Malware in the Future? Forecasting of Analyst Detection of Cyber Events

There have been extensive efforts in government, academia, and industry to anticipate, forecast, and mitigate cyber attacks. A common approach is time-series forecasting of cyber attacks based on data from network telescopes, honeypots, and automated intrusion detection/prevention systems. This research has uncovered key insights such as systematicity in cyber attacks. Here, we propose an alternate perspective of this problem by performing forecasting of attacks that are analyst-detected and -verified occurrences of malware. We call these instances of malware cyber event data. Specifically, our dataset was analyst-detected incidents from a large operational Computer Security Service Provider (CSSP) for the U.S. Department of Defense, which rarely relies only on automated systems. Our data set consists of weekly counts of cyber events over approximately seven years. Since all cyber events were validated by analysts, our dataset is unlikely to have false positives which are often endemic in other sources of data. Further, the higher-quality data could be used for a number for resource allocation, estimation of security resources, and the development of effective risk-management strategies. We used a Bayesian State Space Model for forecasting and found that events one week ahead could be predicted. To quantify bursts, we used a Markov model. Our findings of systematicity in analyst-detected cyber attacks are consistent with previous work using other sources. The advanced information provided by a forecast may help with threat awareness by providing a probable value and range for future cyber events one week ahead. Other potential applications for cyber event forecasting include proactive allocation of resources and capabilities for cyber defense (e.g., analyst staffing and sensor configuration) in CSSPs. Enhanced threat awareness may improve cybersecurity.Comment: Revised version resubmitted to journa

Epstein-Barr Virus Independent Dysregulation of UBP43 Expression Alters Interferon-Stimulated Gene Expression in Burkitt Lymphoma

Epstein-Barr virus (EBV) persists as a life-long latent infection within memory B cells, but how EBV may circumvent the innate immune response within this virus reservoir is unclear. Recent studies suggest that the latency-associated non-coding RNAs of EBV may actually induce type I (antiviral) interferon production, raising the question of how EBV counters the negative consequences this is likely to have on viral persistence. We addressed this by examining the type I interferon response in Burkitt lymphoma (BL) cell lines, the only in vitro model of the restricted program of EBV latency-gene expression in persistently infected B cells in vivo. Importantly, we observed no effect of EBV on interferon alpha-induced signaling or evidence of type I interferon production, suggesting that EBV in this latent state is silent to the cell's innate antiviral surveillance. We did uncover, however, a defect in the negative feedback control of interferon signaling in a subpopulation of BL lines as was revealed by prolonged interferon-stimulated gene transcription consistent with sustained tyrosine phosphorylation on STAT1 and STAT2. This was due to inadequate induction of expression of the ubiquitin-specific protease UBP43, which removes the ubiquitin-like ISG15 polypeptide conjugated to proteins (ISGylation) in response to type I interferons. Results here are consistent with previous findings in genetically engineered Ubp43−/− murine cells that UBP43 down-regulates interferon signaling, independent of its ISG15 isopeptidase activity, by precluding the protein kinase JAK1 from the interferon receptor. This natural deficiency in UBP43 expression may therefore provide a useful model to further probe the biological roles of UBP43 and ISGylation

Health and economic benefits of public financing of epilepsy treatment in India : an agent-based simulation model

OBJECTIVE: An estimated 6-10 million people in India live with active epilepsy, and less than half are treated. We analyze the health and economic benefits of three scenarios of publicly financed national epilepsy programs that provide: (1) first-line antiepilepsy drugs (AEDs), (2) first- and second-line AEDs, and (3) first- and second-line AEDs and surgery. METHODS: We model the prevalence and distribution of epilepsy in India using IndiaSim, an agent-based, simulation model of the Indian population. Agents in the model are disease-free or in one of three disease states: untreated with seizures, treated with seizures, and treated without seizures. Outcome measures include the proportion of the population that has epilepsy and is untreated, disability-adjusted life years (DALYs) averted, and cost per DALY averted. Economic benefit measures estimated include out-of-pocket (OOP) expenditure averted and money-metric value of insurance. RESULTS: All three scenarios represent a cost-effective use of resources and would avert 800,000-1 million DALYs per year in India relative to the current scenario. However, especially in poor regions and populations, scenario 1 (which publicly finances only first-line therapy) does not decrease the OOP expenditure or provide financial risk protection if we include care-seeking costs. The OOP expenditure averted increases from scenarios 1 through 3, and the money-metric value of insurance follows a similar trend between scenarios and typically decreases with wealth. In the first 10 years of scenarios 2 and 3, households avert on average over US$80 million per year in medical expenditure. SIGNIFICANCE: Expanding and publicly financing epilepsy treatment in India averts substantial disease burden. A universal public finance policy that covers only first-line AEDs may not provide significant financial risk protection. Covering costs for both first- and second-line therapy and other medical costs alleviates the financial burden from epilepsy and is cost-effective across wealth quintiles and in all Indian states

