Measuring the hydrostatic mass bias in galaxy clusters by combining Sunyaev-Zel'dovich and CMB lensing data

The cosmological parameters prefered by the cosmic microwave background (CMB) primary anisotropies predict many more galaxy clusters than those that have been detected via the thermal Sunyaev-Zeldovich (tSZ) effect. This tension has attracted considerable attention since it could be evidence of physics beyond the simplest $\Lambda$CDM model. However, an accurate and robust calibration of the mass-observable relation for clusters is necessary for the comparison, which has been proven difficult to obtain so far. Here, we present new contraints on the mass-pressure relation by combining tSZ and CMB lensing measurements about optically-selected clusters. Consequently, our galaxy cluster sample is independent from the data employed to derive cosmological constrains. We estimate an average hydrostatic mass bias of $b = 0.26 \pm 0.07$, with no significant mass nor redshift evolution. This value greatly reduces the tension between the predictions of $\Lambda$CDM and the observed abundance of tSZ clusters while being in agreement with recent estimations from tSZ clustering. On the other hand, our value for $b$ is higher than the predictions from hydro-dynamical simulations. This suggests the existence of mechanisms driving large departures from hydrostatic equilibrium and that are not included in state-of-the-art simulations, and/or unaccounted systematic errors such as biases in the cluster catalogue due to the optical selection.Comment: 4 pages, 3 figure

Creating better ground truth to further understand Android malware: A large scale mining approach based on antivirus labels and malicious artifacts

Mobile applications are essential for interacting with technology and other people. With more than 2 billion devices deployed all over the world, Android offers a thriving ecosystem by making accessible the work of thousands of developers on digital marketplaces such as Google Play. Nevertheless, the success of Android also exposes millions of users to malware authors who seek to siphon private information and hijack mobile devices for their benefits. To fight against the proliferation of Android malware, the security community embraced machine learning, a branch of artificial intelligence that powers a new generation of detection systems. Machine learning algorithms, however, require a substantial number of qualified samples to learn the classification rules enforced by security experts. Unfortunately, malware ground truths are notoriously hard to construct due to the inherent complexity of Android applications and the global lack of public information about malware. In a context where both information and human resources are limited, the security community is in demand for new approaches to aid practitioners to accurately define Android malware, automate classification decisions, and improve the comprehension of Android malware. This dissertation proposes three solutions to assist with the creation of malware ground truths. The first contribution is STASE, an analytical framework that qualifies the composition of malware ground truths. STASE reviews the information shared by antivirus products with nine metrics in order to support the reproducibility of research experiments and detect potential biases. This dissertation reports the results of STASE against three typical settings and suggests additional recommendations for designing experiments based on Android malware. The second contribution is EUPHONY, a heuristic system built to unify family clusters belonging to malware ground truths. EUPHONY exploits the co-occurrence of malware labels obtained from antivirus reports to study the relationship between Android applications and proposes a single family name per sample for the sake of facilitating malware experiments. This dissertation evaluates EUPHONY on well-known malware ground truths to assess the precision of our approach and produce a large dataset of malware tags for the research community. The third contribution is AP-GRAPH, a knowledge database for dissecting the characteristics of malware ground truths. AP-GRAPH leverages the results of EUPHONY and static analysis to index artifacts that are highly correlated with malware activities and recommend the inspection of the most suspicious components. This dissertation explores the set of artifacts retrieved by AP-GRAPH from popular malware families to track down their correlation and their evolution compared to other malware populations