An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors

Advanced persistent threats pose a significant challenge for blue teams as they apply various attacks over prolonged periods, impeding event correlation and their detection. In this work, we leverage various diverse attack scenarios to assess the efficacy of EDRs against detecting and preventing APTs. Our results indicate that there is still a lot of room for improvement as state-of-the-art EDRs fail to prevent and log the bulk of the attacks that are reported in this work. Additionally, we discuss methods to tamper with the telemetry providers of EDRs, allowing an adversary to perform a more stealth attack.

Download Full-text

A Novel Stacked Ensemble for Hate Speech Recognition

Applied Sciences ◽

10.3390/app112411684 ◽

2021 ◽

Vol 11 (24) ◽

pp. 11684

Author(s):

Mona Khalifa A. Aljero ◽

Nazife Dimililer

Keyword(s):

Machine Learning ◽

Hate Speech ◽

State Of The Art ◽

Majority Voting ◽

Support Vector ◽

Timely Manner ◽

Machine Learning Classifiers ◽

Significant Challenge ◽

Final Output ◽

Harmful Content

Detecting harmful content or hate speech on social media is a significant challenge due to the high throughput and large volume of content production on these platforms. Identifying hate speech in a timely manner is crucial in preventing its dissemination. We propose a novel stacked ensemble approach for detecting hate speech in English tweets. The proposed architecture employs an ensemble of three classifiers, namely support vector machine (SVM), logistic regression (LR), and XGBoost classifier (XGB), trained using word2vec and universal encoding features. The meta classifier, LR, combines the outputs of the three base classifiers and the features employed by the base classifiers to produce the final output. It is shown that the proposed architecture improves the performance of the widely used single classifiers as well as the standard stacking and classifier ensemble using majority voting. We also present results on the use of various combinations of machine learning classifiers as base classifiers. The experimental results from the proposed architecture indicated an improvement in the performance on all four datasets compared with the standard stacking, base classifiers, and majority voting. Furthermore, on three of these datasets, the proposed architecture outperformed all state-of-the-art systems.

Download Full-text

Deriving Subgoals Autonomously to Accelerate Learning in Sparse Reward Domains

Proceedings of the AAAI Conference on Artificial Intelligence ◽

10.1609/aaai.v33i01.3301881 ◽

2019 ◽

Vol 33 ◽

pp. 881-889 ◽

Cited By ~ 1

Author(s):

Michael Dann ◽

Fabio Zambetta ◽

John Thangarajah

Keyword(s):

Reinforcement Learning ◽

Domain Knowledge ◽

State Of The Art ◽

Significant Challenge ◽

Intrinsic Reward ◽

Art Methods ◽

Efficient Exploration

Sparse reward games, such as the infamous Montezuma’s Revenge, pose a significant challenge for Reinforcement Learning (RL) agents. Hierarchical RL, which promotes efficient exploration via subgoals, has shown promise in these games. However, existing agents rely either on human domain knowledge or slow autonomous methods to derive suitable subgoals. In this work, we describe a new, autonomous approach for deriving subgoals from raw pixels that is more efficient than competing methods. We propose a novel intrinsic reward scheme for exploiting the derived subgoals, applying it to three Atari games with sparse rewards. Our agent’s performance is comparable to that of state-of-the-art methods, demonstrating the usefulness of the subgoals found.

Download Full-text

Combating advanced persistent threats: From network event correlation to incident detection

Computers & Security ◽

10.1016/j.cose.2014.09.006 ◽

2015 ◽

Vol 48 ◽

pp. 35-57 ◽

Cited By ~ 79

Author(s):

Ivo Friedberg ◽

Florian Skopik ◽

Giuseppe Settanni ◽

Roman Fiedler

Keyword(s):

Incident Detection ◽

Event Correlation ◽

Advanced Persistent Threats ◽

Network Event

Download Full-text

Cross-Interaction Hierarchical Attention Networks for Urban Anomaly Prediction

Proceedings of the Twenty-Ninth International Joint Conference on Artificial Intelligence ◽

10.24963/ijcai.2020/601 ◽

2020 ◽

Author(s):

Chao Huang ◽

Chuxu Zhang ◽

Peng Dai ◽

Liefeng Bo

Keyword(s):

