Filtering False Alarms for Static Detection of Array Bounds Violation via Weakest Precondition

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.753-755.2325 ◽

2013 ◽

Vol 753-755 ◽

pp. 2325-2328

Author(s):

Jie Chen

Keyword(s):

Static Analysis ◽

High Rate ◽

False Alarms ◽

Weakest Precondition ◽

Weakest Preconditions ◽

Powerful Approach ◽

Static Detection

Array bounds violations are a bane of programming in most languages. Static analysis provides a powerful approach to detect such bugs, but it always suffers high rate of false alarms. We propose a local, demand-driven approach based on weakest preconditions propagation to filter false alarms for static detection of array bounds violations. A concrete example is presented to show that our method is effective.

Download Full-text

A Modified FlowDroid Based on Chi-Square Test of Permissions

Entropy ◽

10.3390/e23020174 ◽

2021 ◽

Vol 23 (2) ◽

pp. 174

Author(s):

Hongzhaoning Kang ◽

Gang Liu ◽

Zhengping Wu ◽

Yumin Tian ◽

Lizhi Zhang

Keyword(s):

Detection Efficiency ◽

False Alarms ◽

Chi Square ◽

Secure Storage ◽

Chi Square Test ◽

Complex Detection ◽

Android Applications ◽

Malicious Apps ◽

Flow Detection ◽

Static Detection

Android devices are currently widely used in many fields, such as automatic control, embedded systems, the Internet of Things and so on. At the same time, Android applications (apps) always use multiple permissions, and permissions can be abused by malicious apps that disclose users’ privacy or breach the secure storage of information. FlowDroid has been extensively studied as a novel and highly precise static taint analysis for Android applications. Aiming at the problem of complex detection and false alarms in FlowDroid, an improved static detection method based on feature permission and risk rating is proposed. Firstly, the Chi-square test is used to extract correlated permissions related to malicious apps, and mutual information is used to cluster the permissions to generate feature permission clusters. Secondly, risk calculation method based on permissions and combinations of permissions are proposed to identify dangerous data flows. Experiments show that this method can significantly improve detection efficiency while maintaining the accuracy of dangerous data flow detection.

Download Full-text

Quantum weakest preconditions

Mathematical Structures in Computer Science ◽

10.1017/s0960129506005251 ◽

2006 ◽

Vol 16 (3) ◽

pp. 429-451 ◽

Cited By ~ 49

Author(s):

ELLIE D'HONDT ◽

PRAKASH PANANGADEN

Keyword(s):

Quantum Computation ◽

Representation Theorem ◽

Completely Positive Maps ◽

Completely Positive ◽

Weakest Precondition ◽

Positive Maps ◽

Weakest Preconditions ◽

Predicate Transformer ◽

Usual State ◽

Stone Type

We develop a notion of predicate transformer and, in particular, the weakest precondition, appropriate for quantum computation. We show that there is a Stone-type duality between the usual state-transformer semantics and the weakest precondition semantics. Rather than trying to reduce quantum computation to probabilistic programming, we develop a notion that is directly taken from concepts used in quantum computation. The proof that weakest preconditions exist for completely positive maps follows immediately from the Kraus representation theorem. As an example, we give the semantics of Selinger's language in terms of our weakest preconditions. We also cover some specific situations and exhibit an interesting link with stabilisers.

Download Full-text

Visualization Technique for Intrusion Detection

Security and Privacy Management, Techniques, and Protocols - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-5583-4.ch011 ◽

2018 ◽

pp. 276-290

Author(s):

Mohamed Cheikh ◽

Salima Hacini ◽

Zizette Boufaida

Keyword(s):

Intrusion Detection ◽

Computer Security ◽

Detection System ◽

Denial Of Service ◽

High Rate ◽

False Alarms ◽

Dos Attacks ◽

Network Parameter ◽

A New Technique ◽

Parameter Values

Intrusion detection system (IDS) plays a vital and crucial role in a computer security. However, they suffer from a number of problems such as low detection of DoS (denial-of-service)/DDoS (distributed denial-of-service) attacks with a high rate of false alarms. In this chapter, a new technique for detecting DoS attacks is proposed; it detects DOS attacks using a set of classifiers and visualizes them in real time. This technique is based on the collection of network parameter values (data packets), which are automatically represented by simple geometric graphs in order to highlight relevant elements. Two implementations for this technique are performed. The first is based on the Euclidian distance while the second is based on KNN algorithm. The effectiveness of the proposed technique has been proven through a simulation of network traffic drawn from the 10% KDD and a comparison with other classification techniques for intrusion detection.

