviruses to provide more effective pr-
0ediction and a good basis for new patients. Data on
new patients from different periods and patients from
different centers were obtained by recording 5123
days of intensive care units. This study uses the
Bayesian variable (discrete data processing) selection
method to deal with the discrete-time competition risk
model. The discrete-time event models are
collectively called logistic regression.
𝛿
=
1 𝑇
≤𝐶
0 𝑇
> 𝐶
𝜆
(
𝑡
|
𝑥
)
=Pr
(
𝑇
= 𝑡, 𝑅
= 𝑟
|
𝑇
≥𝑡, 𝑥
)
=
∑
, for 𝑟=1,…,𝑚, 𝑡= 1,2, …, (5)
Table 1: Summary findings of Renal Physicians Association health and safety surveys.
Safety Issues during the
Prior 3 Months
Professional Staff
Response (%)
Patient Response (%)
Patients worried or concerned
about safety/staff
Patients communicated
concerns sometimes or
always: 63
Sometimes or always worried:
49
Ease of communication
Easy to communicate with
patients: 94
Uncomfortable / somewhat
uncomfortable communicating
with staff: 18
BP or weight not recorded prior
to dialysis
Happened sometimes: 13 Happened sometimes: 10
Mistakes in membrane or bath
set up
Happened sometimes: 60 Happened sometimes: 6
Lapses in infection control
(hand hygiene)
Reported event occurred: 27 Reported event occurred: 11
Medication errors
Missed or incorrect dose
occurred sometimes: 23
Always discuss all
medications with staff: 23
Difficulty with access to needles
Rare or no difficulty
inserting: 66
Pain at access site during
treatment: 39
Prolonged access to bleeding Sometimes: 15 Sometimes: 23
Needle dislodgement prior to
the end of treatment
Sometimes occurred: 4 Reported event occurred: 5
Medical mistakes in prior 3
months
Reported no events
occurred: 70
Reported no events occurred:
73
Used with permission from the RPA Health and Safety Survey
ICPDI 2022 - International Conference on Public Management, Digital Economy and Internet Technology
750
However, once ventilator-assisted or extubated
patients died during the trial, they were no longer at
risk of VAP hypertension. In addition to
discrimination, another important aspect of prediction
model evaluation is calibration, which informs the
reliability of the forecast risk. Calibration
performance will be evaluated using a calibration
diagram (CP) and calibration slope (CS) and intercept
(CI).
log
𝜆
(
𝑡
|
𝑥
)
𝜆
(
𝑡
|
𝑥
)
= 𝑎
+ 𝑏
,
𝑛
(6)
In addition to clinical medicine, more specifically,
it extends to cardiovascular disease. The researchers
investigated whether arterial pulse wave velocity
(aPWV) could improve the temporal prediction of
cardiovascular disease. They looked at 17, 635 people
with heart problems and collected individual data
from 16 studies. Proportional risk models and random
effects models assessed the mixed effects and
determined the study association between APWV and
cardiovascular disease outcomes. They looked at 17,
635 people with heart problems and collected
individual data from 16 studies. Proportional risk
models and random effects models assessed the
mixed effects and determined the study association
between APWV and cardiovascular disease
outcomes. The researchers conducted a systematic
review and used newly published and unpublished
cohort data, including APWV and cardiovascular
events, to perform an individual participant meta-
analysis. Their objective was to determine whether
APWV information could improve the prediction of
future cardiovascular events in unselected,
population-based individuals and patients with
significant disease; whether the risk prediction is
different among factor groups; whether it improves
the risk. The results of this experimental study suggest
that AWVP may be a useful biomarker to improve
cardiovascular risk prediction in moderate-risk
patients.
3 DISCUSSION
3.1 Main Findings
In general, the significance of security prediction for
human life and development from three dimensions
of security facilities, Internet of things and medicine
have been discussed. Some conclusions are found in
these three different dimensions.
First, in the security facilities area, some video
recognition technology and voice recognition
technology can be used to predict what may happen
in our daily life, and apply them to the smart city to
provide convenience for people's daily life. In the
power system, it is also possible to predict the
potential dangers in the high-voltage power network
through some technologies.
Second, in the IoT prediction area, some of the
collected detection and prediction technologies can be
applied to the prediction of the Internet of things and
use Bayesian theory and some association rules to
predict the sequential events and apply them to the
Internet of things. For example, the places prone to
logistics congestion can be predicted through the
logistics records of many users and try our best to
avoid these problems in the subsequent logistics
routes Lines.
Third, in the field of medicine, some prediction
can help doctors to make some reference to the
patient's condition, and also can predict some
potential threats of patients in some treatment process
to help doctors find and predict in time and reduce the
occurrence of the risk.
