Picking on the family: disrupting android malware triage by forcing misclassification

Machine learning classification algorithms are widely applied to different malware analysis problems because of their proven abilities to learn from examples and perform relatively well with little human input. Use cases include the labelling of malicious samples according to families during triage of suspected malware. However, automated algorithms are vulnerable to attacks. An attacker could carefully manipulate the sample to force the algorithm to produce a particular output. In this paper we discuss one such attack on Android malware classifiers. We design and implement a prototype tool, called IagoDroid, that takes as input a malware sample and a target family, and modifies the sample to cause it to be classified as belonging to this family while preserving its original semantics. Our technique relies on a search process that generates variants of the original sample without modifying their semantics. We tested IagoDroid against RevealDroid, a recent, open source, Android malware classifier based on a variety of static features. IagoDroid successfully forces misclassification for 28 of the 29 representative malware families present in the DREBIN dataset. Remarkably, it does so by modifying just a single feature of the original malware. On average, it finds the first evasive sample in the first search iteration, and converges to a 100% evasive population within 4 iterations. Finally, we introduce RevealDroid*, a more robust classifier that implements several techniques proposed in other adversarial learning domains. Our experiments suggest that RevealDroid* can correctly detect up to 99% of the variants generated by IagoDroid

Effect of Argon on the Properties of Copper Nitride Fabricated by Magnetron Sputtering for the Next Generation of Solar Absorbers

Copper nitride, a metastable semiconductor material with high stability at room temperature, is attracting considerable attention as a potential next-generation earth-abundant thin film solar absorber. Moreover, its non-toxicity makes it an interesting eco-friendly material. In this work, copper nitride films were fabricated using reactive radio frequency (RF) magnetron sputtering at room temperature, 50 W of RF power, and partial nitrogen pressures of 0.8 and 1.0 on glass and silicon substrates. The role of argon in both the microstructure and the optoelectronic properties of the films was investigated with the aim of achieving a low-cost absorber material with suitable properties to replace the conventional silicon in solar cells. The results showed a change in the preferential orientation from (100) to (111) planes when argon was introduced in the sputtering process. Additionally, no structural changes were observed in the films deposited in a pure nitrogen environment. Fourier transform infrared (FTIR) spectroscopy measurements confirmed the presence of Cu–N bonds, regardless of the gas environment used, and XPS indicated that the material was mainly N-rich. Finally, optical properties such as band gap energy and refractive index were assessed to establish the capability of this material as a solar absorber. The direct and indirect band gap energies were evaluated and found to be in the range of 1.70–1.90 eV and 1.05−1.65 eV, respectively, highlighting a slight blue shift when the films were deposited in the mixed gaseous environment as the total pressure increased

Satellite radiometric remote sensing of rainfall fields: multi-sensor retrieval techniques at geostationary scale

International audienceThe Microwave Infrared Combined Rainfall Algorithm (MICRA) consists in a statistical integration method using the satellite microwave-based rain-rate estimates, assumed to be accurate enough, to calibrate spaceborne infrared measurements on limited sub-regions and time windows. Rainfall retrieval is pursued at the space-time scale of typical geostationary observations, that is at a spatial resolution of few kilometers and a repetition period of few tens of minutes. The actual implementation is explained, although the basic concepts of MICRA are very general and the method is easy to be extended for considering innovative statistical techniques or measurements from additional space-borne platforms. In order to demonstrate the potentiality of MICRA, case studies over central Italy are also discussed. Finally, preliminary results of MICRA validation by ground based remote and in situ measurements are shown and a comparison with a Neural Network (NN) based technique is briefly illustrated

ADROIT: Android malware detection using meta-information

Android malware detection represents a current and complex problem, where black hats use different methods to infect users' devices. One of these methods consists in directly upload malicious applications to app stores, whose filters are not always successful at detecting malware, entrusting the final user the decision of whether installing or not an application. Although there exist different solutions for analysing and detecting Android malware, these systems are far from being sufficiently precise, requiring the use of third-party antivirus software which is not always simple to use and practical. In this paper, we propose a novel method called ADROIT for analysing and detecting malicious Android applications by employing meta-information available on the app store website and also in the Android Manifest. Its main objective is to provide a fast but also accurate tool able to assist users to avoid their devices to become infected without even requiring to install the application to perform the analysis. The method is mainly based on a text mining process that is used to extract significant information from meta-data, that later is used to build efficient and highly accurate classifiers. The results delivered by the experiments performed prove the reliability of ADROIT, showing that it is capable of classifying malicious applications with 93.67% accuracy

Práctica de desarrollo de interfaces hardware/software para la monitorización del estado de un PC

