Predicting Exploitation of Disclosed Software Vulnerabilities Using Open-source Data

Each year, thousands of software vulnerabilities are discovered and reported to the public. Unpatched known vulnerabilities are a significant security risk. It is imperative that software vendors quickly provide patches once vulnerabilities are known and users quickly install those patches as soon as they are available. However, most vulnerabilities are never actually exploited. Since writing, testing, and installing software patches can involve considerable resources, it would be desirable to prioritize the remediation of vulnerabilities that are likely to be exploited. Several published research studies have reported moderate success in applying machine learning techniques to the task of predicting whether a vulnerability will be exploited. These approaches typically use features derived from vulnerability databases (such as the summary text describing the vulnerability) or social media posts that mention the vulnerability by name. However, these prior studies share multiple methodological shortcomings that inflate predictive power of these approaches. We replicate key portions of the prior work, compare their approaches, and show how selection of training and test data critically affect the estimated performance of predictive models. The results of this study point to important methodological considerations that should be taken into account so that results reflect real-world utility

Towards a flexible deployment of multi-cloud applications based on TOSCA and CAMP

Cloud Computing platforms offer diverse services and capabilities with own features. Hence, the provider services could be used by end users to compose a heterogeneous context of multiple cloud platforms in order to deploy their cloud applications made up of a set of modules, according to the best capabilities of the cloud providers. However, this is an ideal scenario, since the cloud platforms are being conducted in an isolated way by presenting many interoperability and portability restrictions, which complicate the integration of diverse provider services to achieve an heterogeneous deployment of multi-cloud applications. In this ongoing work, we present an approach based on model transformation to deploy multi-cloud applications by reusing standardization e orts related to the management and deployment of cloud applications. Specifically, using mechanisms speci ed by both standards, TOSCA and CAMP, we propose a methodology to describe the topology and distribution of modules of a cloud application and to deploy the interconnected modules over heterogeneous clouds. We illustrate our idea using a running example.Work partially supported by projects TIN2012-35669, funded by Spanish Ministry MINECO, FEDER; P11-TIC-7659 funded by Andalusian Gov; FP7-610531 SeaClouds funded by EU; and Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tech

Fluorescence measurements of the thermal control experiments coatings on LDEF S0069 and A0114

Fluorescence measurements were made on the thermal control coatings from the Long Duration Experiment Facility (LDEF) S0069, Thermal Control Surfaces Experiment (TCSE); and the A0114, Interaction of Atomic Oxygen with Material Surfaces in Low Earth orbit. Fluorescence was observed in two types of thermal control coatings and is attributed to pigments or binders. In addition, fluorescence measurement on the silver Teflon from the front cover of TCSE led to confirmation of damage (cracking) to the metal layers during application

Scalable architectures for platform-as-a-service clouds: performance and cost analysis

Scalability is a significant feature of cloud computing, which ad-dresses to increase or decrease the capacities of allocated virtual resources at application, platform, database and infrastructure level on demand. We investigate scalable architecture solutions for cloud PaaS that allow services to utilize the resources dynamically and effectively without directly affecting users. We have implemented scalable architectures with different session state management solutions, deploying an online shopping cart application in a PaaS solution, and measuring the performance and cost under three server-side session state providers: Caching, SQL database and NoSQL database. A commercial solution with its supporting state management components has been used. Particularly when re-architecting software for the cloud, the trade-off between performance, scalability and cost implications needs to be discussed

Molecular evolution under increasing transposable element burden in Drosophila: A speed limit on the evolutionary arms race.

Genome architecture is profoundly influenced by transposable elements (TEs), and natural selection against their harmful effects is a critical factor limiting their spread. Genome defense by the piRNA silencing pathway also plays a crucial role in limiting TE proliferation. How these two forces jointly determine TE abundance is not well understood. To shed light on the nature of factors that predict TE success, we test three distinct hypotheses in the Drosophila genus. First, we determine whether TE abundance and relaxed genome-wide purifying selection on protein sequences are positively correlated. This serves to test the hypothesis that variation in TE abundance in the Drosophila genus can be explained by the strength of natural selection, relative to drift, acting in parallel against mildly deleterious non-synonymous mutations. Second, we test whether increasing TE abundance is correlated with an increased rate of amino-acid evolution in genes encoding the piRNA machinery, as might be predicted by an evolutionary arms race model. Third, we test whether increasing TE abundance is correlated with greater codon bias in genes of the piRNA machinery. This is predicted if increasing TE abundance selects for increased efficiency in the machinery of genome defense