Urban Space ◽

State Of The Art ◽

Intelligent Transportation ◽

Modal Interactions ◽

Vehicle Collisions ◽

Attention Networks ◽

Dynamic Correlations ◽

Significant Challenge ◽

Two Factors ◽

Occurrence Patterns

Predicting anomalies (e.g., blocked driveway and vehicle collisions) in urban space plays an important role in assisting governments and communities for building smart city applications, ranging from intelligent transportation to public safety. However, predicting urban anomalies is not trivial due to the following two factors: i) The sequential transition regularities of anomaly occurrences is complex, which exhibit with high-order and dynamic correlations. ii) The Interactions between region, time and anomaly category is multi-dimensional in real-world urban anomaly forecasting scenario. How to fuse multiple relations from spatial, temporal and categorical dimensions in the predictive framework remains a significant challenge. To address these two challenges, we propose a Cross-Interaction Hierarchical Attention network model (CHAT) which uncovers the dynamic occurrence patterns of time-stamped urban anomaly data. Our CHAT framework could automatically capture the relevance of past anomaly occurrences across different time steps, and discriminates which types of cross-modal interactions are more important for making future predictions. Experiment results demonstrate the superiority of CHAT framework over state-of-the-art baselines.

Download Full-text

Severe Accidents as the Dominant Nuclear Hazard

Nuclear and Radiation Safety ◽

10.32918/nrs.2016.1(69).05 ◽

2016 ◽

pp. 37-38

Author(s):

G. Kopchinsky

Keyword(s):

Nuclear Power ◽

Power Plants ◽

State Of The Art ◽

Nuclear Accident ◽

Regulatory Requirements ◽

Severe Accidents ◽

Operational Lifetime ◽

Response Systems ◽

Analytical Tools ◽

Severe Nuclear Accident

Ukraine, which experienced a severe nuclear accident, crucially necessitates efficient methods for management of severe accidents, appropriate response systems for maintaining and recovery of safety functions and primarily the fundamental ones. The paper refers to the need to deepen and systematically extend measures for improving safety of nuclear power plants, taking into account all internal and external man-made and natural events, and the dynamics in changing of their characteristics during NPP operational lifetime using state-of-the-art computer analytical tools and a significant revision of regulatory requirements.

Download Full-text

A community perspective on the concept of marine holobionts: state-of-the-art, challenges, and future directions

10.7287/peerj.preprints.27519v1 ◽

2019 ◽

Cited By ~ 1

Author(s):

Simon M Dittami ◽

Enrique Arboleda ◽

Jean-Christophe Auguet ◽

Arite Bigalke ◽

Enora Briand ◽

...

Keyword(s):

Complex Systems ◽

Functional Unit ◽

State Of The Art ◽

Model Systems ◽

Future Directions ◽

Significant Challenge ◽

Living Together ◽

Microbe Interactions ◽

Host Microbe Interactions ◽

Bridge Functional

Host-microbe interactions play crucial roles in marine ecosystems, but we still have very little understanding of the mechanisms that govern these relationships, the evolutionary processes that shape them, and their ecological consequences. The holobiont concept is a renewed paradigm in biology that can help describe and understand these complex systems. It posits that a host and its associated microbiota, living together in a long-lasting relationship, form the holobiont, and have to be studied together, as a coherent biological and functional unit, in order to understand the biology, ecology and evolution of the organisms. Here we discuss critical concepts and opportunities in marine holobiont research and identify key challenges in the field. We highlight the potential economic, sociological, and environmental impacts of the holobiont concept in marine biological, evolutionary, and environmental sciences with comparisons to terrestrial science whenever appropriate. A deeper understanding of such complex systems, however, will require further technological and conceptual advances. The most significant challenge will be to bridge functional research on simple and tractable model systems and global approaches. This will require scientists to work together as an (inter)active community in order to address, for instance, ecological and evolutionary questions and the roles of holobionts in biogeochemical cycles.

