702 research outputs found
ODISEES: Ontology-Driven Interactive Search Environment for Earth Sciences
This paper discusses the Ontology-driven Interactive Search Environment for Earth Sciences (ODISEES) project currently being developed to aid researchers attempting to find usable data among an overabundance of closely related data. ODISEES' ontological structure relies on a modular, adaptable concept modeling approach, which allows the domain to be modeled more or less as it is without worrying about terminology or external requirements. In the model, variables are individually assigned semantic content based on the characteristics of the measurements they represent, allowing intuitive discovery and comparison of data without requiring the user to sift through large numbers of data sets and variables to find the desired information
AI ATAC 1: An Evaluation of Prominent Commercial Malware Detectors
This work presents an evaluation of six prominent commercial endpoint malware
detectors, a network malware detector, and a file-conviction algorithm from a
cyber technology vendor. The evaluation was administered as the first of the
Artificial Intelligence Applications to Autonomous Cybersecurity (AI ATAC)
prize challenges, funded by / completed in service of the US Navy. The
experiment employed 100K files (50/50% benign/malicious) with a stratified
distribution of file types, including ~1K zero-day program executables
(increasing experiment size two orders of magnitude over previous work). We
present an evaluation process of delivering a file to a fresh virtual machine
donning the detection technology, waiting 90s to allow static detection, then
executing the file and waiting another period for dynamic detection; this
allows greater fidelity in the observational data than previous experiments, in
particular, resource and time-to-detection statistics. To execute all 800K
trials (100K files 8 tools), a software framework is designed to
choreographed the experiment into a completely automated, time-synced, and
reproducible workflow with substantial parallelization. A cost-benefit model
was configured to integrate the tools' recall, precision, time to detection,
and resource requirements into a single comparable quantity by simulating costs
of use. This provides a ranking methodology for cyber competitions and a lens
through which to reason about the varied statistical viewpoints of the results.
These statistical and cost-model results provide insights on state of
commercial malware detection
Beyond the Hype: A Real-World Evaluation of the Impact and Cost of Machine Learning-Based Malware Detection
There is a lack of scientific testing of commercially available malware
detectors, especially those that boast accurate classification of
never-before-seen (i.e., zero-day) files using machine learning (ML). The
result is that the efficacy and gaps among the available approaches are opaque,
inhibiting end users from making informed network security decisions and
researchers from targeting gaps in current detectors. In this paper, we present
a scientific evaluation of four market-leading malware detection tools to
assist an organization with two primary questions: (Q1) To what extent do
ML-based tools accurately classify never-before-seen files without sacrificing
detection ability on known files? (Q2) Is it worth purchasing a network-level
malware detector to complement host-based detection? We tested each tool
against 3,536 total files (2,554 or 72% malicious, 982 or 28% benign) including
over 400 zero-day malware, and tested with a variety of file types and
protocols for delivery. We present statistical results on detection time and
accuracy, consider complementary analysis (using multiple tools together), and
provide two novel applications of a recent cost-benefit evaluation procedure by
Iannaconne & Bridges that incorporates all the above metrics into a single
quantifiable cost. While the ML-based tools are more effective at detecting
zero-day files and executables, the signature-based tool may still be an
overall better option. Both network-based tools provide substantial (simulated)
savings when paired with either host tool, yet both show poor detection rates
on protocols other than HTTP or SMTP. Our results show that all four tools have
near-perfect precision but alarmingly low recall, especially on file types
other than executables and office files -- 37% of malware tested, including all
polyglot files, were undetected.Comment: Includes Actionable Takeaways for SOC
A Search for Jet Handedness in Hadronic Decays
We have searched for signatures of polarization in hadronic jets from decays using the ``jet handedness'' method. The polar angle
asymmetry induced by the high SLC electron-beam polarization was used to
separate quark jets from antiquark jets, expected to be left- and
right-polarized, respectively. We find no evidence for jet handedness in our
global sample or in a sample of light quark jets and we set upper limits at the
95% C.L. of 0.063 and 0.099 respectively on the magnitude of the analyzing
power of the method proposed by Efremov {\it et al.}Comment: Revtex, 8 pages, 2 figure
Measurement of the branching ratios of the Z0 into heavy quarks
We measure the hadronic branching ratios of the Z0 boson into heavy quarks:
Rb=Gamma(Z0->bb)/Gamma(Z0->hadrons) and Rc=Gamma(Z0->cc/Gamma(Z0->hadrons)
using a multi-tag technique. The measurement was performed using about 400,000
hadronic Z0 events recorded in the SLD experiment at SLAC between 1996 and
1998. The small and stable SLC beam spot and the CCD-based vertex detector were
used to reconstruct bottom and charm hadron decay vertices with high efficiency
and purity, which enables us to measure most efficiencies from data. We obtain,
Rb=0.21604 +- 0.00098(stat.) +- 0.00073(syst.) -+ 0.00012(Rc) and, Rc= 0.1744
+- 0.0031(stat.) +- 0.0020(syst.) -+ 0.0006(Rb)Comment: 37 pages, 8 figures, to be submitted to Phys. Rev. D version 2:
changed title to ratios, used common D production fractions for Rb and Rc and
corrected Zgamma interference. Identical to PRD submissio
Direct Measurements of A_b and A_c using Vertex/Kaon Charge Tags at SLD
Exploiting the manipulation of the SLC electron-beam polarization, we present
precise direct measurements of the parity violation parameters A_c and A_b in
the Z boson - c quark and Z boson - b quark coupling. Quark/antiquark
discrimination is accomplished via a unique algorithm that takes advantage of
the precise SLD CCD vertex detector, employing the net charge of displaced
vertices as well as the charge of kaons that emanate from those vertices. From
the 1996-98 sample of 400,000 Z decays, produced with an average beam
polarization of 73.4%, we find A_c = 0.673 +/- 0.029 (stat.) +/- 0.023 (syst.)
and A_b = 0.919 +/- 0.018 (stat.) +/- 0.017 (syst.).Comment: 11 pages, 2 figures, 2 tables, to be submitted to Physical Review
Letters; version 2 reflects changes suggested by the refere
Search for time-dependent B0s - B0s-bar oscillations using a vertex charge dipole technique
We report a search for B0s - B0s-bar oscillations using a sample of 400,000
hadronic Z0 decays collected by the SLD experiment. The analysis takes
advantage of the electron beam polarization as well as information from the
hemisphere opposite that of the reconstructed B decay to tag the B production
flavor. The excellent resolution provided by the pixel CCD vertex detector is
exploited to cleanly reconstruct both B and cascade D decay vertices, and tag
the B decay flavor from the charge difference between them. We exclude the
following values of the B0s - B0s-bar oscillation frequency: Delta m_s < 4.9
ps-1 and 7.9 < Delta m_s < 10.3 ps-1 at the 95% confidence level.Comment: 18 pages, 3 figures, replaced by version accepted for publication in
Phys.Rev.D; results differ slightly from first versio
Diffractive Dijet Production at sqrt(s)=630 and 1800 GeV at the Fermilab Tevatron
We report a measurement of the diffractive structure function of
the antiproton obtained from a study of dijet events produced in association
with a leading antiproton in collisions at GeV at the
Fermilab Tevatron. The ratio of at GeV to
obtained from a similar measurement at GeV is compared with
expectations from QCD factorization and with theoretical predictions. We also
report a measurement of the (-Pomeron) and ( of parton in
Pomeron) dependence of at GeV. In the region
, GeV and , is
found to be of the form , which obeys
- factorization.Comment: LaTeX, 9 pages, Submitted to Phys. Rev. Letter
- …