45,753 research outputs found
Mal-Netminer: Malware Classification Approach based on Social Network Analysis of System Call Graph
As the security landscape evolves over time, where thousands of species of
malicious codes are seen every day, antivirus vendors strive to detect and
classify malware families for efficient and effective responses against malware
campaigns. To enrich this effort, and by capitalizing on ideas from the social
network analysis domain, we build a tool that can help classify malware
families using features driven from the graph structure of their system calls.
To achieve that, we first construct a system call graph that consists of system
calls found in the execution of the individual malware families. To explore
distinguishing features of various malware species, we study social network
properties as applied to the call graph, including the degree distribution,
degree centrality, average distance, clustering coefficient, network density,
and component ratio. We utilize features driven from those properties to build
a classifier for malware families. Our experimental results show that
influence-based graph metrics such as the degree centrality are effective for
classifying malware, whereas the general structural metrics of malware are less
effective for classifying malware. Our experiments demonstrate that the
proposed system performs well in detecting and classifying malware families
within each malware class with accuracy greater than 96%.Comment: Mathematical Problems in Engineering, Vol 201
First results from the LUCID-Timepix spacecraft payload onboard the TechDemoSat-1 satellite in Low Earth Orbit
The Langton Ultimate Cosmic ray Intensity Detector (LUCID) is a payload
onboard the satellite TechDemoSat-1, used to study the radiation environment in
Low Earth Orbit (635km). LUCID operated from 2014 to 2017, collecting
over 2.1 million frames of radiation data from its five Timepix detectors on
board. LUCID is one of the first uses of the Timepix detector technology in
open space, with the data providing useful insight into the performance of this
technology in new environments. It provides high-sensitivity imaging
measurements of the mixed radiation field, with a wide dynamic range in terms
of spectral response, particle type and direction. The data has been analysed
using computing resources provided by GridPP, with a new machine learning
algorithm that uses the Tensorflow framework. This algorithm provides a new
approach to processing Medipix data, using a training set of human labelled
tracks, providing greater particle classification accuracy than other
algorithms. For managing the LUCID data, we have developed an online platform
called Timepix Analysis Platform at School (TAPAS). This provides a swift and
simple way for users to analyse data that they collect using Timepix detectors
from both LUCID and other experiments. We also present some possible future
uses of the LUCID data and Medipix detectors in space.Comment: Accepted for publication in Advances in Space Researc
Terahertz Security Image Quality Assessment by No-reference Model Observers
To provide the possibility of developing objective image quality assessment
(IQA) algorithms for THz security images, we constructed the THz security image
database (THSID) including a total of 181 THz security images with the
resolution of 127*380. The main distortion types in THz security images were
first analyzed for the design of subjective evaluation criteria to acquire the
mean opinion scores. Subsequently, the existing no-reference IQA algorithms,
which were 5 opinion-aware approaches viz., NFERM, GMLF, DIIVINE, BRISQUE and
BLIINDS2, and 8 opinion-unaware approaches viz., QAC, SISBLIM, NIQE, FISBLIM,
CPBD, S3 and Fish_bb, were executed for the evaluation of the THz security
image quality. The statistical results demonstrated the superiority of Fish_bb
over the other testing IQA approaches for assessing the THz image quality with
PLCC (SROCC) values of 0.8925 (-0.8706), and with RMSE value of 0.3993. The
linear regression analysis and Bland-Altman plot further verified that the
Fish__bb could substitute for the subjective IQA. Nonetheless, for the
classification of THz security images, we tended to use S3 as a criterion for
ranking THz security image grades because of the relatively low false positive
rate in classifying bad THz image quality into acceptable category (24.69%).
Interestingly, due to the specific property of THz image, the average pixel
intensity gave the best performance than the above complicated IQA algorithms,
with the PLCC, SROCC and RMSE of 0.9001, -0.8800 and 0.3857, respectively. This
study will help the users such as researchers or security staffs to obtain the
THz security images of good quality. Currently, our research group is
attempting to make this research more comprehensive.Comment: 13 pages, 8 figures, 4 table
A Survey of Network Optimization Techniques for Traffic Engineering
TCP/IP represents the reference standard for the implementation of interoperable communication networks. Nevertheless, the layering principle at the basis of interoperability severely limits the performance of data communication networks, thus requiring proper configuration and management in order to provide effective management of traffic flows. This paper presents a brief survey related to network optimization using Traffic Engineering algorithms, aiming at providing additional insight to the different alternatives available in the scientific literature
- …