Isospin breaking in the vector current of the nucleon

Extraction of the nucleon's strange form factors from experimental data requires a quantitative understanding of the unavoidable contamination from isospin violation. A number of authors have addressed this issue during the past decade, and their work is reviewed here. The predictions from early models are largely consistent with recent results that rely as much as possible on input from QCD symmetries and related experimental data. The resulting bounds on isospin violation are sufficiently precise to be of value to on-going experimental and theoretical studies of the nucleon's strange form factors.Comment: 5 pages, 3 figures. Presented at the International Workshop "From Parity Violation to Hadronic Structure and more...", Milos, Greece, 16-20 May 2006. Version 2 is only to update Refs. [21] and [25

Patients with an ICD Can Safely Resume Work in Industrial Facilities Following Simple Screening for Electromagnetic Interference

Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/74026/1/j.1460-9592.2003.t01-1-00251.x.pd

VerdictDB: Universalizing Approximate Query Processing

Despite 25 years of research in academia, approximate query processing (AQP) has had little industrial adoption. One of the major causes of this slow adoption is the reluctance of traditional vendors to make radical changes to their legacy codebases, and the preoccupation of newer vendors (e.g., SQL-on-Hadoop products) with implementing standard features. Additionally, the few AQP engines that are available are each tied to a specific platform and require users to completely abandon their existing databases---an unrealistic expectation given the infancy of the AQP technology. Therefore, we argue that a universal solution is needed: a database-agnostic approximation engine that will widen the reach of this emerging technology across various platforms. Our proposal, called VerdictDB, uses a middleware architecture that requires no changes to the backend database, and thus, can work with all off-the-shelf engines. Operating at the driver-level, VerdictDB intercepts analytical queries issued to the database and rewrites them into another query that, if executed by any standard relational engine, will yield sufficient information for computing an approximate answer. VerdictDB uses the returned result set to compute an approximate answer and error estimates, which are then passed on to the user or application. However, lack of access to the query execution layer introduces significant challenges in terms of generality, correctness, and efficiency. This paper shows how VerdictDB overcomes these challenges and delivers up to 171$\times$ speedup (18.45$\times$ on average) for a variety of existing engines, such as Impala, Spark SQL, and Amazon Redshift, while incurring less than 2.6% relative error. VerdictDB is open-sourced under Apache License.Comment: Extended technical report of the paper that appeared in Proceedings of the 2018 International Conference on Management of Data, pp. 1461-1476. ACM, 201

Toxicological benchmarks for wildlife: 1995 revision

This report presents NOAEL-based (no observed adverse effects level) toxicological benchmarks of effects of 85 chemicals on 8 representative mammalian wildlife species or 11 avian wildlife species

The MAGIC of CINEMA: First in-flight science results from a miniaturised anisotropic magnetoresistive magnetometer

We present the first in-flight results from a novel miniaturised anisotropic magnetoresistive space magnetometer, MAGIC (MAGnetometer from Imperial College), aboard the first CINEMA (CubeSat for Ions, Neutrals, Electrons and MAgnetic fields) spacecraft in low Earth orbit. An attitude-independent calibration technique is detailed using the International Geomagnetic Reference Field (IGRF), which is temperature dependent in the case of the outboard sensor. We show that the sensors accurately measure the expected absolute field to within 2% in attitude mode and 1% in science mode. Using a simple method we are able to estimate the spacecraft's attitude using the magnetometer only, thus characterising CINEMA's spin, precession and nutation. Finally, we show that the outboard sensor is capable of detecting transient physical signals with amplitudes of ~ 20–60 nT. These include field-aligned currents at the auroral oval, qualitatively similar to previous observations, which agree in location with measurements from the DMSP (Defense Meteorological Satellite Program) and POES (Polar-orbiting Operational Environmental Satellites) spacecraft. Thus, we demonstrate and discuss the potential science capabilities of the MAGIC instrument onboard a CubeSat platform