A Development Framework Enabling the Design of Service-Based Cloud Applications

Cloud application platforms gain popularity and have the potential to change the way applications are developed, involving composition of platform basic services. In order to enhance the developer’s experience and reduce the barriers in the software development, a new paradigm of cloud application creation should be adopted. According to that developers are enabled to design their applications, leveraging multiple platform basic services, independently from the target application platforms. To this end, this paper proposes a development framework for the design of service-based cloud applications comprising two main components: the meta-model and the Platform Service Manager. The meta-model describes the building blocks which enable the construction of Platform Service Connectors in a uniform way while the Platform Service Manager coordinates the interaction of the application with the concrete service providers and further facilitates the administration of the deployed platform basic services

Sealed Computation: Abstract Requirements for Mechanisms to Support Trustworthy Cloud Computing

In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is that the confidentiality and integrity of data processing needs to be protected. In the common scenarios of cloud computing today, this can only be achieved by assuming that the remote party does not in any form act maliciously. In this paper, we propose an approach that avoids having to trust a single entity. Our approach is based on two concepts: (1) the technical abstraction of sealed computation, i.e., a technical mechanism to confine the processing of data within a tamper-proof hardware container, and (2) the additional role of an auditing party that itself cannot add functionality to the system but is able to check whether the system (including the mechanism for sealed computation) works as expected. We discuss the abstract technical and procedural requirements of these concepts and explain how they can be applied in practice

Simulated Fire Behavior and Fine-Scale Forest Structure Following Conifer Removal in Aspen-Conifer Forests in the Lake Tahoe Basin, USA

Quaking aspen is found in western forests of the United States and is currently at risk of loss due to conifer competition at within-stand scales. Wildfires in these forests are impactful owing to conifer infilling during prolonged fire suppression post-Euro-American settlement. Here, restoration cuttings seek to impact wildfire behavior and aspen growing conditions. In this study, we explored how actual and hypothetical cuttings with a range of conifer removal intensity altered surface fuel and overstory structure at stand and fine scales. We then simulated wildfires, examining fire behavior and effects on post-fire forest structures around aspen trees. We found that conifer removal constrained by lower upper diameter limits (\u3c56 cm) had marginal effects on surface fuel and overstory structure, likely failing to enhance resource conditions sufficiently to sustain aspen. Increasing the diameter limit also led to a higher likelihood of fire spread and a higher rate of spread, owing to greater within-canopy wind speed, though crown fire activity decreased. Our simulations suggest heavier treatments could facilitate reintroduction of fire while also dampening the effects of wildfires on forest structure. Cutting specifications that relax diameter limits and remove a substantial portion of conifer overstory could better promote aspen restoration and mitigate fire hazard

Trend analysis of in-situ spectral reflectance data from the Thermal Control Surfaces Experiment (TCSE)

The Thermal Control Surfaces Experiment (TCSE) on the LDEF was a comprehensive experiment that combined in-space measurements with extensive pre- and post-flight analyses of thermal control surfaces to determine the effects of exposure to the low earth orbit (LEO) space environment. The TCSE is the first space experiment to directly measure in-situ total hemispherical reflectance of thermal control surfaces in the same way they are routinely measured in the laboratory. In-space optical measurements performed by the TCSE provide the unique opportunity for trend analysis of the performance of materials in the space environment. Such trend analysis of flight data offers the potential to develop an empirical life time prediction model for several thermal control surfaces. For material research, trend analysis of the TCSE flight data, particularly the spectral data, can provide insight into the damage mechanisms of space exposure. Trend analysis for the TCSE samples has been limited to those materials that were not significantly eroded by the atomic oxygen (AO) environment. The performance of several materials on the LDEF mission was dominated by AO effects. Trend analysis was performed on both the detailed spectral reflectance measurements (in-space, pre-flight, and post-flight) and on the integrated solar absorptance. Results of this analysis for the five selected TCSE materials are presented along with the spectral flight data. Possible degradation and effects mechanisms will be discussed to better understand and predict the behavior of these materials in the LEO space environment