Predicting Exploitation of Disclosed Software Vulnerabilities Using Open-source Data

Each year, thousands of software vulnerabilities are discovered and reported to the public. Unpatched known vulnerabilities are a significant security risk. It is imperative that software vendors quickly provide patches once vulnerabilities are known and users quickly install those patches as soon as they are available. However, most vulnerabilities are never actually exploited. Since writing, testing, and installing software patches can involve considerable resources, it would be desirable to prioritize the remediation of vulnerabilities that are likely to be exploited. Several published research studies have reported moderate success in applying machine learning techniques to the task of predicting whether a vulnerability will be exploited. These approaches typically use features derived from vulnerability databases (such as the summary text describing the vulnerability) or social media posts that mention the vulnerability by name. However, these prior studies share multiple methodological shortcomings that inflate predictive power of these approaches. We replicate key portions of the prior work, compare their approaches, and show how selection of training and test data critically affect the estimated performance of predictive models. The results of this study point to important methodological considerations that should be taken into account so that results reflect real-world utility

The relationship between political donations and peerages shows the need for party finance and House of Lords reform

Allegations that membership of the House of Lords and large political donations go hand-in-hand stretch back hundreds of years, with Tony Blair at one point questioned by police on the issue. Here Andrew Mell illustrates a direct statistical link, and argues that it shows the need for reform of both the House of Lords and our party funding system

Mechanochromic Tunable Emissions of Hydrogel Encapsulated Radioluminescent Crystalline Colloidal Arrays

Crystalline colloidal arrays (CCAs) are periodic dielectric arrays composed of monodisperse, negatively charged nanoparticles with unique optical characteristics. Poly(styrene-co-propargyl acrylate) (PS-PA) based copolymer nanoparticles synthesized via an emulsion polymerization form the basis of the CCAs in this work. The negatively charged surfaces result in the colloidal nanoparticles self-assembling into a face-centered cubic (fcc) crystal-like structure. The long-range order and spatial periodicity of the array result in a rejection wavelength, characteristic of CCAs, in which a specific wavelength of light is forbidden from propagating throughout the optical system. The CCAs exhibit mechanochromism through a rejection wavelength shift corresponding to a change in the interplanar spacing of the CCAs. The PS-PA particle basis in this work was modified by covalently incorporating organic emitters during synthesis to produce scintillating CCAs. CCA particles were copolymerized with a radioluminescent dye and additional fluorescent dyes to produce emissions across the visible light spectrum, forming three unique sets of CCA particles. Due to the liquid CCA system being sensitive to mechanical stress and ionic impurities, a poly(ethylene glycol) methacrylate (PEGMA) based hydrogel network was photopolymerized in situ with the CCAs to form a more mechanically robust film. By coupling the rejection wavelength with the radioluminescence, the encapsulated CCAs were demonstrated to have tunable emissions. The particular optical characteristics of the fully organic, hydrogel encapsulated, radioluminescent CCAs result in possible future use as potentially less toxic x-ray bioimaging materials

Managed Blockchain Based Cryptocurrencies with Consensus Enforced Rules and Transparency

Blockchain based cryptocurrencies are usually unmanaged, distributed, consensus-based systems in which no single entity has control. Managed cryptocurrencies can be implemented using private blockchains but are fundamentally different as the owners have complete control to do arbitrary activity without transparency (since they control the mining). In this work we explore a hybrid approach where a managed cryptocurrency is maintained through distributed consensus based methods. The currency administrator can perform ongoing management functions while the consensus methods enforce the rules of the cryptocurrency and provide transparency for all management actions. This enables the introduction of money management features common in fiat currencies but where the managing entity cannot perform arbitrary actions and transparency is enforced. We thus eliminate the need for users to trust the currency administrator but also to enable the administrator to manage the cryptocurrency. We demonstrate how to implement our approach through modest modifications to the implicit Bitcoin specification, however, our approach can be applied to most any blockchain based cryptocurrency using a variety of consensus methods.Comment: 10 pages, 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communication

A tutorial in frequency modulation screening technology for lithography

An impressive diversity of opinions concerning many important aspects of the Frequency Modulation process are heard from users and vendors. It has not been difficult to catch a single vendor contradicting themselves within their own publications. Many of the claims vendors make are not supported by users\u27 experiences. Other users, on the other hand, have found many of the vendors\u27 brightest claims to be realistic. The information sought for this project was aimed to answer the question What can I expect if I implement Frequency Modulation screening technology in my shop today? In order to answer that question effectively, a clear and comprehensive understanding of the fundamentals of the FM process is required. The results and experiences of those that have had the opportunity to test the process are integral to a complete survey of the technology as it exists today. These requirements became the focus of this research effort. With limited access to any of the hardware and software necessary to implement an FM screen, research must necessarily be conducted by means of interviews, seminar attendance and surveys of recent publications. A list of questions was developed primarily out of the discussions at the GATF Technology Alert in Pittsburgh this past January and the Seybold Conference in Boston this spring. Both covered Frequency Modulated VI screening extensively. The GATF seminar was particularly helpful in developing a set of relevant questions that were shared by many of the users later contacted. Even among knowledgeable users and lithographic crafts people, the range of opinions on nearly every relevant topic covers the gamut of possibilities. A consensus among all of the sources included within this project on any major topic relevant to FM screening has proved difficult. The framework used here must therefore be flexible enough to accommodate contradictory opinions within its findings. Interviews were only conducted with experts recognized in the field and with users having first-hand experience in their own FM experiments. Testing and validation of the opinions and experiences reported here has not been part of this project, rather, the anecdotal experiences of many qualified users together are presented as a valid indication of what new users may expect when implementing the FM process. As it appeared that the range of possible answers to each question had been uncovered, the answers were formatted into short, self-contained bits of information. It is intended that a curious user be able to access complete chunks of knowledge contained within the document quickly without need for any supporting information (besides the requirement of familiarity with basic lithographic principles.) Most topics are less than a page. Some are more and a few are only short paragraphs. No first-hand verification of the information presented here has been attempted. By collecting the opinions and experiences of qualified users and researchers in the field familiar with the process, a body of knowledge is created which accurately reflects the state of the FM process as it currently exists and provides an answer to the question What can I expect if I implement Frequency Modulation screening technology in my shop today? Many early reports of FM screening implied that FM screening would soon sweep all of lithographic printing. As the realities and the difficulties involved in the process have become known and reported, it becomes apparent that a less enthusiastic and better balanced opinion indicates that FM screening can create a much improved print product though production difficulties make FM screening unlikely to gain wide use before dramatic improvements in the tools used to maintain process controls

Mistaken Murder and Written Womanhood: The Evolution of Evelina Edwards in Late Eighteenth-Century and Early Nineteenth-Century Bath, England

This thesis explores the major themes and literary influences of Jane Austen’s novels through the voice of Evelina Edwards, a fictional girl born in Bath, England in 1784. Over the course of nine years, Evelina reconstructs her social world in a series of diary entries and letters, mirroring the anxieties and concerns of real women during the Regency era. Her writing juxtaposes the novel of manners with mystery, both satirizing trivial concerns and confronting emotional trauma in response to death and social isolation. Class hierarchy and gender roles placed heavy restrictions on women’s freedom, forcing them to carefully calibrate the consequences of their decisions. Ultimately, Evelina reconciles her desire for independence and her need for acceptance. By engaging in introspection and complex, moral reasoning, she develops empathy and learns to trust her own perceptions––independent of others’ ideas, but not impervious to them

Henri Temianka Correspondence; (mell)

https://digitalcommons.chapman.edu/temianka_correspondence/2384/thumbnail.jp