GRASE: Granulometry Analysis with Semi Eager Classifier to Detect Malware

Technological advancement in communication leading to 5G, motivates everyone to get connected to the internet including ‘Devices’, a technology named Web of Things (WoT). The community benefits from this large-scale network which allows monitoring and controlling of physical devices. But many times, it costs the security as MALicious softWARE (MalWare) developers try to invade the network, as for them, these devices are like a ‘backdoor’ providing them easy ‘entry’. To stop invaders from entering the network, identifying malware and its variants is of great significance for cyberspace. Traditional methods of malware detection like static and dynamic ones, detect the malware but lack against new techniques used by malware developers like obfuscation, polymorphism and encryption. A machine learning approach to detect malware, where the classifier is trained with handcrafted features, is not potent against these techniques and asks for efforts to put in for the feature engineering. The paper proposes a malware classification using a visualization methodology wherein the disassembled malware code is transformed into grey images. It presents the efficacy of Granulometry texture analysis technique for improving malware classification. Furthermore, a Semi Eager (SemiE) classifier, which is a combination of eager learning and lazy learning technique, is used to get robust classification of malware families. The outcome of the experiment is promising since the proposed technique requires less training time to learn the semantics of higher-level malicious behaviours. Identifying the malware (testing phase) is also done faster. A benchmark database like malimg and Microsoft Malware Classification challenge (BIG-2015) has been utilized to analyse the performance of the system. An overall average classification accuracy of 99.03 and 99.11% is achieved, respectively

Enabling Program Analysis Through Deterministic Replay and Optimistic Hybrid Analysis

As software continues to evolve, software systems increase in complexity. With software systems composed of many distinct but interacting components, today’s system programmers, users, and administrators find themselves requiring automated ways to find, understand, and handle system mis-behavior. Recent information breaches such as the Equifax breach of 2017, and the Heartbleed vulnerability of 2014 show the need to understand and debug prior states of computer systems. In this thesis I focus on enabling practical entire-system retroactive analysis, allowing programmers, users, and system administrators to diagnose and understand the impact of these devastating mishaps. I focus primarly on two techniques. First, I discuss a novel deterministic record and replay system which enables fast, practical recollection of entire systems of computer state. Second, I discuss optimistic hybrid analysis, a novel optimization method capable of dramatically accelerating retroactive program analysis. Record and replay systems greatly aid in solving a variety of problems, such as fault tolerance, forensic analysis, and information providence. These solutions, however, assume ubiquitous recording of any application which may have a problem. Current record and replay systems are forced to trade-off between disk space and replay speed. This trade-off has historically made it impractical to both record and replay large histories of system level computation. I present Arnold, a novel record and replay system which efficiently records years of computation on a commodity hard-drive, and can efficiently replay any recorded information. Arnold combines caching with a unique process-group granularity of recording to produce both small, and quickly recalled recordings. My experiments show that under a desktop workload, Arnold could store 4 years of computation on a commodity 4TB hard drive. Dynamic analysis is used to retroactively identify and address many forms of system mis-behaviors including: programming errors, data-races, private information leakage, and memory errors. Unfortunately, the runtime overhead of dynamic analysis has precluded its adoption in many instances. I present a new dynamic analysis methodology called optimistic hybrid analysis (OHA). OHA uses knowledge of the past to predict program behaviors in the future. These predictions, or likely invariants are speculatively assumed true by a static analysis. This creates a static analysis which can be far more accurate than its traditional counterpart. Once this predicated static analysis is created, it is speculatively used to optimize a final dynamic analysis, creating a far more efficient dynamic analysis than otherwise possible. I demonstrate the effectiveness of OHA by creating an optimistic hybrid backward slicer, OptSlice, and optimistic data-race detector OptFT. OptSlice and OptFT are just as accurate as their traditional hybrid counterparts, but run on average 8.3x and 1.6x faster respectively. In this thesis I demonstrate that Arnold’s ability to record and replay entire computer systems, combined with optimistic hybrid analysis’s ability to quickly analyze prior computation, enable a practical and useful entire system retroactive analysis that has been previously unrealized.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/144052/1/ddevec_1.pd

Supporting visual access to a distributed organizational memory warehouse in the web environment

Organizational memories play a significant role in knowledge management but several challenges confront their use. Artifacts of organizational memory are many and varied. Access and use of the stored artifact is influenced by the user\u27s understanding of these information objects as well as their context. In our work, we use a topic map to represent user cognition of contextualized information. Topic maps allow for access and analysis of stored memory artifacts. We implement the topic map with both a Java client interface and a web interface to access the organizational memory warehouse. The thesis also presents the design and development of this organizational memory warehouse with several simple tools with web access via topic maps. The running warehouse example uses email as the data type

