Structural Learning of Attack Vectors for Generating Mutated XSS Attacks

Web applications suffer from cross-site scripting (XSS) attacks that resulting from incomplete or incorrect input sanitization. Learning the structure of attack vectors could enrich the variety of manifestations in generated XSS attacks. In this study, we focus on generating more threatening XSS attacks for the state-of-the-art detection approaches that can find potential XSS vulnerabilities in Web applications, and propose a mechanism for structural learning of attack vectors with the aim of generating mutated XSS attacks in a fully automatic way. Mutated XSS attack generation depends on the analysis of attack vectors and the structural learning mechanism. For the kernel of the learning mechanism, we use a Hidden Markov model (HMM) as the structure of the attack vector model to capture the implicit manner of the attack vector, and this manner is benefited from the syntax meanings that are labeled by the proposed tokenizing mechanism. Bayes theorem is used to determine the number of hidden states in the model for generalizing the structure model. The paper has the contributions as following: (1) automatically learn the structure of attack vectors from practical data analysis to modeling a structure model of attack vectors, (2) mimic the manners and the elements of attack vectors to extend the ability of testing tool for identifying XSS vulnerabilities, (3) be helpful to verify the flaws of blacklist sanitization procedures of Web applications. We evaluated the proposed mechanism by Burp Intruder with a dataset collected from public XSS archives. The results show that mutated XSS attack generation can identify potential vulnerabilities.Comment: In Proceedings TAV-WEB 2010, arXiv:1009.330

Cerebral small vessel disease genomics and its implications across the lifespan

White matter hyperintensities (WMH) are the most common brain-imaging feature of cerebral small vessel disease (SVD), hypertension being the main known risk factor. Here, we identify 27 genome-wide loci for WMH-volume in a cohort of 50,970 older individuals, accounting for modification/confounding by hypertension. Aggregated WMH risk variants were associated with altered white matter integrity (p = 2.5×10-7) in brain images from 1,738 young healthy adults, providing insight into the lifetime impact of SVD genetic risk. Mendelian randomization suggested causal association of increasing WMH-volume with stroke, Alzheimer-type dementia, and of increasing blood pressure (BP) with larger WMH-volume, notably also in persons without clinical hypertension. Transcriptome-wide colocalization analyses showed association of WMH-volume with expression of 39 genes, of which four encode known drug targets. Finally, we provide insight into BP-independent biological pathways underlying SVD and suggest potential for genetic stratification of high-risk individuals and for genetically-informed prioritization of drug targets for prevention trials.Peer reviewe

Meta-analysis of 375,000 individuals identifies 38 susceptibility loci for migraine

Migraine is a debilitating neurological disorder affecting around one in seven people worldwide, but its molecular mechanisms remain poorly understood. There is some debate about whether migraine is a disease of vascular dysfunction or a result of neuronal dysfunction with secondary vascular changes. Genome-wide association (GWA) studies have thus far identified 13 independent loci associated with migraine. To identify new susceptibility loci, we carried out a genetic study of migraine on 59,674 affected subjects and 316,078 controls from 22 GWA studies. We identified 44 independent single-nucleotide polymorphisms (SNPs) significantly associated with migraine risk (P < 5 × 10−8) that mapped to 38 distinct genomic loci, including 28 loci not previously reported and a locus that to our knowledge is the first to be identified on chromosome X. In subsequent computational analyses, the identified loci showed enrichment for genes expressed in vascular and smooth muscle tissues, consistent with a predominant theory of migraine that highlights vascular etiologies

Gemeinsinn und Solidarität: Motivation und Wirkung von Freiwilligenarbeit

Freiwilligenarbeit ist eine zentrale Säule der Bürgergesellschaft und fördert wechselseitige Teilhabe. In diesem Text wird ein Überblick über die psychologische Motivforschung zur Freiwilligenarbeit gegeben. Es werden konkrete Empfehlungen abgeleitet, wie sich entsprechende Commitments und Verhaltensweisen fördern lassen. Volunteering is a key pillar of our civil society and promotes mutual social inclusion. This text gives an overview on psychological motive research on volunteering. Specific recommendations are derived, how relevant commitments and decisions can be promoted

Freiwilligenarbeit aus gerechtigkeitspsychologischer Perspektive

Das einleitende Kapitel gibt einen Überblick über den gemeinsamen konzeptuellen Hintergrund der Arbeiten des Sammelbands. Hierzu wird die Forschungstradition zu prosozialem Verhalten und verantwortlichem Handeln skizziert, bevor eine Einführung in den funktionalen Ansatz zur Erklärung von Freiwilligenarbeit gegeben wird. Abschließend werden die einzelnen Arbeiten des Bandes kurz vorgestellt und zueinander in Beziehung gesetzt

The quality of volunteers' motives : integrating the functional approach and self-determination theory

