Analysis of Bayesian classification-based approaches for Android malware detection

Mobile malware has been growing in scale and complexity spurred by the unabated uptake of smartphones worldwide. Android is fast becoming the most popular mobile platform resulting in sharp increase in malware targeting the platform. Additionally, Android malware is evolving rapidly to evade detection by traditional signature-based scanning. Despite current detection measures in place, timely discovery of new malware is still a critical issue. This calls for novel approaches to mitigate the growing threat of zero-day Android malware. Hence, the authors develop and analyse proactive machine-learning approaches based on Bayesian classification aimed at uncovering unknown Android malware via static analysis. The study, which is based on a large malware sample set of majority of the existing families, demonstrates detection capabilities with high accuracy. Empirical results and comparative analysis are presented offering useful insight towards development of effective static-analytic Bayesian classification-based solutions for detecting unknown Android malware.

Rule-Based Intrusion Detection System for SCADA Networks

Increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in Smart Grids potentially means greater susceptibility to malicious attackers. SCADA systems with legacy communication infrastructure have inherent cyber-security vulnerabilities as these systems were originally designed with little consideration of cyber threats. In order to improve cyber-security of SCADA networks, this paper presents a rule-based Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method, which includes signature-based and model-based approaches tailored for SCADA systems. The proposed signature-based rules can accurately detect several known suspicious or malicious attacks. In addition, model-based detection is proposed as a complementary method to detect unknown attacks. Finally, proposed intrusion detection approaches for SCADA networks are implemented and verified using a ruled based method.

Intrusion Detection System for IEC 60870-5-104 Based SCADA Networks

Increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in Smart Grids potentially means greater susceptibility to malicious attackers. SCADA systems with legacy communication infrastructure have inherent cyber-security vulnerabilities as these systems were originally designed with little consideration of cyber threats. In order to improve cyber-security of SCADA networks, this paper presents a rule-based Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method, which includes signature-based and model-based approaches tailored for SCADA systems. The proposed signature-based rules can accurately detect several known suspicious or malicious attacks. In addition, model-based detection is proposed as a complementary method to detect unknown attacks. Finally, proposed intrusion detection approaches for SCADA networks are implemented and verified via Snort rules.

Model selection for prognostic time-to-event gene signature discovery with applications in early breast cancer data

Model selection between competing models is a key consideration in the discovery of prognostic multigene signatures. The use of appropriate statistical performance measures as well as verification of biological significance of the signatures is imperative to maximise the chance of external validation of the generated signatures. Current approaches in time-to-event studies often use only a single measure of performance in model selection, such as logrank test p-values, or dichotomise the follow-up times at some phase of the study to facilitate signature discovery. In this study we improve the prognostic signature discovery process through the application of the multivariate partial Cox model combined with the concordance index, hazard ratio of predictions, independence from available clinical covariates and biological enrichment as measures of signature performance. The proposed framework was applied to discover prognostic multigene signatures from early breast cancer data. The partial Cox model combined with the multiple performance measures were used in both guiding the selection of the optimal panel of prognostic genes and prediction of risk within cross validation without dichotomising the follow-up times at any stage. The signatures were successfully externally cross validated in independent breast cancer datasets, yielding a hazard ratio of 2.55 [1.44, 4.51] for the top ranking signature.

The progenitor mass of the Type IIP supernova SN 2004et from late-time spectral modeling

SN 2004et is one of the nearest and best-observed Type IIP supernovae, with a progenitor detection as well as good photometric and spectroscopic observational coverage well into the nebular phase. Based on nucleosynthesis from stellar evolution/explosion models we apply spectral modeling to analyze its 140-700 day evolution from ultraviolet to mid-infrared. We find a M_ZAMS= 15 Msun progenitor star (with an oxygen mass of 0.8 Msun) to satisfactorily reproduce [O I] 6300, 6364 {\AA} and other emission lines of carbon, sodium, magnesium, and silicon, while 12 Msun and 19 Msun models under- and overproduce most of these lines, respectively. This result is in fair agreement with the mass derived from the progenitor detection, but in disagreement with hydrodynamical modeling of the early-time light curve. From modeling of the mid-infrared iron-group emission lines, we determine the density of the "Ni-bubble" to rho(t) = 7E-14*(t/100d)^-3 g cm^-3, corresponding to a filling factor of f = 0.15 in the metal core region (V = 1800 km/s). We also confirm that silicate dust, CO, and SiO emission are all present in the spectra.

