Effiziente und erklärbare Erkennung von mobiler Schadsoftware mittels maschineller Lernmethoden

In recent years, mobile devices shipped with Google’s Android operating system have become ubiquitous. Due to their popularity and the high concentration of sensitive user data on these devices, however, they have also become a profitable target of malware authors. As a result, thousands of new malware instances targeting Android are found almost every day. Unfortunately, common signature-based methods often fail to detect these applications, as these methods can- not keep pace with the rapid development of new malware. Consequently, there is an urgent need for new malware detection methods to tackle this growing threat. In this thesis, we address the problem by combining concepts of static analysis and machine learning, such that mobile malware can be detected directly on the mobile device with low run-time overhead. To this end, we first discuss our analysis results of a sophisticated malware that uses an ultrasonic side channel to spy on unwitting smartphone users. Based on the insights we gain throughout this thesis, we gradually develop a method that allows detecting Android malware in general. The resulting method performs a broad static analysis, gathering a large number of features associated with an application. These features are embedded in a joint vector space, where typical patterns indicative of malware can be automatically identified and used for explaining the decisions of our method. In addition to an evaluation of its overall detection and run-time performance, we also examine the interpretability of the underlying detection model and strengthen the classifier against realistic evasion attacks. In a large set of experiments, we show that the method clearly outperforms several related approaches, including popular anti-virus scanners. In most experiments, our approach detects more than 90% of all malicious samples in the dataset at a low false positive rate of only 1%. Furthermore, even on older devices, it offers a good run-time performance, and can output a decision along with a proper explanation within a few seconds, despite the use of machine learning techniques directly on the mobile device. Overall, we find that the application of machine learning techniques is a promising research direction to improve the security of mobile devices. While these techniques alone cannot defeat the threat of mobile malware, they at least raise the bar for malicious actors significantly, especially if combined with existing techniques.Die Verbreitung von Smartphones, insbesondere mit dem Android-Betriebssystem, hat in den vergangenen Jahren stark zugenommen. Aufgrund ihrer hohen Popularität haben sich diese Geräte jedoch zugleich auch zu einem lukrativen Ziel für Entwickler von Schadsoftware entwickelt, weshalb mittlerweile täglich neue Schadprogramme für Android gefunden werden. Obwohl verschiedene Lösungen existieren, die Schadprogramme auch auf mobilen Endgeräten identifizieren sollen, bieten diese in der Praxis häufig keinen ausreichenden Schutz. Dies liegt vor allem daran, dass diese Verfahren zumeist signaturbasiert arbeiten und somit schädliche Programme erst zuverlässig identifizieren können, sobald entsprechende Erkennungssignaturen vorhanden sind. Jedoch wird es für Antiviren-Hersteller immer schwieriger, die zur Erkennung notwendigen Signaturen rechtzeitig bereitzustellen. Daher ist die Entwicklung von neuen Verfahren nötig, um der wachsenden Bedrohung durch mobile Schadsoftware besser begegnen zu können. In dieser Dissertation wird ein Verfahren vorgestellt und eingehend untersucht, das Techniken der statischen Code-Analyse mit Methoden des maschinellen Lernens kombiniert, um so eine zuverlässige Erkennung von mobiler Schadsoftware direkt auf dem Mobilgerät zu ermöglichen. Die Methode analysiert hierfür mobile Anwendungen zunächst statisch und extrahiert dabei spezielle Merkmale, die eine Abbildung einer Applikation in einen hochdimensionalen Vektorraum ermöglichen. In diesem Vektorraum sind schließlich maschinelle Lernmethoden in der Lage, automatisch Muster zur Erkennung von Schadprogrammen zu finden. Die gefundenen Muster können dabei nicht nur zur Erkennung, sondern darüber hinaus auch zur Erklärung einer getroffenenen Entscheidung dienen. Im Rahmen einer ausführlichen Evaluation wird nicht nur die Erkennungsleistung und die Laufzeit der vorgestellten Methode untersucht, sondern darüber hinaus das gelernte Erkennungsmodell im Detail analysiert. Hierbei wird auch die Robustheit des Modells gegenüber gezielten Angriffe untersucht und verbessert. In einer Reihe von Experimenten kann gezeigt werden, dass mit dem vorgeschlagenen Verfahren bessere Ergebnisse erzielt werden können als mit vergleichbaren Methoden, sogar einschließlich einiger populärer Antivirenprogramme. In den meisten Experimenten kann die Methode Schadprogramme zuverlässig erkennen und erreicht Erkennungsraten von über 90% bei einer geringen Falsch-Positiv-Rate von 1%