Results from the Clarify Study

Centro de Matemática e Aplicações, UID (MAT/00297/2020), Portuguese Foundation of Science and Technology. Publisher Copyright: © 2022 by the authors.Background: Artificial intelligence (AI) has contributed substantially in recent years to the resolution of different biomedical problems, including cancer. However, AI tools with significant and widespread impact in oncology remain scarce. The goal of this study is to present an AI-based solution tool for cancer patients data analysis that assists clinicians in identifying the clinical factors associated with poor prognosis, relapse and survival, and to develop a prognostic model that stratifies patients by risk. Materials and Methods: We used clinical data from 5275 patients diagnosed with non-small cell lung cancer, breast cancer, and non-Hodgkin lymphoma at Hospital Universitario Puerta de Hierro-Majadahonda. Accessible clinical parameters measured with a wearable device and quality of life questionnaires data were also collected. Results: Using an AI-tool, data from 5275 cancer patients were analyzed, integrating clinical data, questionnaires data, and data collected from wearable devices. Descriptive analyses were performed in order to explore the patients’ characteristics, survival probabilities were calculated, and a prognostic model identified low and high-risk profile patients. Conclusion: Overall, the reconstruction of the population’s risk profile for the cancer-specific predictive model was achieved and proved useful in clinical practice using artificial intelligence. It has potential application in clinical settings to improve risk stratification, early detection, and surveillance management of cancer patients.publishersversionpublishe

NASA Sea Ice Validation Program for the Defense Meteorological Satellite Program Special Sensor Microwave Imager

The history of the program is described along with the SSM/I sensor, including its calibration and geolocation correction procedures used by NASA, SSM/I data flow, and the NASA program to distribute polar gridded SSM/I radiances and sea ice concentrations (SIC) on CD-ROMs. Following a discussion of the NASA algorithm used to convert SSM/I radiances to SICs, results of 95 SSM/I-MSS Landsat IC comparisons for regions in both the Arctic and the Antarctic are presented. The Landsat comparisons show that the overall algorithm accuracy under winter conditions is 7 pct. on average with 4 pct. negative bias. Next, high resolution active and passive microwave image mosaics from coordinated NASA and Navy aircraft underflights over regions of the Beaufort and Chukchi seas in March 1988 were used to show that the algorithm multiyear IC accuracy is 11 pct. on average with a positive bias of 12 pct. Ice edge crossings of the Bering Sea by the NASA DC-8 aircraft were used to show that the SSM/I 15 pct. ice concentration contour corresponds best to the location of the initial bands at the ice edge. Finally, a summary of results and recommendations for improving the SIC retrievals from spaceborne radiometers are provided

Scaling Causality Analysis for Production Systems.

Causality analysis reveals how program values influence each other. It is important for debugging, optimizing, and understanding the execution of programs. This thesis scales causality analysis to production systems consisting of desktop and server applications as well as large-scale Internet services. This enables developers to employ causality analysis to debug and optimize complex, modern software systems. This thesis shows that it is possible to scale causality analysis to both fine-grained instruction level analysis and analysis of Internet scale distributed systems with thousands of discrete software components by developing and employing automated methods to observe and reason about causality. First, we observe causality at a fine-grained instruction level by developing the first taint tracking framework to support tracking millions of input sources. We also introduce flexible taint tracking to allow for scoping different queries and dynamic filtering of inputs, outputs, and relationships. Next, we introduce the Mystery Machine, which uses a ``big data'' approach to discover causal relationships between software components in a large-scale Internet service. We leverage the fact that large-scale Internet services receive a large number of requests in order to observe counterexamples to hypothesized causal relationships. Using discovered casual relationships, we identify the critical path for request execution and use the critical path analysis to explore potential scheduling optimizations. Finally, we explore using causality to make data-quality tradeoffs in Internet services. A data-quality tradeoff is an explicit decision by a software component to return lower-fidelity data in order to improve response time or minimize resource usage. We perform a study of data-quality tradeoffs in a large-scale Internet service to show the pervasiveness of these tradeoffs. We develop DQBarge, a system that enables better data-quality tradeoffs by propagating critical information along the causal path of request processing. Our evaluation shows that DQBarge helps Internet services mitigate load spikes, improve utilization of spare resources, and implement dynamic capacity planning.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/135888/1/mcchow_1.pd

Risk of winter hospitalisation and death from acute respiratory infections in Scotland: national retrospective cohort study

Objectives We undertook a national analysis to characterise and identify risk factors for acute respiratory infections (ARIs) resulting in hospitalisation and death during the winter period in Scotland. Design A population-based retrospective cohort analysis Setting Scotland Participants 5.4 million residents in Scotland Main outcome measures Cox proportional hazard models were used to estimate adjusted hazard ratios (aHR) and 95% confidence intervals (CIs) for the association between risk factors and ARI hospitalisation. Results Between September 1, 2022 and January 31, 2023, there were 22,284 (10.9% of 203,549 with any emergency hospitalisation) ARI hospitalisations (1,759 in children and 20,525 in adults) in Scotland. Compared to the reference group of children aged 6-17 years, the risk of ARI hospitalisation was higher in children aged 3-5 years (aHR=4.55 95%CI (4.11-5.04)). Compared to 25-29 years old, the risk of ARI hospitalisation was highest amongst the oldest adults aged ≥80 years (7.86 (7.06-8.76)). Adults from more deprived areas (most deprived vs least deprived, 1.64 (1.57-1.72)), with existing health conditions (≥5 vs 0 health conditions, 4.84 (4.53-5.18)) or with history of all-cause emergency admissions (≥6 vs 0 previous emergency admissions 7.53 (5.48-10.35)) were at higher risk of ARI hospitalisations. The risk increased by the number of existing health conditions and previous emergency admission. Similar associations were seen in children. Conclusions Younger children, older adults, those from more deprived backgrounds and individuals with greater numbers of pre-existing conditions and previous emergency admission were at increased risk for winter hospitalisations for ARI