Este artículo presenta una práctica laboratorio impartida mediante una metodología de aprendizaje basado en proyectos (ABP) [1] para dotar de la capacidad de diseñar y desarrollar un monitor del estado de un ordenador, integrado en un sistema empotrado que se comunica con una aplicación de escritorio, a nuestros alumnos de la asignatura de Diseño de Microcontroladores (DM) en el contexto del Máster en Ingeniería de Computadores y Redes. Esta práctica abarca la comunicación Hardware/ Software entre un microcontrolador con un núcleo Cortex-M4 y una aplicación software escrita en lenguaje C# usando el entorno Visual Studio Community 2015 a través de puertos series virtuales (VCP). Esta práctica está enfocada como un proyecto que los alumnos han de ir realizando desde cero, avanzando mediante la consecución de hitos, hasta conseguir obtener un sistema final. El sistema a desarrollar se divide en dos partes, por un lado tenemos un PC con un sistema operativo de la familia Windows, en el que se construye una aplicación visual mediante Windows Forms, la cual obtiene información del sistema de forma periódica y la envía al microcontrolador mediante comandos usando el puerto serie (USB o comunicación Bluetooth). Por otro lado tenemos un microcontrolador de la familia STM32 que dispone de un display LCD ejecutando una plataforma completamente libre, .NET Micro Framework, la cual recibe a través del puerto serie la información obtenida gracias a la aplicación software del PC y la muestra en la pantalla, obteniendo así una herramienta de monitorización del PC sin tener que estar conectado físicamente a éste. El desarrollo de este tipo de proyectos se añade la dificultad de la necesidad del uso de diferentes herramientas para el desarrollo del firmware y del software en paralelo, de manera incremental, y enfocadas para ámbitos de uso muy distintos. Esta práctica ha tenido una gran acogida por parte de los alumnos, ya que les ha servido de ejemplo del desarrollo de firmware para un microcontrolador usando la plataforma .NET MF y de su comunicación con el PC por medio de una aplicación visual.This manuscript presents a practical laboratory session imparted using a project-based learning methodology (PBL) to provide the capacity of designing and developing a computer status monitoring device, integrated in an embedded system that communicates with a desktop software tool, to our students in the Computer Engineering Master’s Degree. This practice session encompasses Hardware/ Software communication between a microcontroller with a Cortex-M4 kernel and a desktop software application through virtual COM ports (VCP) written in C# using Visual Studio Community 2015. This lab session is focused as a project that students must be making from scratch by achieving and completing some milestones to obtain a final functional system. The project is divided into two different parts. First, we have a Windows PC where a visual software application that gathers information from the system and sends it periodically to the microcontroller (USB or Bluetooth) has to be built using Windows Forms. On the other hand, we have a microcontroller from the STM32 family that has a 2.4’ LCD display executing .NET Micro Framework that receives the information obtained from the PC through the serial port and displays it in the screen. This way, students create a computer status monitoring tool that does not need to be connected physically to it to receive the information. The development of this project is added to the need of using different tools for firmware and software development, focused to very different fields of use. This practice has been well received by the students, because it has served as an example of the firmware development for a microcontroller using the .NET MF platform as well as the communication between the PC and the microcontroller using a visual software application

Chapter 14: 100 Years of Progress in Hydrology

The focus of this chapter is progress in hydrology for the last 100 years. During this period, we have seen a marked transition from practical engineering hydrology to fundamental developments in hydrologic science, including contributions to Earth system science. The first three sections in this chapter review advances in theory, observations, and hydrologic prediction. Building on this foundation, the growth of global hydrology, land-atmosphere interactions and coupling, ecohydrology, and water management are discussed, as well as a brief summary of emerging challenges and future directions. Although the review attempts to be comprehensive, the chapter offers greater coverage on surface hydrology and hydrometeorology for readers of this American Meteorological Society (AMS) Monograph

A view of Internet Traffic Shifts at {ISP} and {IXPs} during the {COVID}-19 Pandemic

Due to the COVID-19 pandemic, many governments imposed lockdowns that forced hundreds of millions of citizens to stay at home. The implementation of confinement measures increased Internet traffic demands of residential users, in particular, for remote working, entertainment, commerce, and education, which, as a result, caused traffic shifts in the Internet core. In this paper, using data from a diverse set of vantage points (one ISP, three IXPs, and one metropolitan educational network), we examine the effect of these lockdowns on traffic shifts. We find that the traffic volume increased by 15-20% almost within a week – while overall still modest, this constitutes a large increase within this short time period. However, despite this surge, we observe that the Internet infrastructure is able to handle the new volume, as most traffic shifts occur outside of traditional peak hours. When looking directly at the traffic sources, it turns out that, while hypergiants still contribute a significant fraction of traffic, we see (1) a higher increase in traffic of non-hypergiants, and (2) traffic increases in applications that people use when at home, such as Web conferencing, VPN, and gaming. While many networks see increased traffic demands, in particular, those providing services to residential users, academic networks experience major overall decreases. Yet, in these networks, we can observe substantial increases when considering applications associated to remote working and lecturing.EC/H2020/679158/EU/Resolving the Tussle in the Internet: Mapping, Architecture, and Policy Making/ResolutioNe

Highly entangled multi-qubit states with simple algebraic structure

Recent works by Brown et al and Borras et al have explored numerical optimisation procedures to search for highly entangled multi-qubit states according to some computationally tractable entanglement measure. We present an alternative scheme based upon the idea of searching for states having not only high entanglement but also simple algebraic structure. We report results for 4, 5, 6, 7 and 8 qubits discovered by this approach, showing that many of such states do exist. In particular, we find a maximally entangled 6-qubit state with an algebraic structure simpler than the best results known so far. For the case of 7, we discover states with high, but not maximum, entanglement and simple structure, as well as other desirable properties. Some preliminary results are shown for the case of 8 qubits.Comment: 15 pages, 1 figur