Classifying Web Exploits with Topic Modeling

This short empirical paper investigates how well topic modeling and database meta-data characteristics can classify web and other proof-of-concept (PoC) exploits for publicly disclosed software vulnerabilities. By using a dataset comprised of over 36 thousand PoC exploits, near a 0.9 accuracy rate is obtained in the empirical experiment. Text mining and topic modeling are a significant boost factor behind this classification performance. In addition to these empirical results, the paper contributes to the research tradition of enhancing software vulnerability information with text mining, providing also a few scholarly observations about the potential for semi-automatic classification of exploits in the existing tracking infrastructures.Comment: Proceedings of the 2017 28th International Workshop on Database and Expert Systems Applications (DEXA). http://ieeexplore.ieee.org/abstract/document/8049693

An Empirical Analysis of Vulnerabilities in Python Packages for Web Applications

This paper examines software vulnerabilities in common Python packages used particularly for web development. The empirical dataset is based on the PyPI package repository and the so-called Safety DB used to track vulnerabilities in selected packages within the repository. The methodological approach builds on a release-based time series analysis of the conditional probabilities for the releases of the packages to be vulnerable. According to the results, many of the Python vulnerabilities observed seem to be only modestly severe; input validation and cross-site scripting have been the most typical vulnerabilities. In terms of the time series analysis based on the release histories, only the recent past is observed to be relevant for statistical predictions; the classical Markov property holds.Comment: Forthcoming in: Proceedings of the 9th International Workshop on Empirical Software Engineering in Practice (IWESEP 2018), Nara, IEE

Gendering NATO : a feminist analysis of a military organization

The aim of this thesis is to explain how the benefits of gender are understood in NATO’s official gender policy agenda. During the past decade, gender issues have gained increasing attention with regards to conflict resolution and post-conflict reconstruction. The research material is gathered from NATO’s website, where the special section dedicated to gender policy has existed for some years. The empirical material consists of multiple kinds of documents, thus the analysis method is content analysis. By applying feminist international relations theory and Michel Foucault’s concepts of biopower and governmentality, it is shown that gender is perceived in NATO as a concept that is supposed to collaborate with organizational objectives. However, the accelerating “gender awareness” is not challenging the existing masculine power structures in NATO. At NATO, an inside enquiry has yielded the results that gender is not unequivocally defined. Regardless of the intricacy, gender is articulated to indicate the biolog cal female sex. Gender is also a biopolitical apparatus to govern the sexual difference between male and female. This thesis concludes that NATO’s intentions of increasing female participation by mainstreaming gender perspectives is an attempt to react to the ongoing change in the security sector and to support peace and humanity, that by turn are the very concepts of modern era that should be re-evaluated. In Foucauldian sense, this is also a question of war and its definition. There is a relational force to the ways in which war intersects with power and life under modern conditions. It also has an individuating force. The main dilemma of gender is twofold: female NATO-personnel are presented as empathic communicators, thus independent, whilst the women in targeted countries become presented as a homogenous group, which needs to be secured. All together the discussion about the role of women in the military, as the discussion of “women as victims” is a part of the process of globalization. The conclusions of this thesis are twofold. Firstly, we shall analyse the role of women working for the military, and the gender roles within the military. Secondly, when attention is given to the local women, we receive another concept of “womanhood”, which is created within Western feminist academic discourse by creating the “other” women. These “other” women are the ones to be secured. These two ways of perceiving womanhood does not lead to universal feminism, as it ends up promoting the division between the (developed) West and the (underdeveloped) rest. Another question is, if there should be a common feminist objective based on gender that is a very fluid concept even within feminist discourse

Kuolleiden saaret. Historiallisen ajan keskisuomalaisten saarihautausmaiden luonne ja käyttö hautapaikkoina

Kirkkomaiden ulkopuolella sijaitsevat hautasaaret ovat leimallisia erityisesti harvaan asutuille seuduille, joissa kirkkomatkat ovat olleet pitkiä ja hankalia. Saaria on pidetty väliaikaisina hautausmaina, joihin on haudattu kesällä, kelirikkoaikana tai levottomana ajankohtana kuolleet odottamaan myöhempää kuljetusta kirkkomaalle. Saarten käyttöä hautaustarkoituksiin ei ole kuitenkaan systemaattisesti tutkittu. Tässä artikkelissa tarkastellaan Keski-Suomessa sijaitsevien Petäjäveden ja Uuraisten hautapaikkoja sekä niiksi epäiltyjä kohteita. Laajan ja monia tieteenaloja käsittelevän lähdeaineiston kautta artikkeli selvittää kohteiden luonnetta ja niiden käyttöä hautapaikkoina. Erityistä huomiota kiinnitetään aineiston esittelyn lisäksi hautaustradition ajoittamiseen eri menetelmillä