37 research outputs found
Studying Ransomware Attacks Using Web Search Logs
Cyber attacks are increasingly becoming prevalent and causing significant
damage to individuals, businesses and even countries. In particular, ransomware
attacks have grown significantly over the last decade. We do the first study on
mining insights about ransomware attacks by analyzing query logs from Bing web
search engine. We first extract ransomware related queries and then build a
machine learning model to identify queries where users are seeking support for
ransomware attacks. We show that user search behavior and characteristics are
correlated with ransomware attacks. We also analyse trends in the temporal and
geographical space and validate our findings against publicly available
information. Lastly, we do a case study on 'Nemty', a popular ransomware, to
show that it is possible to derive accurate insights about cyber attacks by
query log analysis.Comment: To appear in the proceedings of SIGIR 202
My View is the Best View: Procedure Learning from Egocentric Videos
Procedure learning involves identifying the key-steps and determining their
logical order to perform a task. Existing approaches commonly use third-person
videos for learning the procedure, making the manipulated object small in
appearance and often occluded by the actor, leading to significant errors. In
contrast, we observe that videos obtained from first-person (egocentric)
wearable cameras provide an unobstructed and clear view of the action. However,
procedure learning from egocentric videos is challenging because (a) the camera
view undergoes extreme changes due to the wearer's head motion, and (b) the
presence of unrelated frames due to the unconstrained nature of the videos. Due
to this, current state-of-the-art methods' assumptions that the actions occur
at approximately the same time and are of the same duration, do not hold.
Instead, we propose to use the signal provided by the temporal correspondences
between key-steps across videos. To this end, we present a novel
self-supervised Correspond and Cut (CnC) framework for procedure learning. CnC
identifies and utilizes the temporal correspondences between the key-steps
across multiple videos to learn the procedure. Our experiments show that CnC
outperforms the state-of-the-art on the benchmark ProceL and CrossTask datasets
by 5.2% and 6.3%, respectively. Furthermore, for procedure learning using
egocentric videos, we propose the EgoProceL dataset consisting of 62 hours of
videos captured by 130 subjects performing 16 tasks. The source code and the
dataset are available on the project page https://sid2697.github.io/egoprocel/.Comment: 25 pages, 6 figures, Accepted in European Conference on Computer
Vision (ECCV) 202
PACE-LM: Prompting and Augmentation for Calibrated Confidence Estimation with GPT-4 in Cloud Incident Root Cause Analysis
Major cloud providers have employed advanced AI-based solutions like large
language models to aid humans in identifying the root causes of cloud
incidents. Despite the growing prevalence of AI-driven assistants in the root
cause analysis process, their effectiveness in assisting on-call engineers is
constrained by low accuracy due to the intrinsic difficulty of the task, a
propensity for LLM-based approaches to hallucinate, and difficulties in
distinguishing these well-disguised hallucinations. To address this challenge,
we propose to perform confidence estimation for the predictions to help on-call
engineers make decisions on whether to adopt the model prediction. Considering
the black-box nature of many LLM-based root cause predictors, fine-tuning or
temperature-scaling-based approaches are inapplicable. We therefore design an
innovative confidence estimation framework based on prompting
retrieval-augmented large language models (LLMs) that demand a minimal amount
of information from the root cause predictor. This approach consists of two
scoring phases: the LLM-based confidence estimator first evaluates its
confidence in making judgments in the face of the current incident that
reflects its ``grounded-ness" level in reference data, then rates the root
cause prediction based on historical references. An optimization step combines
these two scores for a final confidence assignment. We show that our method is
able to produce calibrated confidence estimates for predicted root causes,
validate the usefulness of retrieved historical data and the prompting strategy
as well as the generalizability across different root cause prediction models.
Our study takes an important move towards reliably and effectively embedding
LLMs into cloud incident management systems
Nudge: Accelerating Overdue Pull Requests Towards Completion
Pull requests are a key part of the collaborative software development and
code review process today. However, pull requests can also slow down the
software development process when the reviewer(s) or the author do not actively
engage with the pull request. In this work, we design an end-to-end service,
Nudge, for accelerating overdue pull requests towards completion by reminding
the author or the reviewer(s) to engage with their overdue pull requests.
First, we use models based on effort estimation and machine learning to predict
the completion time for a given pull request. Second, we use activity detection
to reduce false positives. Lastly, we use dependency determination to
understand the blocker of the pull request and nudge the appropriate
actor(author or reviewer(s)). We also do a correlation analysis to understand
the statistical relationship between the pull request completion times and
various pull request and developer related attributes. Nudge has been deployed
on 147 repositories at Microsoft since 2019. We do a large scale evaluation
based on the implicit and explicit feedback we received from sending the Nudge
notifications on 8,500 pull requests. We observe significant reduction in
completion time, by over 60%, for pull requests which were nudged thus
increasing the efficiency of the code review process and accelerating the pull
request progression
Reducing the environmental impact of surgery on a global scale: systematic review and co-prioritization with healthcare workers in 132 countries
Abstract
Background
Healthcare cannot achieve net-zero carbon without addressing operating theatres. The aim of this study was to prioritize feasible interventions to reduce the environmental impact of operating theatres.
Methods
This study adopted a four-phase Delphi consensus co-prioritization methodology. In phase 1, a systematic review of published interventions and global consultation of perioperative healthcare professionals were used to longlist interventions. In phase 2, iterative thematic analysis consolidated comparable interventions into a shortlist. In phase 3, the shortlist was co-prioritized based on patient and clinician views on acceptability, feasibility, and safety. In phase 4, ranked lists of interventions were presented by their relevance to high-income countries and lowâmiddle-income countries.
Results
In phase 1, 43 interventions were identified, which had low uptake in practice according to 3042 professionals globally. In phase 2, a shortlist of 15 intervention domains was generated. In phase 3, interventions were deemed acceptable for more than 90 per cent of patients except for reducing general anaesthesia (84 per cent) and re-sterilization of âsingle-useâ consumables (86 per cent). In phase 4, the top three shortlisted interventions for high-income countries were: introducing recycling; reducing use of anaesthetic gases; and appropriate clinical waste processing. In phase 4, the top three shortlisted interventions for lowâmiddle-income countries were: introducing reusable surgical devices; reducing use of consumables; and reducing the use of general anaesthesia.
Conclusion
This is a step toward environmentally sustainable operating environments with actionable interventions applicable to both highâ and lowâmiddleâincome countries