Download Full-text

Boater Safety: Communicating Weather Forecast Information to High-Stakes End Users

Weather Climate and Society ◽

10.1175/wcas-d-11-00025.1 ◽

2012 ◽

Vol 4 (1) ◽

pp. 7-19 ◽

Cited By ~ 17

Author(s):

Sonia Savelli ◽

Susan Joslyn

Keyword(s):

Pacific Northwest ◽

Online Survey ◽

Puget Sound ◽

Weather Forecast ◽

High Rate ◽

False Alarms ◽

High Stakes ◽

Precautionary Action ◽

Time Of Year ◽

Almost All

Abstract Recreational boaters in the Pacific Northwest understand that there is uncertainty inherent in deterministic forecasts as well as some of the factors that increase uncertainty. This was determined in an online survey of 166 boaters in the Puget Sound area. Understanding was probed using questions that asked respondents what they expected to observe when given a deterministic forecast with a specified lead time, for a particular weather parameter, during a particular time of year. It was also probed by asking respondents to estimate the number of observations, out of 100 or out of 10, that they expected to fall within specified ranges around the deterministic forecast. Almost all respondents anticipated some uncertainty in the deterministic forecast as well as specific biases, most of which were born out by an analysis of local National Weather Service verification data. Interestingly, uncertainty and biases were anticipated for categorical forecasts indicating a range of values as well, suggesting that specifying numeric uncertainty would improve understanding. Furthermore, respondents’ answers suggested that they expected a high rate of false alarms among warning and advisory forecasts. Nonetheless, boaters indicated that they would take precautionary action in response to such warnings, in proportions related to the size of boat they were operating. This suggests that uncertainty forecasts would be useful to these experienced forecast consumers, allowing them to adapt the forecast to their specific boating situation with greater confidence.

Download Full-text

Real‐Time Arrhythmia Detection Using Hybrid Convolutional Neural Networks

Journal of the American Heart Association ◽

10.1161/jaha.121.023222 ◽

2021 ◽

Author(s):

Sandeep Chandra Bollepalli ◽

Rahul K. Sevakula ◽

Wan‐Tai M. Au‐Yeung ◽

Mohamad B. Kassab ◽

Faisal M. Merchant ◽

...

Keyword(s):

Neural Network ◽

Neural Networks ◽

Convolutional Neural Network ◽

Convolutional Neural Networks ◽

High Rate ◽

Superior Performance ◽

False Alarms ◽

Arrhythmia Detection ◽

Arterial Blood ◽

Life Threatening

Background Accurate detection of arrhythmic events in the intensive care units (ICU) is of paramount significance in providing timely care. However, traditional ICU monitors generate a high rate of false alarms causing alarm fatigue. In this work, we develop an algorithm to improve life threatening arrhythmia detection in the ICUs using a deep learning approach. Methods and Results This study involves a total of 953 independent life‐threatening arrhythmia alarms generated from the ICU bedside monitors of 410 patients. Specifically, we used the ECG (4 channels), arterial blood pressure, and photoplethysmograph signals to accurately detect the onset and offset of various arrhythmias, without prior knowledge of the alarm type. We used a hybrid convolutional neural network based classifier that fuses traditional handcrafted features with features automatically learned using convolutional neural networks. Further, the proposed architecture remains flexible to be adapted to various arrhythmic conditions as well as multiple physiological signals. Our hybrid‐ convolutional neural network approach achieved superior performance compared with methods which only used convolutional neural network. We evaluated our algorithm using 5‐fold cross‐validation for 5 times and obtained an accuracy of 87.5%±0.5%, and a score of 81%±0.9%. Independent evaluation of our algorithm on the publicly available PhysioNet 2015 Challenge database resulted in overall classification accuracy and score of 93.9% and 84.3%, respectively, indicating its efficacy and generalizability. Conclusions Our method accurately detects multiple arrhythmic conditions. Suitable translation of our algorithm may significantly improve the quality of care in ICUs by reducing the burden of false alarms.

