ODISEES: Ontology-Driven Interactive Search Environment for Earth Sciences

This paper discusses the Ontology-driven Interactive Search Environment for Earth Sciences (ODISEES) project currently being developed to aid researchers attempting to find usable data among an overabundance of closely related data. ODISEES' ontological structure relies on a modular, adaptable concept modeling approach, which allows the domain to be modeled more or less as it is without worrying about terminology or external requirements. In the model, variables are individually assigned semantic content based on the characteristics of the measurements they represent, allowing intuitive discovery and comparison of data without requiring the user to sift through large numbers of data sets and variables to find the desired information

AI ATAC 1: An Evaluation of Prominent Commercial Malware Detectors

This work presents an evaluation of six prominent commercial endpoint malware detectors, a network malware detector, and a file-conviction algorithm from a cyber technology vendor. The evaluation was administered as the first of the Artificial Intelligence Applications to Autonomous Cybersecurity (AI ATAC) prize challenges, funded by / completed in service of the US Navy. The experiment employed 100K files (50/50% benign/malicious) with a stratified distribution of file types, including ~1K zero-day program executables (increasing experiment size two orders of magnitude over previous work). We present an evaluation process of delivering a file to a fresh virtual machine donning the detection technology, waiting 90s to allow static detection, then executing the file and waiting another period for dynamic detection; this allows greater fidelity in the observational data than previous experiments, in particular, resource and time-to-detection statistics. To execute all 800K trials (100K files $\times$ 8 tools), a software framework is designed to choreographed the experiment into a completely automated, time-synced, and reproducible workflow with substantial parallelization. A cost-benefit model was configured to integrate the tools' recall, precision, time to detection, and resource requirements into a single comparable quantity by simulating costs of use. This provides a ranking methodology for cyber competitions and a lens through which to reason about the varied statistical viewpoints of the results. These statistical and cost-model results provide insights on state of commercial malware detection

Beyond the Hype: A Real-World Evaluation of the Impact and Cost of Machine Learning-Based Malware Detection

There is a lack of scientific testing of commercially available malware detectors, especially those that boast accurate classification of never-before-seen (i.e., zero-day) files using machine learning (ML). The result is that the efficacy and gaps among the available approaches are opaque, inhibiting end users from making informed network security decisions and researchers from targeting gaps in current detectors. In this paper, we present a scientific evaluation of four market-leading malware detection tools to assist an organization with two primary questions: (Q1) To what extent do ML-based tools accurately classify never-before-seen files without sacrificing detection ability on known files? (Q2) Is it worth purchasing a network-level malware detector to complement host-based detection? We tested each tool against 3,536 total files (2,554 or 72% malicious, 982 or 28% benign) including over 400 zero-day malware, and tested with a variety of file types and protocols for delivery. We present statistical results on detection time and accuracy, consider complementary analysis (using multiple tools together), and provide two novel applications of a recent cost-benefit evaluation procedure by Iannaconne & Bridges that incorporates all the above metrics into a single quantifiable cost. While the ML-based tools are more effective at detecting zero-day files and executables, the signature-based tool may still be an overall better option. Both network-based tools provide substantial (simulated) savings when paired with either host tool, yet both show poor detection rates on protocols other than HTTP or SMTP. Our results show that all four tools have near-perfect precision but alarmingly low recall, especially on file types other than executables and office files -- 37% of malware tested, including all polyglot files, were undetected.Comment: Includes Actionable Takeaways for SOC

A Search for Jet Handedness in Hadronic Z0Z^0 Decays

We have searched for signatures of polarization in hadronic jets from $Z^0 \to q \bar{q}$ decays using the ``jet handedness'' method. The polar angle asymmetry induced by the high SLC electron-beam polarization was used to separate quark jets from antiquark jets, expected to be left- and right-polarized, respectively. We find no evidence for jet handedness in our global sample or in a sample of light quark jets and we set upper limits at the 95% C.L. of 0.063 and 0.099 respectively on the magnitude of the analyzing power of the method proposed by Efremov {\it et al.}Comment: Revtex, 8 pages, 2 figure