Predictive Maintenance for Improved Sustainability - An Ion Beam Etch Endpoint Detection System Use Case

In modern semiconductor manufacturing facilities maintenance strategies are increasingly shifting from traditional preventive maintenance (PM) based approaches to more efficient and sustainable predictive maintenance (PdM) approaches. This paper describes the development of such an online PdM module for the endpoint detection system of an ion beam etch tool in semiconductor manufacturing. The developed system uses optical emission spectroscopy (OES) data from the endpoint detection system to estimate the RUL of lenses, a key detector component that degrades over time. Simulation studies for historical data for the use case demonstrate the effectiveness of the proposed PdM solution and the potential for improved sustainability that it affords.

Enhancing Linear Programming with Motion Modeling for Multi-target Tracking

In this paper we extend the minimum-cost network flow approach to multi-target tracking, by incorporating a motion model, allowing the tracker to better cope with longterm occlusions and missed detections. In our new method, the tracking problem is solved iteratively: Firstly, an initial tracking solution is found without the help of motion information. Given this initial set of tracklets, the motion at each detection is estimated, and used to refine the tracking solution.
Finally, special edges are added to the tracking graph, allowing a further revised tracking solution to be found, where distant tracklets may be linked based on motion similarity. Our system has been tested on the PETS S2.L1 and Oxford town-center sequences, outperforming the baseline system, and achieving results comparable with the current state of the art.

A New Android Malware Detection Method Using Bayesian Classification

Mobile malware has been growing in scale and complexity as smartphone usage continues to rise. Android has surpassed other mobile platforms as the most popular whilst also witnessing a dramatic increase in malware targeting the platform. A worrying trend that is emerging is the increasing sophistication of Android malware to evade detection by traditional signature-based scanners. As such, Android app marketplaces remain at risk of hosting malicious apps that could evade detection before being downloaded by unsuspecting users. Hence, in this paper we present an effective approach to alleviate this problem based on Bayesian classification models obtained from static code analysis. The models are built from a collection of code and app characteristics that provide indicators of potential malicious activities. The models are evaluated with real malware samples in the wild and results of experiments are presented to demonstrate the effectiveness of the proposed approach.

High accuracy android malware detection using ensemble learning

With over 50 billion downloads and more than 1.3 million apps in Google’s official market, Android has continued to gain popularity amongst smartphone users worldwide. At the same time there has been a rise in malware targeting the platform, with more recent strains employing highly sophisticated detection avoidance techniques. As traditional signature based methods become less potent in detecting unknown malware, alternatives are needed for timely zero-day discovery. Thus this paper proposes an approach that utilizes ensemble learning for Android malware detection. It combines advantages of static analysis with the efficiency and performance of ensemble machine learning to improve Android malware detection accuracy. The machine learning models are built using a large repository of malware samples and benign apps from a leading antivirus vendor. Experimental results and analysis presented shows that the proposed method which uses a large feature space to leverage the power of ensemble learning is capable of 97.3 % to 99% detection accuracy with very low false positive rates.

Meta-analysis of prostate cancer gene expression data identifies a novel discriminatory signature enriched for glycosylating enzymes

BACKGROUND: Tumorigenesis is characterised by changes in transcriptional control. Extensive transcript expression data have been acquired over the last decade and used to classify prostate cancers. Prostate cancer is, however, a heterogeneous multifocal cancer and this poses challenges in identifying robust transcript biomarkers.

METHODS: In this study, we have undertaken a meta-analysis of publicly available transcriptomic data spanning datasets and technologies from the last decade and encompassing laser capture microdissected and macrodissected sample sets.

RESULTS: We identified a 33 gene signature that can discriminate between benign tissue controls and localised prostate cancers irrespective of detection platform or dissection status. These genes were significantly overexpressed in localised prostate cancer versus benign tissue in at least three datasets within the Oncomine Compendium of Expression Array Data. In addition, they were also overexpressed in a recent exon-array dataset as well a prostate cancer RNA-seq dataset generated as part of the The Cancer Genomics Atlas (TCGA) initiative. Biologically, glycosylation was the single enriched process associated with this 33 gene signature, encompassing four glycosylating enzymes. We went on to evaluate the performance of this signature against three individual markers of prostate cancer, v-ets avian erythroblastosis virus E26 oncogene homolog (ERG) expression, prostate specific antigen (PSA) expression and androgen receptor (AR) expression in an additional independent dataset. Our signature had greater discriminatory power than these markers both for localised cancer and metastatic disease relative to benign tissue, or in the case of metastasis, also localised prostate cancer.

