DeepAPT: Nation-State APT Attribution Using End-to-End Deep Neural Networks

In recent years numerous advanced malware, aka advanced persistent threats (APT) are allegedly developed by nation-states. The task of attributing an APT to a specific nation-state is extremely challenging for several reasons. Each nation-state has usually more than a single cyber unit that develops such advanced malware, rendering traditional authorship attribution algorithms useless. Furthermore, those APTs use state-of-the-art evasion techniques, making feature extraction challenging. Finally, the dataset of such available APTs is extremely small. In this paper we describe how deep neural networks (DNN) could be successfully employed for nation-state APT attribution. We use sandbox reports (recording the behavior of the APT when run dynamically) as raw input for the neural network, allowing the DNN to learn high level feature abstractions of the APTs itself. Using a test set of 1,000 Chinese and Russian developed APTs, we achieved an accuracy rate of 94.6%

HDAC inhibition potentiates immunotherapy in triple negative breast cancer.

Triple-negative breast cancer (TNBC) represents a more aggressive and difficult subtype of breast cancer where responses to chemotherapy occur, but toxicity is significant and resistance often follows. Immunotherapy has shown promising results in various types of cancer, including breast cancer. Here, we investigated a new combination strategy where histone deacetylase inhibitors (HDACi) are applied with immune checkpoint inhibitors to improve immunotherapy responses in TNBC. Testing different epigenetic modifiers, we focused on the mechanisms underlying HDACi as priming modulators of immunotherapy. Tumor cells were co-cultured with human peripheral blood mononuclear cells (PBMCs) and flow cytometric immunophenotyping was performed to define the role of epigenetic priming in promoting tumor antigen presentation and immune cell activation. We found that HDACi up-regulate PD-L1 mRNA and protein expression in a time-dependent manner in TNBC cells, but not in hormone responsive cells. Focusing on TNBC, HDACi up-regulated PD-L1 and HLA-DR on tumor cells when co-cultured with PBMCs and down-regulated CD4+ Foxp3+ Treg in vitro. HDACi significantly enhanced the in vivo response to PD-1/CTLA-4 blockade in the triple-negative 4T1 breast cancer mouse model, the only currently available experimental system with functional resemblance to human TNBC. This resulted in a significant decrease in tumor growth and increased survival, associated with increased T cell tumor infiltration and a reduction in CD4+ Foxp3+ T cells in the tumor microenvironment. Overall, our results suggest a novel role for HDAC inhibition in combination with immune checkpoint inhibitors and identify a promising therapeutic strategy, supporting its further clinical evaluation for TNBC treatment

On the Feasibility of Malware Authorship Attribution

There are many occasions in which the security community is interested to discover the authorship of malware binaries, either for digital forensics analysis of malware corpora or for thwarting live threats of malware invasion. Such a discovery of authorship might be possible due to stylistic features inherent to software codes written by human programmers. Existing studies of authorship attribution of general purpose software mainly focus on source code, which is typically based on the style of programs and environment. However, those features critically depend on the availability of the program source code, which is usually not the case when dealing with malware binaries. Such program binaries often do not retain many semantic or stylistic features due to the compilation process. Therefore, authorship attribution in the domain of malware binaries based on features and styles that will survive the compilation process is challenging. This paper provides the state of the art in this literature. Further, we analyze the features involved in those techniques. By using a case study, we identify features that can survive the compilation process. Finally, we analyze existing works on binary authorship attribution and study their applicability to real malware binaries.Comment: FPS 201

On Hirschman and log-Sobolev inequalities in mu-deformed Segal-Bargmann analysis

We consider a deformation of Segal-Bargmann space and its transform. We study L^p properties of this transform and obtain entropy-entropy inequalities (Hirschman) and entropy-energy inequalities (log-Sobolev) that generalize the corresponding known results in the undeformed theory.Comment: 42 pages, 3 figure