Measurement of the branching ratios of the Z0 into heavy quarks

We measure the hadronic branching ratios of the Z0 boson into heavy quarks: Rb=Gamma(Z0->bb)/Gamma(Z0->hadrons) and Rc=Gamma(Z0->cc/Gamma(Z0->hadrons) using a multi-tag technique. The measurement was performed using about 400,000 hadronic Z0 events recorded in the SLD experiment at SLAC between 1996 and 1998. The small and stable SLC beam spot and the CCD-based vertex detector were used to reconstruct bottom and charm hadron decay vertices with high efficiency and purity, which enables us to measure most efficiencies from data. We obtain, Rb=0.21604 +- 0.00098(stat.) +- 0.00073(syst.) -+ 0.00012(Rc) and, Rc= 0.1744 +- 0.0031(stat.) +- 0.0020(syst.) -+ 0.0006(Rb)Comment: 37 pages, 8 figures, to be submitted to Phys. Rev. D version 2: changed title to ratios, used common D production fractions for Rb and Rc and corrected Zgamma interference. Identical to PRD submissio

Direct Measurements of A_b and A_c using Vertex/Kaon Charge Tags at SLD

Exploiting the manipulation of the SLC electron-beam polarization, we present precise direct measurements of the parity violation parameters A_c and A_b in the Z boson - c quark and Z boson - b quark coupling. Quark/antiquark discrimination is accomplished via a unique algorithm that takes advantage of the precise SLD CCD vertex detector, employing the net charge of displaced vertices as well as the charge of kaons that emanate from those vertices. From the 1996-98 sample of 400,000 Z decays, produced with an average beam polarization of 73.4%, we find A_c = 0.673 +/- 0.029 (stat.) +/- 0.023 (syst.) and A_b = 0.919 +/- 0.018 (stat.) +/- 0.017 (syst.).Comment: 11 pages, 2 figures, 2 tables, to be submitted to Physical Review Letters; version 2 reflects changes suggested by the refere

Search for time-dependent B0s - B0s-bar oscillations using a vertex charge dipole technique

We report a search for B0s - B0s-bar oscillations using a sample of 400,000 hadronic Z0 decays collected by the SLD experiment. The analysis takes advantage of the electron beam polarization as well as information from the hemisphere opposite that of the reconstructed B decay to tag the B production flavor. The excellent resolution provided by the pixel CCD vertex detector is exploited to cleanly reconstruct both B and cascade D decay vertices, and tag the B decay flavor from the charge difference between them. We exclude the following values of the B0s - B0s-bar oscillation frequency: Delta m_s < 4.9 ps-1 and 7.9 < Delta m_s < 10.3 ps-1 at the 95% confidence level.Comment: 18 pages, 3 figures, replaced by version accepted for publication in Phys.Rev.D; results differ slightly from first versio

Diffractive Dijet Production at sqrt(s)=630 and 1800 GeV at the Fermilab Tevatron

We report a measurement of the diffractive structure function $F_{jj}^D$ of the antiproton obtained from a study of dijet events produced in association with a leading antiproton in $\bar pp$ collisions at $\sqrt s=630$ GeV at the Fermilab Tevatron. The ratio of $F_{jj}^D$ at $\sqrt s=630$ GeV to $F_{jj}^D$ obtained from a similar measurement at $\sqrt s=1800$ GeV is compared with expectations from QCD factorization and with theoretical predictions. We also report a measurement of the $\xi$ ($x$-Pomeron) and $\beta$ ($x$ of parton in Pomeron) dependence of $F_{jj}^D$ at $\sqrt s=1800$ GeV. In the region $0.035<\xi<0.095$, $|t|<1$ GeV$^2$ and $\beta<0.5$, $F_{jj}^D(\beta,\xi)$ is found to be of the form $\beta^{-1.0\pm 0.1} \xi^{-0.9\pm 0.1}$, which obeys $\beta$-$\xi$ factorization.Comment: LaTeX, 9 pages, Submitted to Phys. Rev. Letter