Download Full-text

AndroShield: Automated Android Applications Vulnerability Detection, a Hybrid Static and Dynamic Analysis Approach

Information ◽

10.3390/info10100326 ◽

2019 ◽

Vol 10 (10) ◽

pp. 326 ◽

Cited By ~ 3

Author(s):

Amr Amin ◽

Amgad Eldessouki ◽

Menna Tullah Magdy ◽

Nouran Abdeen ◽

Hanan Hindy ◽

...

Keyword(s):

Dynamic Analysis ◽

Static Analysis ◽

Mobile Applications ◽

Web Application ◽

Hybrid Approach ◽

High Rate ◽

Vulnerability Detection ◽

Security Testing ◽

Static And Dynamic Analysis ◽

Android Applications

The security of mobile applications has become a major research field which is associated with a lot of challenges. The high rate of developing mobile applications has resulted in less secure applications. This is due to what is called the “rush to release” as defined by Ponemon Institute. Security testing—which is considered one of the main phases of the development life cycle—is either not performed or given minimal time; hence, there is a need for security testing automation. One of the techniques used is Automated Vulnerability Detection. Vulnerability detection is one of the security tests that aims at pinpointing potential security leaks. Fixing those leaks results in protecting smart-phones and tablet mobile device users against attacks. This paper focuses on building a hybrid approach of static and dynamic analysis for detecting the vulnerabilities of Android applications. This approach is capsuled in a usable platform (web application) to make it easy to use for both public users and professional developers. Static analysis, on one hand, performs code analysis. It does not require running the application to detect vulnerabilities. Dynamic analysis, on the other hand, detects the vulnerabilities that are dependent on the run-time behaviour of the application and cannot be detected using static analysis. The model is evaluated against different applications with different security vulnerabilities. Compared with other detection platforms, our model detects information leaks as well as insecure network requests alongside other commonly detected flaws that harm users’ privacy. The code is available through a GitHub repository for public contribution.

Download Full-text

Elimination of Position-Change Alarms in an Alzheimer’s and Dementia Long-Term Care Facility

American Journal of Alzheimer s Disease & Other Dementias® ◽

10.1177/1533317511432730 ◽

2011 ◽

Vol 26 (8) ◽

pp. 599-605 ◽

Cited By ~ 13

Author(s):

Katrina Bressler ◽

Roberta E.Redfern ◽

Megan Brown

Keyword(s):

Health Care ◽

Long Term Care ◽

Care Facility ◽

High Rate ◽

False Alarms ◽

Position Change ◽

Term Care ◽

Term Care Facility ◽

Long Term Care Facility

In a long-term care facility, whose residents have been diagnosed with Alzheimer’s disease or dementia, falls are a particularly prominent issue. Technology in health care has continued to evolve and play a larger role in how we care for our patients, even in preventing falls. However, overreliance on these types of technologies may have detrimental effects. In our facility, it was felt that staff reliance on position-change alarms was inappropriate due to the high rate of false alarms associated with these devices. We took a tiered approach to removing position-change alarms from our facility, monitoring the fall incidence rate for a period before, during, and after the elimination of these alarms. After discontinuing their use, we found a decrease in the rate of falls, and a decrease in the percentage of our residents who fell. Staff has easily adapted and reports a calmer, more pleasant environment.