3.2 Limitations and Suggestions for
Future Work
On safety detection, event detection from videos
cannot be used for all kinds of detection, because the
model of it is from a single example, this could limit
its ability to summarize the changes of different
events (Ke 2007). This paper tries to use this method
in the smart city (Wang, et al. 2016), and this method
still needs to improve. Besides, the smart city has
another problem which is difficult to find the biggest
influential equipment when all the objects are moving
(Wang, et al. 2016). The errors exist, but they are
acceptable at present. Because of that, in the future,
there is still more work to do especially on modeling
which including auto-selecting events and
aggregating multiple training videos into a single
model so that this method can get better
generalization performance (Ke 2007). The security
prediction of a high voltage transmission system can
make some objective predictions for the safety of
power system facilities, but at present, some chemical
elements are still uncontrolled, it can still not predict
the influencing factors (Jaya 2019). Therefore, the
security problems of the power system from the
chemical level or using some chemical methods can
be predicted. The wireless acoustic sensors cannot
determine the range of relevant thresholds because the
noise level of the detected object is unknown, there is
a method called the double sliding window algorithm
that can fix this problem (Zhong, et al. 2015).
Research on Security Incident Analysis: Scenarios and Challenges
751
On the IoT prediction, the Bayes theorem can be
used to do some IoT predictions. In this paper,
research that used association rules is collected to
predict sequential events (Rudin, et al. 2011) and
researching that predicted events through social
stream (Aggarwal 2012). However, all the methods
can not 100% sure to predict an event. They are more
likely to be reference resources. The IoT needs
abundant events because it is dynamic (Karakostas
2016). Besides, some of the events which cannot be
observed, their associated events for observation and
prediction are needed to find (Rudin, et al. 2011). In
the future, when the IoT is more completed, the
prediction will be more accurate, but the ability to
grab keywords, as well as the accuracy of clustering
problems should be improved, to be able to improve
the accuracy of prediction problems in the IoT.
In the medical area, there will inevitably be errors
in the prediction. For example, there are
uncontrollable variables in the process in bio-
manufacturing facilities such as the environmental
factors (Yang, Farid and Nina 2014). The next
problem is the heart problem (Ben-Shlomo, et al.
2014), the age and other diseases can affect the
accuracy of the results. The medical facilities can be
improved in the future, and computer technology and
medical technology should be connected more in the
future and make full use of the advantages of
computer technology.
4 CONCLUSION
To sum up, this paper has analyzed security events in
different fields, including detection and prediction.
The paper introduces the relevant safety accidents in
different reasonable fields and the learning methods
with techniques used to detect the possibility of safety
accidents. It mainly summarizes the most general
safety accidents in public places, for example,
platforms and medical fields, and how to forecast
them to avoid errors, meanwhile improving the
reliability. The significance of this study focuses on
analyzing security and providing efficient solutions.
Future research can be strengthened in data selection,
universality and adapting the latest prediction
technology. Besides, this study might be further
applied to more fields to ensure human security, such
as information, health and other aspects.
REFERENCES
Aggarwal, Charu C., and Karthik Subbian. "Event detection
in social streams." Proceedings of the 2012 SIAM
international conference on data mining. Society for
Industrial and Applied Mathematics, 2012.
Ben-Shlomo, Yoav, et al. "Aortic pulse wave velocity
improves cardiovascular event prediction: an individual
participant meta-analysis of prospective observational
data from 17,635 subjects." Journal of the American
College of Cardiology 63.7 (2014): 636-646.
Jaya, C. K., R. Sunitha, and Abraham T. Mathew. "Security
prediction of high voltage transmission system (HVTS)
based on k-nearest neighbor (k-NN) classifier
technique." Journal of Intelligent & Fuzzy Systems 36.6
(2019): 5773-5782.
Ke, Yan, Rahul Sukthankar, and Martial Hebert. "Event
detection in crowded videos." 2007 IEEE 11th
International Conference on Computer Vision. IEEE,
2007.
Karakostas, Bill. "Event prediction in an IoT environment
using naïve Bayesian models." Procedia computer
science 83 (2016): 11-17.
Rudin, Cynthia, et al. "Sequential event prediction with
association rules." Proceedings of the 24th annual
conference on learning theory. JMLR Workshop and
Conference Proceedings, 2011.
Wang, Hongtao, et al. “Influential Spatial Facility
Prediction over Large Scale Cyber-Physical Vehicles in
Smart City.” EURASIP Journal on Wireless
Communications and Networking, vol. 2016, no. 1,
2016, doi:10.1186/s13638-016-0606-4.
Yang, Yang, Suzanne S. Farid, and Nina F. Thornhill. "Data
mining for rapid prediction of facility fit and
debottlenecking of biomanufacturing facilities."
Journal of biotechnology 179 (2014): 17-25.
Zhong, Zhen, et al. "Security assurance in wireless acoustic
sensors via event forecasting and detection." Security
and Communication Networks 8.16 (2015): 2671-2677.
ICPDI 2022 - International Conference on Public Management, Digital Economy and Internet Technology
752