Volunteers’ motives have been differentially linked to various aspects of successful volunteering. Using self-determination theory, we propose that volunteer functions are systematically related to the experience of self-determined versus controlled motivation. This “quality of motivation”, in turn, explains why motives are differentially associated with satisfaction. We conducted two studies: Study 1 (N1 = 824) addressed motives, quality of motivation, and satisfaction; Study 2 (N2 = 323) additionally examined function-specific benefits and the extent to which they match volunteers’ motives. Overall, our hypotheses were supported: Values, understanding, and social justice motives were positively associated with relatively self-determined motivation (RSM), whereas career, social, protective, and enhancement motives showed negative correlations. The relationships between motives and satisfaction were partially mediated by RSM. Concerning benefits, Study 2 corroborated these findings for values, protective, enhancement, and social justice. This research introduces a new perspective on the quality of volunteers’ motives - with theoretical and practical implications

SecuBat: A Web Vulnerability Scanner

As the popularity of the web increases and web applications become tools of everyday use, the role of web security has been gaining importance as well. The last years have shown a significant increase in the number of web-based attacks. For example, there has been extensive press coverage of recent security incidences involving the loss of sensitive credit card information belonging to millions of customers

Freiwilligenarbeit und Erwerbsarbeit am Beispiel der Feuerwehr : mehr Gemeinsamkeiten als Unterschiede

Obgleich Haupt- und Ehrenamtliche in vielen Organisationen zusammenarbeiten, gibt es bislang kaum vergleichende Forschung zu ihren Motivgrundlagen. In diese Lücke stößt die vorliegende Online-Studie (N = 1.804) am Beispiel der Freiwilligen Feuerwehr (N1 = 1.549) und Berufsfeuerwehr (N2 = 255). Der um die feuerwehrspezifische Funktion der Erlebnissuche erweiterte funktionale Ansatz des Volunteer Functions Inventory (VFI) von Clary et al. lässt sich als neu konzipiertes Paid Functions Inventory (PFI) auf die Berufsfeuerwehr übertragen. Zwar gibt es wahrgenommene Unterschiede zwischen den Gruppen und ihrem Selbst- und Fremdbild, doch sind ihre Motivstrukturen und deren Korrelationsmuster sehr ähnlich. Entsprechend ist die Arbeitszufriedenheit in beiden Gruppen hoch ausgeprägt. 27 Prozent ihrer Varianz kann bei der Freiwilligen Feuerwehr und 50 Prozent bei der Berufsfeuerwehr mit Hilfe des untersuchten Variablensets vorhergesagt werden. Die Gemeinsamkeiten zwischen freiwilliger und Erwerbsarbeit sollten für andere Tätigkeitsfelder validiert und in die Praxis getragen werden

Incidence and outcomes of acute mesenteric ischaemia : a systematic review and meta-analysis

Objective To estimate the incidence of acute mesenteric ischaemia (AMI), proportions of its different forms and short-term and long-term mortality. Design Systematic review and meta-analysis. Data sources MEDLINE (Ovid), Web of Science, Scopus and Cochrane Library were searched until 26 July 2022. Eligibility criteria Studies reporting data on the incidence and outcomes of AMI in adult populations. Data extraction and synthesis Data extraction and quality assessment with modified Newcastle-Ottawa scale were performed using predeveloped standard forms. The outcomes were the incidence of AMI and its different forms in the general population and in patients admitted to hospital, and the mortality of AMI in its different forms. Results From 3064 records, 335 full texts were reviewed and 163 included in the quantitative analysis. The mean incidence of AMI was 6.2 (95% CI 1.9 to 12.9) per 100 000 person years. On average 5.0 (95% CI 3.3 to 7.1) of 10 000 hospital admissions were due to AMI. Occlusive arterial AMI was the most common form constituting 68.6% (95% CI 63.7 to 73.2) of all AMI cases, with similar proportions of embolism and thrombosis. Overall short-term mortality (in-hospital or within 30 days) of AMI was 59.6% (95% CI 55.5 to 63.6), being 68.7% (95% CI 60.8 to 74.9) in patients treated before the year 2000 and 55.0% (95% CI 45.5 to 64.1) in patients treated from 2000 onwards (p&lt;0.05). The mid/long-term mortality of AMI was 68.2% (95% CI 60.7 to 74.9). Mortality due to mesenteric venous thrombosis was 24.6% (95% CI 17.0 to 32.9) and of non-occlusive mesenteric ischaemia 58.4% (95% CI 48.6 to 67.7). The short-term mortality of revascularised occlusive arterial AMI was 33.9% (95% CI 30.7 to 37.4). Conclusions In adult patients, AMI is a rarely diagnosed condition with high mortality, although with improvement of treatment results over the last decades. Two thirds of AMI cases are of occlusive arterial origin with potential for better survival if revascularised. PROSPERO registration number CRD42021247148