Download Full-text

An Open Source, Extensible Malware Analysis Platform

MATEC Web of Conferences ◽

10.1051/matecconf/201818805009 ◽

2018 ◽

Vol 188 ◽

pp. 05009

Author(s):

P. Michalopoulos ◽

V. Ieronymakis ◽

M.T. Khan ◽

D. Serpanos

Keyword(s):

Open Source ◽

Malware Detection ◽

High Rate ◽

Machine Learning Techniques ◽

False Alarms ◽

Malware Analysis ◽

Detection Techniques ◽

It Systems ◽

The One ◽

Analysis Platform

A malware (such as viruses, ransomware) is the main source of bringing serious security threats to the IT systems and their users now-adays. In order to protect the systems and their legitimate users from these threats, anti-malware applications are developed as a defense against malware. However, most of these applications detect malware based on signatures or heuristics that are still created manually and are error prune. Some recent applications employ data mining and machine learning techniques to detect malware automatically. However, such applications fail to classify them appropriately mainly because they suffer from high rate of false alarms on the one hand and being retrospective, fail to detect new unknown threats and variants of known malware on the other hand. Since anti-malware vendors receive a huge number of malware samples every day, there is an urgent need for malware analysis tools that can automatically detect malware rigorously, i.e. eliminating false alarms. To address these issues and challenges of current malware detection and analysis approaches, we propose a novel, open source and extensible platform (based on set of tools) that allows to combine various malware detection techniques to automatically detect/classify a malware more rigorously. The developed platform can be fed with malware samples from different providers and will enable the development of effective classification schemes and methods, which are not sufficiently effective without collaboration and the related sample aggregation. Furthermore, such collaborative platforms in cybersecurity enable efficient sharing of information (e.g., about new identified threats) to all collaborators and sharing of appropriate defences against them, if such defences exist.

Download Full-text

High confidence in falsely recognizing prototypical faces

Quarterly Journal of Experimental Psychology ◽

10.1080/17470218.2017.1329844 ◽

2018 ◽

Vol 71 (6) ◽

pp. 1348-1356 ◽

Cited By ~ 2

Author(s):

Cristina Sampaio ◽

Victoria Reinke ◽

Jeffrey Mathews ◽

Alexandra Swart ◽

Stephen Wallinger

Keyword(s):

Face Recognition ◽

Multiple Choice ◽

Recognition Task ◽

Choice Task ◽

High Rate ◽

False Alarms ◽

High Confidence ◽

Accuracy Relationship

We applied a metacognitive approach to investigate confidence in recognition of prototypical faces. Participants were presented with sets of faces constructed digitally as deviations from prototype/base faces. Participants were then tested with a simple recognition task (Experiment 1) or a multiple-choice task (Experiment 2) for old and new items plus new prototypes, and they showed a high rate of confident false alarms to the prototypes. Confidence and accuracy relationship in this face recognition paradigm was found to be positive for standard items but negative for the prototypes; thus, it was contingent on the nature of the items used. The data have implications for lineups that employ match-to-suspect strategies.

Download Full-text

Teaching Visual Analysis of Time Series Data

Behavioural and Cognitive Psychotherapy ◽

10.1017/s1352465800015101 ◽

1996 ◽

Vol 24 (3) ◽

pp. 247-261 ◽

Cited By ~ 3

Author(s):

Ian A. James ◽

Paul S. Smith ◽

Derek Milne

Keyword(s):

Time Series ◽

Visual Analysis ◽

Time Series Data ◽

Mean Shift ◽

High Sensitivity ◽

Training Programme ◽

High Rate ◽

Series Data ◽

False Alarms ◽

Single Subject

Visual analysis, or “eyeballing”, of single subject (N=l) data is the commonest technique for analysing time series data. The present study examined firstly, psychologists' abilities to determine significant change between baseline (A) and therapeutic (B) phases, and secondly, the decision making process in relation to the visual components of such graphs. Thirdly, it looked at the effect that a training programme had on psychologists' abilities to identify significant A−B change. The results revealed that the participants were poor at identifying significant effects from non-significant changes. In particular, the study found a high rate of false alarms (Type 1 errors), and a low rate of misses (Type 2 errors), i.e. high sensitivity but poor specificity. The only visual components to significantly alter decisions were the degree of serial dependency and the mean shift component. The teaching influenced the participants' judgements. In general, participants became more conservative, but there was limited evidence of a significant improvement in their judgements following the teaching.

Download Full-text