Download Full-text

EVALUATION AND COMPARISON USING ACTIVITY SIGNALS OF SPEECH METHODS IN RIVER PLATE SPANISH USING BEPPA CORPUS

Revista de Investigaciones Universidad del Quindío ◽

10.33975/riuq.vol28n1.43 ◽

2016 ◽

Vol 28 (1) ◽

pp. 138-144

Author(s):

Horderlin Vrangel Robles ◽

Valentin Molina ◽

Luis Martinez ◽

Hermann Davila

Keyword(s):

State Of The Art ◽

Detection Algorithm ◽

Spectral Energy ◽

Activity Detection ◽

Endpoint Detection ◽

Zero Crossing ◽

Order Difference ◽

Rate Method ◽

Short Time ◽

Voice Activity

The results obtained after comparing several algorithms which use basic methods of signal processing for speech activity detection of voice or VAD (Voice Activity Detection-VAD), were assessed in order to determine their effectiveness. The algorithms presented in this article are short-time or spectral energy based endpoint detection algorithm, the zero crossing rate method, and the higher order differential (High Order Difference, HOD) method. First, an introduction of the concept of VAD is presented and the need to apply such language algorithms in River Plate is Spanish. Then a summary of the state of the art techniques and algorithms for detecting voice activity is shown with evidence and experiments used to implement algorithms with BEPPA corpus (Evaluation Battery for Patients with Auditive Prostheses, BEPPA – in Spanish).

Download Full-text

Recent Advances of Wearable Antennas in Materials, Fabrication Methods, Designs, and Their Applications: State-of-the-Art

Micromachines ◽

10.3390/mi11100888 ◽

2020 ◽

Vol 11 (10) ◽

pp. 888

Author(s):

Shahid Ali ◽

Cheab Sovuthy ◽

Muhammad Imran ◽

Soeung Socheatra ◽

Qammer Abbasi ◽

...

Keyword(s):

State Of The Art ◽

Structural Deformation ◽

New Materials ◽

Significant Progress ◽

Body Area ◽

Future Directions ◽

Wearable Technologies ◽

Significant Challenge ◽

Wearable Antennas ◽

Precision And Accuracy

The demand for wearable technologies has grown tremendously in recent years. Wearable antennas are used for various applications, in many cases within the context of wireless body area networks (WBAN). In WBAN, the presence of the human body poses a significant challenge to the wearable antennas. Specifically, such requirements are required to be considered on a priority basis in the wearable antennas, such as structural deformation, precision, and accuracy in fabrication methods and their size. Various researchers are active in this field and, accordingly, some significant progress has been achieved recently. This article attempts to critically review the wearable antennas especially in light of new materials and fabrication methods, and novel designs, such as miniaturized button antennas and miniaturized single and multi-band antennas, and their unique smart applications in WBAN. Finally, the conclusion has been drawn with respect to some future directions.

Download Full-text

Graph Representations for Higher-Order Logic and Theorem Proving

Proceedings of the AAAI Conference on Artificial Intelligence ◽

10.1609/aaai.v34i03.5689 ◽

2020 ◽

Vol 34 (03) ◽

pp. 2967-2974

Author(s):

Aditya Paliwal ◽

Sarah Loos ◽

Markus Rabe ◽

Kshitij Bansal ◽

Christian Szegedy

Keyword(s):

Theorem Proving ◽

State Of The Art ◽

Higher Order ◽

Order Logic ◽

Established Method ◽

Higher Order Logic ◽

Graph Representations ◽

Significant Challenge ◽

Proof Search ◽

Graph Neural Networks

This paper presents the first use of graph neural networks (GNNs) for higher-order proof search and demonstrates that GNNs can improve upon state-of-the-art results in this domain. Interactive, higher-order theorem provers allow for the formalization of most mathematical theories and have been shown to pose a significant challenge for deep learning. Higher-order logic is highly expressive and, even though it is well-structured with a clearly defined grammar and semantics, there still remains no well-established method to convert formulas into graph-based representations. In this paper, we consider several graphical representations of higher-order logic and evaluate them against the HOList benchmark for higher-order theorem proving.

Download Full-text

Tactical Provenance Analysis for Endpoint Detection and Response Systems

2020 IEEE Symposium on Security and Privacy (SP) ◽

10.1109/sp40000.2020.00096 ◽

2020 ◽

Cited By ~ 1

Author(s):

Wajih Ul Hassan ◽

Adam Bates ◽

Daniel Marino

Keyword(s):

Endpoint Detection ◽

Provenance Analysis ◽

Response Systems

Download Full-text