23 research outputs found
Throttling Malware Families in 2D
Malicious software are categorized into families based on their static and
dynamic characteristics, infection methods, and nature of threat. Visual
exploration of malware instances and families in a low dimensional space helps
in giving a first overview about dependencies and relationships among these
instances, detecting their groups and isolating outliers. Furthermore, visual
exploration of different sets of features is useful in assessing the quality of
these sets to carry a valid abstract representation, which can be later used in
classification and clustering algorithms to achieve a high accuracy. In this
paper, we investigate one of the best dimensionality reduction techniques known
as t-SNE to reduce the malware representation from a high dimensional space
consisting of thousands of features to a low dimensional space. We experiment
with different feature sets and depict malware clusters in 2-D. Surprisingly,
t-SNE does not only provide nice 2-D drawings, but also dramatically increases
the generalization power of SVM classifiers. Moreover, obtained results showed
that cross-validation accuracy is much better using the 2-D embedded
representation of samples than using the original high-dimensional
representation
Modèles et algorithmes pour la gestion de la localisation dans les réseaux à composantes mobiles multiservices
Éléments de la problématique -- Esquisse méthodologique et principales contributions de la thèse -- Gestion de mobilité et de localisation dans les SCP -- Normes et protocoles pour la gestion de localisation -- Modèles classiques pour la gestion de localisation -- Modèle de champ mémoire -- Idée et concept de base -- Comportement du modèle de champ mémoire -- Description des algorithmes -- Analyse de performance -- Analyse comparative des modèles de champ mémoire et IS-41 -- Modèle de champ mémoire versus modèle des pointeurs de renvoi -- Schéma global de gestion de localisation -- Idée de base du schéma global de gestion de localisation -- Procédures de mise à jour et de recherche de localisation -- Analyse de performance -- Schéma hybride pour la gestion de localisation -- Architecture centralisée versus architecture répartie -- Schéma hybride pour la gestion de localisation -- Analyse de performance du schéma hybride -- Résultats numériqeus de simulation -- Analyse de performance par rapport à CMR
A new architecture for improving location management in PCS networks
This study proposes a new architecture for improving the location management in PCS networks. The proposed architecture employs several HLRs as opposed to one HLR in the IS-41 and GSM models. Indeed, the new architecture associates with each MU two types of HLRs ; a resident HLR that serves the location areas in which the MU often resides and a serving HLR that serves the MU when it is roaming outside its resident HLR covering area. All the possible location update and location search scenarios of the proposed architecture are discussed. This analysis shows that the performance of the proposed scheme varies according to the user moving patterns. Numerical results are promising and a significant cost reduction can be obtained with the new architecture
A Collaborative Service Discovery and Service Sharing Framework for Mobile Ad Hoc Networks
Abstract. Service sharing and discovery play a relevant role in mobile ad hoc environments. Upon joining a self-organizing network, mobile nodes should be able to explore the environment to learn about, locate, and share the available services. In this paper, we propose a distributed and scalable service discovery and sharing framework for ad hoc networks. The proposed framework defines three types of nodes: service directories, service providers and requesting nodes. Service directory nodes act as mediators for lookup requests from requesting nodes. Joining service provider nodes register their services with the nearest service directory. A requesting node discovers the available services by submitting requests to its nearest service directory which determines the node providing the requesting service. The performance of the proposed model is evaluated and compared to the broadcast-based model that has been extensively studied in the literature
Collaborative caching priority for processing requests in MANETs
