219 research outputs found
A framework for malicious host fingerprinting using distributed network sensors
Numerous software agents exist and are responsible for increasing volumes of malicious traffic that is observed on the Internet today. From a technical perspective the existing techniques for monitoring malicious agents and traffic were not developed to allow for the interrogation of the source of malicious traffic. This interrogation or reconnaissance would be considered active analysis as opposed to existing, mostly passive analysis. Unlike passive analysis, the active techniques are time-sensitive and their results become increasingly inaccurate as time delta between observation and interrogation increases. In addition to this, some studies had shown that the geographic separation of hosts on the Internet have resulted in pockets of different malicious agents and traffic targeting victims. As such it would be important to perform any kind of data collection over various source and in distributed IP address space. The data gathering and exposure capabilities of sensors such as honeypots and network telescopes were extended through the development of near-realtime Distributed Sensor Network modules that allowed for the near-realtime analysis of malicious traffic from distributed, heterogeneous monitoring sensors. In order to utilise the data exposed by the near-realtime Distributed Sensor Network modules an Automated Reconnaissance Framework was created, this framework was tasked with active and passive information collection and analysis of data in near-realtime and was designed from an adapted Multi Sensor Data Fusion model. The hypothesis was made that if sufficiently different characteristics of a host could be identified; combined they could act as a unique fingerprint for that host, potentially allowing for the re-identification of that host, even if its IP address had changed. To this end the concept of Latency Based Multilateration was introduced, acting as an additional metric for remote host fingerprinting. The vast amount of information gathered by the AR-Framework required the development of visualisation tools which could illustrate this data in near-realtime and also provided various degrees of interaction to accommodate human interpretation of such data. Ultimately the data collected through the application of the near-realtime Distributed Sensor Network and AR-Framework provided a unique perspective of a malicious host demographic. Allowing for new correlations to be drawn between attributes such as common open ports and operating systems, location, and inferred intent of these malicious hosts. The result of which expands our current understanding of malicious hosts on the Internet and enables further research in the area
Recommended from our members
Reliability Generalization Analysis of the Core Self-Evaluations Scale
As a multifaceted construct reflecting one’s self-esteem, generalized self-efficacy, locus of control, and emotional stability, core self-evaluations has become popular to measure in applied psychology research, especially given its conceptual importance and empirical usefulness for understanding the dispositional effects on employee attitudes and behaviors. Yet, less attention has been paid to the internal properties of its measurement, relative to its criterion-related validity evidence. Thus, we believe that it is useful and timely to report on meta-analytic evidence regarding the psychometric reliability and associated study characteristics of Core Self-Evaluations Scale (CSES; Judge et al., 2003) to inform their nature, use, and future development. Results demonstrated support for acceptable levels of coefficient alpha across measures (μα = .84, τ = .05). We discuss several implications for measuring CSE in a multidimensional and generalizable manner
Unemployment equilibria and input prices: theory and evidence from the United States
This paper develops an efficiency-wage model where input prices affect the equilibrium rate of unemployment. We show that a simple framework based on only two prices (the real price of oil and the real rate of interest) is able to explain the main post-war movements in the rate of U.S. joblessness. The equations do well in forecasting unemployment many years out-of-sample, and provide evidence that the oil-price spike associated with Iraq’s invasion of Kuwait appears to be a component of the “mystery” recession which followed
Exploring Peripheral Physiology as a Predictor of Perceived Relevance in Information Retrieval
Peripheral physiological signals, as obtained using electrodermal activity and facial electromyography over the corrugator supercilii muscle, are explored as indicators of perceived relevance in information retrieval tasks. An experiment with 40 participants is reported, in which these physiological signals are recorded while participants perform information retrieval tasks. Appropriate feature engineering is defined, and the feature space is explored. The results indicate that features in the window of 4 to 6 seconds after the relevance judgment for electrodermal activity, and from 1 second before to 2 seconds after the relevance judgment for corrugator supercilii activity, are associated with the users’ perceived relevance of information items. A classifier verified the predictive power of the features and showed up to 14% improvement predicting relevance. Our research can help the design of intelligent user interfaces for information retrieval that can detect the user’s perceived relevance from physiological signals and complement or replace conventional relevance feedback
Requirements for gene silencing mediated by U1 snRNA binding to a target sequence
U1 interference (U1i) is a novel method to block gene expression. U1i requires expression of a 5′-end-mutated U1 snRNA designed to base pair to the 3′-terminal exon of the target gene's pre-mRNA that leads to inhibition of polyadenylation. Here, we show U1i is robust (≥95%) and a 10-nt target length is sufficient for good silencing. Surprisingly, longer U1 snRNAs, which could increase annealing to the target, fail to improve silencing. Extensive mutagenesis of the 10-bp U1 snRNA:target duplex shows that any single mismatch different from GU at positions 3–8, destroys silencing. However, mismatches within the other positions give partial silencing, suggesting that off-target inhibition could occur. The specificity of U1i may be enhanced, however, by the fact that silencing is impaired by RNA secondary structure or by splicing factors binding nearby, the latter mediated by Arginine-Serine (RS) domains. U1i inhibition can be reconstituted in vivo by tethering of RS domains of U1-70K and U2AF65. These results help to: (i) define good target sites for U1i; (ii) identify and understand natural cellular examples of U1i; (iii) clarify the contribution of hydrogen bonding to U1i and to U1 snRNP binding to 5′ splice sites and (iv) understand the mechanism of U1i
Recent star formation in nearby galaxies from GALEX imaging:M101 and M51
The GALEX (Galaxy Evolution Explorer) Nearby Galaxies Survey is providing
deep far-UV and near-UV imaging for a representative sample of galaxies in the
local universe. We present early results for M51 and M101, from GALEX UV
imaging and SDSS optical data in five bands. The multi-band photometry of
compact stellar complexes in M101 is compared to population synthesis models,
to derive ages, reddening, reddening-corrected luminosities and current/initial
masses. The GALEX UV photometry provides a complete census of young compact
complexes on a approximately 160pc scale. A galactocentric gradient of the
far-UV - near-UV color indicates younger stellar populations towards the outer
parts of the galaxy disks, the effect being more pronounced in M101 than in
M51.Comment: This paper will be published as part of the Galaxy Evolution Explorer
(GALEX) Astrophysical Journal Letters Special Issue. Full paper available
from http://dolomiti.pha.jhu.edu . Links to full set of papers will be
available at http://www.galex.caltech.edu/PUBLICATIONS/ after November 22,
200
Predicting term-relevance from brain signals (Proceedings of the 37th international ACM SIGIR conference on Research & development in information retrieval)
Term-Relevance Prediction from Brain Signals (TRPB) is proposed to automatically detect relevance of text information directly from brain signals. An experiment with forty participants was conducted to record neural activity of participants while providing relevance judgments to text stimuli for a given topic. High-precision scientific equipment was used to quantify neural activity across 32 electroencephalography (EEG) channels. A classifier based on a multi-view EEG feature representation showed improvement up to 17% in relevance prediction based on brain signals alone. Relevance was also associated with brain activity with significant changes in certain brain areas. Consequently, TRPB is based on changes identified in specific brain areas and does not require user-specific training or calibration. Hence, relevance predictions can be conducted for unseen content and unseen participants. As an application of TRPB we demonstrate a high-precision variant of the classifier that constructs sets of relevant terms for a given unknown topic of interest. Our research shows that detecting relevance from brain signals is possible and allows the acquisition of relevance judgments without a need to observe any other user interaction. This suggests that TRPB could be used in combination or as an alternative for conventional implicit feedback signals, such as dwell time or click-through activity
- …