CONCLUSION: In conclusion, robust transcript biomarkers are present within datasets assembled over many years and cohorts and our study provides both examples and a strategy for refining and comparing datasets to obtain additional markers as more data are generated.

Gamma-ray diagnostics of Type Ia supernovae. Predictions of observables from three-dimensional modeling

Context. Although the question of progenitor systems and detailed explosion mechanisms still remains a matter of discussion, it is commonly believed that Type Ia supernovae (SNe Ia) are production sites of large amounts of radioactive nuclei. Even though the gamma-ray emission due to radioactive decays is responsible for powering the light curves of SNe Ia, gamma rays themselves are of particular interest as a diagnostic tool because they directly lead to deeper insight into the nucleosynthesis and the kinematics of these explosion events. Aims: We study the evolution of gamma-ray line and continuum emission of SNe Ia with the objective of analyzing the relevance of observations in this energy range. We seek to investigate the chances for the success of future MeV missions regarding their capabilities for constraining the intrinsic properties and the physical processes of SNe Ia. Methods: Focusing on two of the most broadly discussed SN Ia progenitor scenarios - a delayed detonation in a Chandrasekhar-mass white dwarf (WD) and a violent merger of two WDs - we used three-dimensional explosion models and performed radiative transfer simulations to obtain synthetic gamma-ray spectra. Both chosen models produce the same mass of 56Ni and have similar optical properties that are in reasonable agreement with the recently observed supernova SN 2011fe. We examine the gamma-ray spectra with respect to their distinct features and draw connections to certain characteristics of the explosion models. Applying diagnostics, such as line and hardness ratios, the detection prospects for future gamma-ray missions with higher sensitivities in the MeV energy range are discussed. Results: In contrast to the optical regime, the gamma-ray emission of our two chosen models proves to be quite different. The almost direct connection of the emission of gamma rays to fundamental physical processes occurring in SNe Ia permits additional constraints concerning several explosion model properties that are not easily accessible within other wavelength ranges. Proposed future MeV missions such as GRIPS will resolve all spectral details only for nearby SNe Ia, but hardness ratio and light curve measurements still allow for a distinction of the two different models at 10 Mpc and 16 Mpc for an exposure time of 106 s. The possibility of detecting the strongest line features up to the Virgo distance will offer the opportunity to build up a first sample of SN Ia detections in the gamma-ray energy range and underlines the importance of future space observatories for MeV gamma rays.

Fuzzy model identification by evolutionary, gradient based and memtic algorithms

One of the crucial problems of fuzzy rule modeling is how to find an optimal or at least a quasi-optimal rule base fro a certain system. In most applications there is no human expert available, or, the result of a human expert's decision is too much subjective and is not reproducible, thus some automatic method to determine the fuzzy rule base must be deployed.

Neuro-Fuzzy based Identification of Meat Spoilage using an Electronic Nose

Freshness and safety of muscle foods are generally considered as the most important parameters for the food industry. The performance of a portable electronic nose has been evaluated in monitoring the spoilage of beef fillet stored aerobically at different storage temperatures (0, 4, 8, 12, 16 and 20°C). An adaptive fuzzy logic system model that utilizes a prototype defuzzification scheme has been developed to classify beef samples in their respective quality class and to predict their associated microbiological population directly from volatile compounds fingerprints. Results confirmed the superiority of the adopted methodology and indicated that volatile information in combination with an efficient choice of a modeling scheme could be considered as an alternative methodology for the accurate evaluation of meat spoilage

Fuzzy Monte Carlo mathematical model for load curtailment minimization in transmission power systems

This paper presents a methodology which is based on statistical failure and repair data of the transmission power system components and uses fuzzyprobabilistic modeling for system component outage parameters. Using statistical records allows developing the fuzzy membership functions of system component outage parameters. The proposed hybrid method of fuzzy set and Monte Carlo simulation based on the fuzzy-probabilistic models allows catching both randomness and fuzziness of component outage parameters. A network contingency analysis to identify any overloading or voltage violation in the network is performed once obtained the system states by Monte Carlo simulation. This is followed by a remedial action algorithm, based on optimal power flow, to reschedule generations and alleviate constraint violations and, at the same time, to avoid any load curtailment, if possible, or, otherwise, to minimize the total load curtailment, for the states identified by the contingency analysis. In order to illustrate the application of the proposed methodology to a practical case, the paper will include a case study for the Reliability Test System (RTS) 1996 IEEE 24 BUS.