3,757 research outputs found
GRASE: Granulometry Analysis with Semi Eager Classifier to Detect Malware
Technological advancement in communication leading to 5G, motivates everyone to get connected to the internet including ‘Devices’, a technology named Web of Things (WoT). The community benefits from this large-scale network which allows monitoring and controlling of physical devices. But many times, it costs the security as MALicious softWARE (MalWare) developers try to invade the network, as for them, these devices are like a ‘backdoor’ providing them easy ‘entry’. To stop invaders from entering the network, identifying malware and its variants is of great significance for cyberspace. Traditional methods of malware detection like static and dynamic ones, detect the malware but lack against new techniques used by malware developers like obfuscation, polymorphism and encryption. A machine learning approach to detect malware, where the classifier is trained with handcrafted features, is not potent against these techniques and asks for efforts to put in for the feature engineering. The paper proposes a malware classification using a visualization methodology wherein the disassembled malware code is transformed into grey images. It presents the efficacy of Granulometry texture analysis technique for improving malware classification. Furthermore, a Semi Eager (SemiE) classifier, which is a combination of eager learning and lazy learning technique, is used to get robust classification of malware families. The outcome of the experiment is promising since the proposed technique requires less training time to learn the semantics of higher-level malicious behaviours. Identifying the malware (testing phase) is also done faster. A benchmark database like malimg and Microsoft Malware Classification challenge (BIG-2015) has been utilized to analyse the performance of the system. An overall average classification accuracy of 99.03 and 99.11% is achieved, respectively
A Survey on Forensics and Compliance Auditing for Critical Infrastructure Protection
The broadening dependency and reliance that modern societies have on essential services
provided by Critical Infrastructures is increasing the relevance of their trustworthiness. However, Critical
Infrastructures are attractive targets for cyberattacks, due to the potential for considerable impact, not just
at the economic level but also in terms of physical damage and even loss of human life. Complementing
traditional security mechanisms, forensics and compliance audit processes play an important role in ensuring
Critical Infrastructure trustworthiness. Compliance auditing contributes to checking if security measures are
in place and compliant with standards and internal policies. Forensics assist the investigation of past security
incidents. Since these two areas significantly overlap, in terms of data sources, tools and techniques, they can
be merged into unified Forensics and Compliance Auditing (FCA) frameworks. In this paper, we survey the
latest developments, methodologies, challenges, and solutions addressing forensics and compliance auditing
in the scope of Critical Infrastructure Protection. This survey focuses on relevant contributions, capable of
tackling the requirements imposed by massively distributed and complex Industrial Automation and Control
Systems, in terms of handling large volumes of heterogeneous data (that can be noisy, ambiguous, and
redundant) for analytic purposes, with adequate performance and reliability. The achieved results produced
a taxonomy in the field of FCA whose key categories denote the relevant topics in the literature. Also, the
collected knowledge resulted in the establishment of a reference FCA architecture, proposed as a generic
template for a converged platform. These results are intended to guide future research on forensics and
compliance auditing for Critical Infrastructure Protection.info:eu-repo/semantics/publishedVersio
Supporting the executability of R markdown files
R Markdown files are examples of literate programming documents that combine R code
with results and explanations. Such dynamic documents are designed to execute easily and
reproduce study results. However, little is known about the executability of R Markdown
files which can cause frustration among its users who intend to reuse the document. This
thesis aims to understand the executability of R Markdown files and improve the current
state of supporting the executability of those files.
Towards this direction, a large-scale study has been conducted on the executability of
R Markdown files collected from GitHub repositories. Results from the study show that a
significant number of R Markdown files (64.95%) are not executable, even after our best
efforts. To better understand the challenges, the exceptions encountered while executing
the files are categorized into different categories and a classifier is developed to determine
which Markdown files are likely to be executable. Such a classifier can be utilized by search
engines in their ranking which helps developers to find literate programming documents as
learning resources. To support the executability of R Markdown files a command-line tool
is developed. Such a tool can find issues in R Markdown files that prevent the executability
of those files. Using an R Markdown file as an input, the tool generates an intuitive list
of outputs that assist developers in identifying areas that require attention to ensure the
executability of the file. The tool not only utilizes static analysis of source code but also uses
a carefully crafted knowledge base of package dependencies to generate version constraints
of involved packages and a Satisfiability Modulo Theories (SMT) solver (i.e., Z3) to identify
compatible versions of those packages. Findings from this research can help developers
reuse R Markdown files easily, thus improving the productivity of developers. [...
Combined Nutrition and Exercise Interventions in Community Groups
Diet and physical activity are two key modifiable lifestyle factors that influence health across the lifespan (prevention and management of chronic diseases and reduction of the risk of premature death through several biological mechanisms). Community-based interventions contribute to public health, as they have the potential to reach high population-level impact, through the focus on groups that share a common culture or identity in their natural living environment. While the health benefits of a balanced diet and regular physical activity are commonly studied separately, interventions that combine these two lifestyle factors have the potential to induce greater benefits in community groups rather than strategies focusing only on one or the other. Thus, this Special Issue entitled “Combined Nutrition and Exercise Interventions in Community Groups” is comprised of manuscripts that highlight this combined approach (balanced diet and regular physical activity) in community settings. The contributors to this Special Issue are well-recognized professionals in complementary fields such as education, public health, nutrition, and exercise. This Special Issue highlights the latest research regarding combined nutrition and exercise interventions among different community groups and includes research articles developed through five continents (Africa, Asia, America, Europe and Oceania), as well as reviews and systematic reviews
Linking Datasets on Organizations Using Half A Billion Open Collaborated Records
Scholars studying organizations often work with multiple datasets lacking
shared unique identifiers or covariates. In such situations, researchers may
turn to approximate string matching methods to combine datasets. String
matching, although useful, faces fundamental challenges. Even when two strings
appear similar to humans, fuzzy matching often does not work because it fails
to adapt to the informativeness of the character combinations presented. Worse,
many entities have multiple names that are dissimilar (e.g., "Fannie Mae" and
"Federal National Mortgage Association"), a case where string matching has
little hope of succeeding. This paper introduces data from a prominent
employment-related networking site (LinkedIn) as a tool to address these
problems. We propose interconnected approaches to leveraging the massive amount
of information from LinkedIn regarding organizational name-to-name links. The
first approach builds a machine learning model for predicting matches from
character strings, treating the trillions of user-contributed organizational
name pairs as a training corpus: this approach constructs a string matching
metric that explicitly maximizes match probabilities. A second approach
identifies relationships between organization names using network
representations of the LinkedIn data. A third approach combines the first and
second. We document substantial improvements over fuzzy matching in
applications, making all methods accessible in open-source software
("LinkOrgs")
Development of an Event Management Web Application For Students: A Focus on Back-end
Managing schedules can be challenging for students, with different calendars on various platforms leading to confusion and missed events. To address this problem, this thesis presents the development of an event management website designed to help students stay organized and motivated. With a focus on the application's back-end, this thesis explores the technology stack used to build the website and the implementation details of each chosen technology. By providing a detailed case study of the website development process, this thesis serves as a helpful resource for future developers looking to build their web applications
- …