915 research outputs found
Dynamic Analysis of Executables to Detect and Characterize Malware
It is needed to ensure the integrity of systems that process sensitive
information and control many aspects of everyday life. We examine the use of
machine learning algorithms to detect malware using the system calls generated
by executables-alleviating attempts at obfuscation as the behavior is monitored
rather than the bytes of an executable. We examine several machine learning
techniques for detecting malware including random forests, deep learning
techniques, and liquid state machines. The experiments examine the effects of
concept drift on each algorithm to understand how well the algorithms
generalize to novel malware samples by testing them on data that was collected
after the training data. The results suggest that each of the examined machine
learning algorithms is a viable solution to detect malware-achieving between
90% and 95% class-averaged accuracy (CAA). In real-world scenarios, the
performance evaluation on an operational network may not match the performance
achieved in training. Namely, the CAA may be about the same, but the values for
precision and recall over the malware can change significantly. We structure
experiments to highlight these caveats and offer insights into expected
performance in operational environments. In addition, we use the induced models
to gain a better understanding about what differentiates the malware samples
from the goodware, which can further be used as a forensics tool to understand
what the malware (or goodware) was doing to provide directions for
investigation and remediation.Comment: 9 pages, 6 Tables, 4 Figure
Experiments on Adaptive Techniques for Host-Based Intrusion Detection
This research explores four experiments of adaptive host-based intrusion detection (ID) techniques in an attempt to develop systems that can detect novel exploits. The technique considered to have the most potential is adaptive critic designs (ACDs) because of their utilization of reinforcement learning, which allows learning exploits that are difficult to pinpoint in sensor data. Preliminary results of ID using an ACD, an Elman recurrent neural network, and a statistical anomaly detection technique demonstrate an ability to learn to distinguish between clean and exploit data. We used the Solaris Basic Security Module (BSM) as a data source and performed considerable preprocessing on the raw data. A detection approach called generalized signature-based ID is recommended as a middle ground between signature-based ID, which has an inability to detect novel exploits, and anomaly detection, which detects too many events including events that are not exploits. The primary results of the ID experiments demonstrate the use of custom data for generalized signature-based intrusion detection and the ability of neural network-based systems to learn in this application environment
Recommended from our members
Long-term safety and efficacy of trifarotene 50 μg/g cream, a first-in-class RAR-γ selective topical retinoid, in patients with moderate facial and truncal acne.
BackgroundTreatment for both facial and truncal acne has not sufficiently been studied.ObjectivesTo evaluate the long-term safety and efficacy of trifarotene in both facial and truncal acne.MethodsIn a multicentre, open-label, 52-week study, patients with moderate facial and truncal acne received trifarotene 50 μg/g cream (trifarotene). Assessments included local tolerability, safety, investigator and physician's global assessments (IGA, PGA) and quality of life (QOL). A validated QOL questionnaire was completed by the patient at Baseline, Week 12, 26 and 52/ET.ResultsOf 453 patients enrolled, 342 (75.5%) completed the study. Trifarotene-related treatment-emergent adverse events (TEAEs) were reported in 12.6% of patients, and none was serious. Most related TEAEs were cutaneous and occurred during the first 3 months. Signs and symptoms of local tolerability were mostly mild or moderate and severe signs, and symptoms were reported for 2.2% to 7.1% of patients for the face and 2.5% to 5.4% for the trunk. Local irritation increased during the first week of treatment on the face and up to Weeks 2 to 4 on the trunk with both decreasing thereafter. At Week 12, IGA and PGA success rates were 26.6% and 38.6%, respectively. Success rates increased to 65.1% and 66.9%, respectively at Week 52. Overall success (both IGA and PGA success in the same patient) was 57.9% at Week 52. At Week 52 visit, 92/171 (53.8%) patients who had completed their assessments had scores from 0 to 1 (i.e. no effect of acne on their QOL) vs. 47/208 (22.6%) patients at Baseline visit.ConclusionIn this 52-week study, trifarotene was safe, well tolerated and effective in moderate facial and truncal acne
Neurogenesis Deep Learning
Neural machine learning methods, such as deep neural networks (DNN), have
achieved remarkable success in a number of complex data processing tasks. These
methods have arguably had their strongest impact on tasks such as image and
audio processing - data processing domains in which humans have long held clear
advantages over conventional algorithms. In contrast to biological neural
systems, which are capable of learning continuously, deep artificial networks
have a limited ability for incorporating new information in an already trained
network. As a result, methods for continuous learning are potentially highly
impactful in enabling the application of deep networks to dynamic data sets.
Here, inspired by the process of adult neurogenesis in the hippocampus, we
explore the potential for adding new neurons to deep layers of artificial
neural networks in order to facilitate their acquisition of novel information
while preserving previously trained data representations. Our results on the
MNIST handwritten digit dataset and the NIST SD 19 dataset, which includes
lower and upper case letters and digits, demonstrate that neurogenesis is well
suited for addressing the stability-plasticity dilemma that has long challenged
adaptive machine learning algorithms.Comment: 8 pages, 8 figures, Accepted to 2017 International Joint Conference
on Neural Networks (IJCNN 2017
- …