Accessing distant sources in MANETs leads to poor performance and sometimes impossible due to regular disconnection of mobile hosts. Several approaches have been proposed to improve data accessibility and reduce delay in serving requests. These approaches adopted the collaborative caching techniques, enabling various mobile hosts to cache and share data items in their local caches. However, processing requests based on their classification have not been tackled in previous works to reduce the average delay. In this paper, we propose a collaborative caching priority approach, which serves requests based on their classifications either priority or normal. This is to ensure that priority requests are served with minimum cache discovery overhead and with less delay in fetching data items that are cached in MANETs. The experimental results show that the proposed approach improved the performance of collaborative caching and outperformed the cooperative and adaptive system (COACS), with a decrement of 30.42% in average delay and an increment of 21.26% in hit ratio
Molecular Docking Study of Gingkgo biloba Compounds as Potential Inhibitors of SARS-CoV-2
COVID-19 pandemic caused by SARS-CoV-2 is a challenge for researchers to find effective drugs for this disease. Previous research had identified the role of Mpro, TMPRSS2, RdRp, and ACE2 which were useful as promising drug targets to inhibit SARS-CoV-2. This study aims to identify the potential compounds derived from Ginkgo biloba as potential SARS-CoV-2 inhibitors using a molecular docking study. A total of twenty-one compounds of Ginkgo biloba and comparative drugs were used in this study. The materials were downloaded from rcsb for protein targets and pubchem for comparative drugs and compounds. In this study, Lipinski rule of five using Swiss ADME web tool was used. Moreover, toxicity analysis using admetSAR 2.0 online test also used to predict toxicological profile of compounds. Dockings were carried out on Mpro, TMPRSS2, RdRp, and ACE2 protein targets by AutodockTools 1.5.6 and Autodock Vina. The visualization of molecular interaction was carried out by Discovery Studio v16. Nine compounds met the criteria as drug-like components and were safe. Docking results showed that ginkgolide-C and bilobetin showed strong molecular interactions to all protein targets compared to the comparative drugs and other compounds. In RdRp, ginkgolide-C showed the highest binding energy with -12.7 kcal/mol. Moreover, in TMPRSS2, ACE2 and Mpro, bilobetin also showed the highest binding energy with -12.7, -9.7 and -10 kcal/mol, respectively. Ginkgolide-C and bilobetin have the potential to be developed as SARS-CoV-2 inhibitors. Therefore, in vitro and in vivo investigations are needed to bring these compounds to the clinical setting
Mortality from gastrointestinal congenital anomalies at 264 hospitals in 74 low-income, middle-income, and high-income countries: a multicentre, international, prospective cohort study
Summary
Background Congenital anomalies are the fifth leading cause of mortality in children younger than 5 years globally.
Many gastrointestinal congenital anomalies are fatal without timely access to neonatal surgical care, but few studies
have been done on these conditions in low-income and middle-income countries (LMICs). We compared outcomes of
the seven most common gastrointestinal congenital anomalies in low-income, middle-income, and high-income
countries globally, and identified factors associated with mortality.
Methods We did a multicentre, international prospective cohort study of patients younger than 16 years, presenting to
hospital for the first time with oesophageal atresia, congenital diaphragmatic hernia, intestinal atresia, gastroschisis,
exomphalos, anorectal malformation, and Hirschsprung’s disease. Recruitment was of consecutive patients for a
minimum of 1 month between October, 2018, and April, 2019. We collected data on patient demographics, clinical
status, interventions, and outcomes using the REDCap platform. Patients were followed up for 30 days after primary
intervention, or 30 days after admission if they did not receive an intervention. The primary outcome was all-cause,
in-hospital mortality for all conditions combined and each condition individually, stratified by country income status.
We did a complete case analysis.
Findings We included 3849 patients with 3975 study conditions (560 with oesophageal atresia, 448 with congenital
diaphragmatic hernia, 681 with intestinal atresia, 453 with gastroschisis, 325 with exomphalos, 991 with anorectal
malformation, and 517 with Hirschsprung’s disease) from 264 hospitals (89 in high-income countries, 166 in middleincome
countries, and nine in low-income countries) in 74 countries. Of the 3849 patients, 2231 (58·0%) were male.
Median gestational age at birth was 38 weeks (IQR 36–39) and median bodyweight at presentation was 2·8 kg (2·3–3·3).
Mortality among all patients was 37 (39·8%) of 93 in low-income countries, 583 (20·4%) of 2860 in middle-income
countries, and 50 (5·6%) of 896 in high-income countries (p<0·0001 between all country income groups).