Sustainability in design: now! Challenges and opportunities for design research, education and practice in the XXI century

Copyright @ 2010 Greenleaf PublicationsLeNS project funded by the Asia Link Programme, EuropeAid, European Commission

Data and the city – accessibility and openness. a cybersalon paper on open data

This paper showcases examples of bottom–up open data and smart city applications and identifies lessons for future such efforts. Examples include Changify, a neighbourhood-based platform for residents, businesses, and companies; Open Sensors, which provides APIs to help businesses, startups, and individuals develop applications for the Internet of Things; and Cybersalon’s Hackney Treasures. a location-based mobile app that uses Wikipedia entries geolocated in Hackney borough to map notable local residents. Other experiments with sensors and open data by Cybersalon members include Ilze Black and Nanda Khaorapapong's The Breather, a "breathing" balloon that uses high-end, sophisticated sensors to make air quality visible; and James Moulding's AirPublic, which measures pollution levels. Based on Cybersalon's experience to date, getting data to the people is difficult, circuitous, and slow, requiring an intricate process of leadership, public relations, and perseverance. Although there are myriad tools and initiatives, there is no one solution for the actual transfer of that data

CORPORATE SOCIAL RESPONSIBILITY IN ROMANIA

The purpose of this paper is to identify the main opportunities and limitations of corporate social responsibility (CSR). The survey was defined with the aim to involve the highest possible number of relevant CSR topics and give the issue a more wholesome perspective. It provides a basis for further comprehension and deeper analyses of specific CSR areas. The conditions determining the success of CSR in Romania have been defined in the paper on the basis of the previously cumulative knowledge as well as the results of various researches. This paper provides knowledge which may be useful in the programs promoting CSR.Corporate social responsibility, Supportive policies, Romania

Terminology policies and communication for social change

Die vorliegende Dissertation untersucht die PR- und Kommunikationsstrategie südafrikanischer Regierungsinstitutionen hinsichtlich der Sprach- und Terminologiepolitik des Landes. Südafrika nutzt derzeit noch nicht alle Möglichkeiten konsequent aus und vergibt auf diese Weise viele Gelegenheiten, die linguistische und kulturelle Vielfalt der Nation zu kommunizieren, sowie Fachkommunikation in den offiziellen Sprachen, mit Ausnahme von Englisch, zu fördern. Um diese Hypothese zu unterlegen, untersuche ich den Prozess der Politikgestaltung, wie er in den UNESCO Guidelines for Terminology Policies beschrieben wurde, um auf diese Weise Kommunikationsprozesse zu identifizieren, die besondere Planung erfordern. Dabei wird die Entwicklung und Umsetzung der Strategie als komplexe Management-Aktivität beschrieben, die eigene Regeln und Charakteristika besitzt. Weiterhin werden Erkenntnisse aus den Kommunikationswissenschaften, insbesondere des Unterbereiches Development Communication, bzw. Communication for Social Change sowie Beispiele aus anderen Fachgebieten untersucht auf deren Anwendbarkeit im Bereich Terminologiepolitik. Erfolgskriterien werden extrahiert, gegen welche anschliessend die reale Situation in Südafrika verglichen wird. Den Hauptteil der vorliegenden Studie stellt eine Analyse der südafrikanischen Geschichte, Gesellschaft, sowie des Politik- und Mediensektors. Diese Faktoren haben einen besonderen Einfluß auf die Sprach- und Terminologiepolitik des Landes, wie auch mögliche und tatsächliche PR-Strategien. Die Studie schliesst mit Empfehlungen für eine Verbesserung dieser Strategie sowie einem Ausblick auf die erwartete Richtung der nächsten Generation südafrikanischer Terminologiepolitik und die Entwicklung des Mediensektors.This doctoral thesis examines the communication strategy employed by the South African government institutions concerning their terminology and language policy. South Africa does not make consequent use of all possibilities to the best possible extent, thus giving away many opportunities to promote linguistic and cultural diversity in the country and facilitate subject-field communication in the official languages other than English. To prove the hypothesis I examine the policy-making process as it is described in the UNESCO Guidelines for Terminology Policies in order to identify communication processes that require careful planning. By doing so, the policy process is exposed as a complex management activity with its own rules and characteristics. Furthermore, communication science, and there especially the fields of Development Communication or Communication for Social Change, as well as benchmarking from other fields, is analyzed with the aim to evaluate these fields for their application in terminology policies. Success criteria are derived from this analysis against which the actual situation is compared. The main part of the thesis is a thorough analysis of South Africa’s history, society, as well as political and media sector. These factors have an important impact on the country’s language and terminology policy as well as on possible and actual communication strategies. The study concludes with recommendations to improve the communication strategy and an outlook on the expected direction of the next generation terminology policy, as well as media and communication development