Interpolation and harmonic majorants in big Hardy-Orlicz spaces

Free interpolation in Hardy spaces is caracterized by the well-known Carleson condition. The result extends to Hardy-Orlicz spaces contained in the scale of classical Hardy spaces $H^p$, $p>0$. For the Smirnov and the Nevanlinna classes, interpolating sequences have been characterized in a recent paper in terms of the existence of harmonic majorants (quasi-bounded in the case of the Smirnov class). Since the Smirnov class can be regarded as the union over all Hardy-Orlicz spaces associated with a so-called strongly convex function, it is natural to ask how the condition changes from the Carleson condition in classical Hardy spaces to harmonic majorants in the Smirnov class. The aim of this paper is to narrow down this gap from the Smirnov class to ``big'' Hardy-Orlicz spaces. More precisely, we characterize interpolating sequences for a class of Hardy-Orlicz spaces that carry an algebraic structure and that are strictly bigger than $\bigcup_{p>0} H^p$. It turns out that the interpolating sequences are again characterized by the existence of quasi-bounded majorants, but now the weights of the majorants have to be in suitable Orlicz spaces. The existence of harmonic majorants in such Orlicz spaces will also be discussed in the general situation. We finish the paper with an example of a separated Blaschke sequence that is interpolating for certain Hardy-Orlicz spaces without being interpolating for slightly smaller ones.Comment: 19 pages, 2 figure

Absolute Present, Zen and Schrödinger’s One Mind

Erwin Schrödinger holds a prominent place in the history of science primarily due to his crucial role in the development of quantum physics. What is perhaps lesser known are his insights into subject-object duality, consciousness and mind. He documented himself that these were influenced by the Upanishads, a collection of ancient Hindu spiritual texts. Central to his thoughts in this area is that Mind is only One and there is no separation between subject and object. This chapter aims to bridge Schrödinger’s view on One Mind with the teachings of Dōgen, a twelfth century Zen master. This bridge is formed by addressing the question of how time relates to One Mind, and subject-object duality. Schrödinger describes the experience of One Mind to be like a timeless now, whereas subject-object duality involves a linear continuum of time. We show how these differing positions are unified in the notion of ‘absolute present’, which was put forward in the philosophy of Nishida Kitarō (1871–1945). In addition, we argue that it is in this notion of absolute present that the views of Schrödinger, Dōgen and Nishida meet

Asymptotically stable phase synchronization revealed by autoregressive circle maps

A new type of nonlinear time series analysis is introduced, based on phases, which are defined as polar angles in spaces spanned by a finite number of delayed coordinates. A canonical choice of the polar axis and a related implicit estimation scheme for the potentially underlying auto-regressive circle map (next phase map) guarantee the invertibility of reconstructed phase space trajectories to the original coordinates. The resulting Fourier approximated, Invertibility enforcing Phase Space map (FIPS map) is well suited to detect conditional asymptotic stability of coupled phases. This rather general synchronization criterion unites two existing generalisations of the old concept and can successfully be applied e.g. to phases obtained from ECG and airflow recordings characterizing cardio-respiratory interaction.Comment: PDF file, 232 KB, 24 pages, 3 figures; cheduled for Phys. Rev. E (Nov) 200

Self-adjoint Lyapunov variables, temporal ordering and irreversible representations of Schroedinger evolution

In non relativistic quantum mechanics time enters as a parameter in the Schroedinger equation. However, there are various situations where the need arises to view time as a dynamical variable. In this paper we consider the dynamical role of time through the construction of a Lyapunov variable - i.e., a self-adjoint quantum observable whose expectation value varies monotonically as time increases. It is shown, in a constructive way, that a certain class of models admit a Lyapunov variable and that the existence of a Lyapunov variable implies the existence of a transformation mapping the original quantum mechanical problem to an equivalent irreversible representation. In addition, it is proved that in the irreversible representation there exists a natural time ordering observable splitting the Hilbert space at each t>0 into past and future subspaces.Comment: Accepted for publication in JMP. Supercedes arXiv:0710.3604. Discussion expanded to include the case of Hamiltonians with an infinitely degenerate spectru

rf-studies of vortex dynamics in isotropic type-II superconductors

We have measured the surface impedance of thick superconductors in the mixed state over a broad 2 kHz - 20 MHz frequency range. The depinning cross-over is observed; but it is much broader than expected from classical theories of pinning. A striking result is the existence of size effects which invalidate the common interpretation of the low-frequency surface inductance in terms of a single penetration depth. Instead, a two-mode description of vortex dynamics, assuming free vortex flow in the bulk and surface pinning, accounts quantitatively for the spectrum of the complex apparent penetration depth.Comment: 20 pages, 6 figures, 28 reference

Measuring Information Transfer

An information theoretic measure is derived that quantifies the statistical coherence between systems evolving in time. The standard time delayed mutual information fails to distinguish information that is actually exchanged from shared information due to common history and input signals. In our new approach, these influences are excluded by appropriate conditioning of transition probabilities. The resulting transfer entropy is able to distinguish driving and responding elements and to detect asymmetry in the coupling of subsystems.Comment: 4 pages, 4 Figures, Revte