Gastroschisis had the greatest difference in mortality between country income strata (nine [90·0%] of ten in lowincome
countries, 97 [31·9%] of 304 in middle-income countries, and two [1·4%] of 139 in high-income countries;
p≤0·0001 between all country income groups). Factors significantly associated with higher mortality for all patients
combined included country income status (low-income vs high-income countries, risk ratio 2·78 [95% CI 1·88–4·11],
p<0·0001; middle-income vs high-income countries, 2·11 [1·59–2·79], p<0·0001), sepsis at presentation (1·20
[1·04–1·40], p=0·016), higher American Society of Anesthesiologists (ASA) score at primary intervention
(ASA 4–5 vs ASA 1–2, 1·82 [1·40–2·35], p<0·0001; ASA 3 vs ASA 1–2, 1·58, [1·30–1·92], p<0·0001]), surgical safety
checklist not used (1·39 [1·02–1·90], p=0·035), and ventilation or parenteral nutrition unavailable when needed
(ventilation 1·96, [1·41–2·71], p=0·0001; parenteral nutrition 1·35, [1·05–1·74], p=0·018). Administration of
parenteral nutrition (0·61, [0·47–0·79], p=0·0002) and use of a peripherally inserted central catheter (0·65
[0·50–0·86], p=0·0024) or percutaneous central line (0·69 [0·48–1·00], p=0·049) were associated with lower mortality.
Interpretation Unacceptable differences in mortality exist for gastrointestinal congenital anomalies between lowincome,
middle-income, and high-income countries. Improving access to quality neonatal surgical care in LMICs will
be vital to achieve Sustainable Development Goal 3.2 of ending preventable deaths in neonates and children younger
than 5 years by 2030
Quality of service in wireless local and metropolitan area networks
Wireless technology has shown tremendous growth and acceptance as a solution for both wireless local area networks and wireless metropolitan area networks. Ā e use of multimedia applications over IP with quality-of-service (QoS) support is now a reality in corporate networks and is rapidly expanding to the wireless networks. In this chapter, the state-of-the-art in supporting the QoS concepts in the IEEE 802.11-based wireless local area networks and the IEEE 802.16-based wireless metropolitan area networks is presented. Āe chapter is divided into two parts. Ā e first part starts by describing the IEEE 802.11 standard that supports only best effort (BE) services before examining the new IEEE 802.11e that is introduced to support sophisticated services that guarantee QoS attributes such as bandwidth, delay, and jitter. Āe second part explores the QoS in the wireless metropolitan area networks as introduced in IEEE 802.16 standard and its IEEE 802.16e amendment. Open research issues pertaining to realizing QoS in these networks are identified and some of the solutions that are proposed to address these challenges are also presented
Modeling Malware as a Language
Malware detection and malware construction are evolving in parallel. As malware authors incorporate evasive techniques into malware construction, antivirus software developers incorporate new static and dynamic analysis techniques into malware detection and classification with the aim of thwarting such evasive techniques. In this paper, we propose a new approach to static malware analysis, aiming to treat malware analysis as natural language analysis. We propose modeling malware as a language and assess the feasibility of finding semantics in instances of that language. We concretize this abstract problem into a classification task. Given a large dataset of malware instances categorized into 9 classes, we isolate strong semantic similarities between malware instances of the same class and classify unknown instances by strength of similarity to a class. Our approach consists of a proposed method for defining a malware-language, where malware instances are documents written in that language. We use the word2vec model to generate a computational representation of such documents and choose a document-distance as the measure of semantic closeness between them. We classify malware-documents by applying the k nearest neighbors algorithm (kNN). Validating our model using leave-one-out cross validation, we record a classification accuracy of up to 98%. We conclude that we can find, and ultimately manipulate semantics in malware
Transfer Learning for Malware Multi-Classification
In this paper, we build on top of the MalConv neural networks learning architecture which was initially designed for malware/benign classification. We evaluate the transfer learning of MalConv for malware multi-class classification by extending its contribution in several directions: (1) We assess MalConv performance on a multi-classification problem using a new dataset composed of solely malware samples belonging to different malware families, (2) we evaluate MalConv on the raw bytes data as well as on the opcodes extracted from the reversed assembly samples and compare the results, (3) we validate the MalConv findings about regularization, and (4) we study MalConv performance when using a medium size dataset and limited computational resources and GPU. The obtained results show that MalConv performs equally well for multi-classification and its performance on raw byte sequences is comparable to opcodes sequences. DeCov regularization is shown to improve the accuracy results better than other regularization techniques