Матеріали 4-го Міжнародного семінару з доповненої реальності в освіті (AREdu 2021). Кривий Ріг, Україна. 11 травня 2021 року

Proceedings of the 4th International Workshop on Augmented Reality in Education (AREdu 2021). Kryvyi Rih, Ukraine. May 11, 2021.Матеріали 4-го Міжнародного семінару з доповненої реальності в освіті (AREdu 2021). Кривий Ріг, Україна. 11 травня 2021 рок

Manager’s and citizen’s perspective of positive and negative risks for small probabilities

So far „risk‟ has been mostly defined as the expected value of a loss, mathematically PL, being P the probability of an adverse event and L the loss incurred as a consequence of the event. The so called risk matrix is based on this definition. Also for favorable events one usually refers to the expected gain PG, being G the gain incurred as a consequence of the positive event. These “measures” are generally violated in practice. The case of insurances (on the side of losses, negative risk) and the case of lotteries (on the side of gains, positive risk) are the most obvious. In these cases a single person is available to pay a higher price than that stated by the mathematical expected value, according to (more or less theoretically justified) measures. The higher the risk, the higher the unfair accepted price. The definition of risk as expected value is justified in a long term “manager‟s” perspective, in which it is conceivable to distribute the effects of an adverse event on a large number of subjects or a large number of recurrences. In other words, this definition is mostly justified on frequentist terms. Moreover, according to this definition, in two extreme situations (high-probability/low-consequence and low-probability/high-consequence), the estimated risk is low. This logic is against the principles of sustainability and continuous improvement, which should impose instead both a continuous search for lower probabilities of adverse events (higher and higher reliability) and a continuous search for lower impact of adverse events (in accordance with the fail-safe principle). In this work a different definition of risk is proposed, which stems from the idea of safeguard: (1Risk)=(1P)(1L). According to this definition, the risk levels can be considered low only when both the probability of the adverse event and the loss are small. Such perspective, in which the calculation of safeguard is privileged to the calculation of risk, would possibly avoid exposing the Society to catastrophic consequences, sometimes due to wrong or oversimplified use of probabilistic models. Therefore, it can be seen as the citizen‟s perspective to the definition of risk

ASYMMETRY INFORMATION: INVESTORS TRUST REFLECTION TOWARD QUALITY OF EARNINGS

This article aims to describe the investors' trust toward quality of earnings reflection proxied by earnings response coeffisient (ERC). The study was conducted on 296 manufacturing companies that meet the criteria of observations in 2011 to 2015. The variables used in this research is the board of directors, audit comitee, the independent board as exogenous variables, information asymmetry as an intervening variable and earnings response coeffisient (ERC) as an endogenous variable by means of persistency as control variables. The board of directors and the independent board in this article as a proxy of corporate governance show the effect on the information gap represented by information asymmetry, while the audit comitee Showed the opposite effect. Information gaps provide explanatory power on the reflection of investor confidence in the quality of earnings that are Reported company

Factors Influencing Customer Satisfaction towards E-shopping in Malaysia

Online shopping or e-shopping has changed the world of business and quite a few people have decided to work with these features. What their primary concerns precisely and the responses from the globalisation are the competency of incorporation while doing their businesses. E-shopping has also increased substantially in Malaysia in recent years. The rapid increase in the e-commerce industry in Malaysia has created the demand to emphasize on how to increase customer satisfaction while operating in the e-retailing environment. It is very important that customers are satisfied with the website, or else, they would not return. Therefore, a crucial fact to look into is that companies must ensure that their customers are satisfied with their purchases that are really essential from the ecommerce’s point of view. With is in mind, this study aimed at investigating customer satisfaction towards e-shopping in Malaysia. A total of 400 questionnaires were distributed among students randomly selected from various public and private universities located within Klang valley area. Total 369 questionnaires were returned, out of which 341 questionnaires were found usable for further analysis. Finally, SEM was employed to test the hypotheses. This study found that customer satisfaction towards e-shopping in Malaysia is to a great extent influenced by ease of use, trust, design of the website, online security and e-service quality. Finally, recommendations and future study direction is provided. Keywords: E-shopping, Customer satisfaction, Trust, Online security, E-service quality, Malaysia