163 research outputs found
Empirical study of Android test generation tools on an industrial app
Given the ever increasing number of research tools to automatically generate inputs to test Android applications (or simply apps), researchers recently asked the question “Are we there yet?” (in terms of the practicality of the tools). In particular, researchers conduct an empirical study on existing testing techniques and tools on open-source Android apps. In this thesis, we present two significant extensions of that study. First, we conduct the first industrial case study of applying existing available testing tools against WeChat, a popular messenger app with over 800 million monthly active users. Second, we study the characteristics of covered activities achieved by testing tools to show which tools can be used in combination with other tools to achieve an optimal activity coverage. We also study the reasons why some activities are covered by only a particular testing tool to help app or tool developers improve their testing tools. Furthermore, we manually categorize not-covered activities to provide insightful information about the not-covered code entities. Such categorization will motivate app developers to spend additional resources during their testing efforts to cover such activities
Effizientes Maschinelles Lernen fĂĽr die Angriffserkennung
Detecting and fending off attacks on computer systems is an enduring
problem in computer security. In light of a plethora of different
threats and the growing automation used by attackers, we are in urgent
need of more advanced methods for attack detection.
In this thesis, we address the necessity of advanced attack detection
and develop methods to detect attacks using machine learning to
establish a higher degree of automation for reactive security. Machine
learning is data-driven and not void of bias. For the effective
application of machine learning for attack detection, thus, a periodic
retraining over time is crucial. However, the training complexity of
many learning-based approaches is substantial. We show that with the
right data representation, efficient algorithms for mining substring
statistics, and implementations based on probabilistic data structures,
training the underlying model can be achieved in linear time.
In two different scenarios, we demonstrate the effectiveness of
so-called language models that allow to generically portray the content
and structure of attacks: On the one hand, we are learning malicious
behavior of Flash-based malware using classification, and on the other
hand, we detect intrusions by learning normality in industrial control
networks using anomaly detection. With a data throughput of up to
580 Mbit/s during training, we do not only meet our expectations with
respect to runtime but also outperform related approaches by up to an
order of magnitude in detection performance. The same techniques that
facilitate learning in the previous scenarios can also be used for
revealing malicious content, embedded in passive file formats, such as
Microsoft Office documents. As a further showcase, we additionally
develop a method based on the efficient mining of substring statistics
that is able to break obfuscations irrespective of the used key length,
with up to 25 Mbit/s and thus, succeeds where related approaches fail.
These methods significantly improve detection performance and enable
operation in linear time. In doing so, we counteract the trend of
compensating increasing runtime requirements with resources. While the
results are promising and the approaches provide urgently needed
automation, they cannot and are not intended to replace human experts or
traditional approaches, but are designed to assist and complement them.Die Erkennung und Abwehr von Angriffen auf Endnutzer und Netzwerke ist
seit vielen Jahren ein anhaltendes Problem in der Computersicherheit.
Angesichts der hohen Anzahl an unterschiedlichen Angriffsvektoren und
der zunehmenden Automatisierung von Angriffen, bedarf es dringend
moderner Methoden zur Angriffserkennung.
In dieser Doktorarbeit werden Ansätze entwickelt, um Angriffe mit Hilfe
von Methoden des maschinellen Lernens zuverlässig, aber auch effizient
zu erkennen. Sie stellen der Automatisierung von Angriffen einen
entsprechend hohen Grad an Automatisierung von VerteidigungsmaĂźnahmen
entgegen. Das Trainieren solcher Methoden ist allerdings rechnerisch
aufwändig und erfolgt auf sehr großen Datenmengen. Laufzeiteffiziente
Lernverfahren sind also entscheidend. Wir zeigen, dass durch den Einsatz
von effizienten Algorithmen zur statistischen Analyse von Zeichenketten
und Implementierung auf Basis von probabilistischen Datenstrukturen, das
Lernen von effektiver Angriffserkennung auch in linearer Zeit möglich
ist.
Anhand von zwei unterschiedlichen Anwendungsfällen, demonstrieren wir
die Effektivität von Modellen, die auf der Extraktion von sogenannten
n-Grammen basieren: Zum einen, betrachten wir die Erkennung von
Flash-basiertem Schadcode mittels Methoden der Klassifikation, und zum
anderen, die Erkennung von Angriffen auf Industrienetzwerke bzw.
SCADA-Systeme mit Hilfe von Anomaliedetektion. Dabei erzielen wir
während des Trainings dieser Modelle einen Datendurchsatz von bis zu
580 Mbit/s und ĂĽbertreffen gleichzeitig die Erkennungsleistung von
anderen Ansätzen deutlich. Die selben Techniken, um diese lernenden
Ansätze zu ermöglichen, können außerdem für die Erkennung von Schadcode
verwendet werden, der in anderen Dateiformaten eingebettet und mittels
einfacher VerschlĂĽsselungen obfuskiert wurde. Hierzu entwickeln wir eine
Methode die basierend auf der statistischen Auswertung von Zeichenketten
einfache VerschlĂĽsselungen bricht. Der entwickelte Ansatz arbeitet
unabhängig von der verwendeten Schlüssellänge, mit einem Datendurchsatz
von bis zu 25 Mbit/s und ermöglicht so die erfolgreiche Deobfuskierung
in Fällen an denen andere Ansätze scheitern.
Die erzielten Ergebnisse in Hinsicht auf Laufzeiteffizienz und
Erkennungsleistung sind vielversprechend. Die vorgestellten Methoden
ermöglichen die dringend nötige Automatisierung von
VerteidigungsmaĂźnahmen, sollen den Experten oder etablierte Methoden
aber nicht ersetzen, sondern diese unterstützen und ergänzen
GeoXSLT : GML processing with XSLT and spatial extensions
This thesis claim that XSL Transformations combined with extensions can be used to
process geodata encoded as GML. The assertion is backed up by the following deliverables:
• A working proof-of-concept for an XSLT based transformation of spatial data.
• Tests providing measurements of functionality and performance.
• Argumentation that shows how and why this is a viable approach by discussion and
practical examples.
The paper concludes with a confirmation on the feasibility of the approach inline with the
research objectives and findings provided by the deliverables
Flat-plate solar array project. Volume 5: Process development
The goal of the Process Development Area, as part of the Flat-Plate Solar Array (FSA) Project, was to develop and demonstrate solar cell fabrication and module assembly process technologies required to meet the cost, lifetime, production capacity, and performance goals of the FSA Project. R&D efforts expended by Government, Industry, and Universities in developing processes capable of meeting the projects goals during volume production conditions are summarized. The cost goals allocated for processing were demonstrated by small volume quantities that were extrapolated by cost analysis to large volume production. To provide proper focus and coverage of the process development effort, four separate technology sections are discussed: surface preparation, junction formation, metallization, and module assembly
Proceedings of the Flat-Plate Solar Array Project Research Forum on the Design of Flat-Plate Photovoltaic Arrays for Central Stations
The Flat Plate Solar Array Project, focuses on advancing technologies relevant to the design and construction of megawatt level central station systems. Photovoltaic modules and arrays for flat plate central station or other large scale electric power production facilities require the establishment of a technical base that resolves design issues and results in practical and cost effective configurations. Design, qualification and maintenance issues related to central station arrays derived from the engineering and operating experiences of early applications and parallel laboratory reserch activities are investigated. Technical issues are examined from the viewpoint of the utility engineer, architect/engineer and laboratory researcher. Topics on optimum source circuit designs, module insulation design for high system voltages, array safety, structural interface design, measurements, and array operation and maintenance are discussed
- …