985 resultados para Machine-readable Library Cataloguing
Resumo:
Malicious software (malware) have significantly increased in terms of number and effectiveness during the past years. Until 2006, such software were mostly used to disrupt network infrastructures or to show coders’ skills. Nowadays, malware constitute a very important source of economical profit, and are very difficult to detect. Thousands of novel variants are released every day, and modern obfuscation techniques are used to ensure that signature-based anti-malware systems are not able to detect such threats. This tendency has also appeared on mobile devices, with Android being the most targeted platform. To counteract this phenomenon, a lot of approaches have been developed by the scientific community that attempt to increase the resilience of anti-malware systems. Most of these approaches rely on machine learning, and have become very popular also in commercial applications. However, attackers are now knowledgeable about these systems, and have started preparing their countermeasures. This has lead to an arms race between attackers and developers. Novel systems are progressively built to tackle the attacks that get more and more sophisticated. For this reason, a necessity grows for the developers to anticipate the attackers’ moves. This means that defense systems should be built proactively, i.e., by introducing some security design principles in their development. The main goal of this work is showing that such proactive approach can be employed on a number of case studies. To do so, I adopted a global methodology that can be divided in two steps. First, understanding what are the vulnerabilities of current state-of-the-art systems (this anticipates the attacker’s moves). Then, developing novel systems that are robust to these attacks, or suggesting research guidelines with which current systems can be improved. This work presents two main case studies, concerning the detection of PDF and Android malware. The idea is showing that a proactive approach can be applied both on the X86 and mobile world. The contributions provided on this two case studies are multifolded. With respect to PDF files, I first develop novel attacks that can empirically and optimally evade current state-of-the-art detectors. Then, I propose possible solutions with which it is possible to increase the robustness of such detectors against known and novel attacks. With respect to the Android case study, I first show how current signature-based tools and academically developed systems are weak against empirical obfuscation attacks, which can be easily employed without particular knowledge of the targeted systems. Then, I examine a possible strategy to build a machine learning detector that is robust against both empirical obfuscation and optimal attacks. Finally, I will show how proactive approaches can be also employed to develop systems that are not aimed at detecting malware, such as mobile fingerprinting systems. In particular, I propose a methodology to build a powerful mobile fingerprinting system, and examine possible attacks with which users might be able to evade it, thus preserving their privacy. To provide the aforementioned contributions, I co-developed (with the cooperation of the researchers at PRALab and Ruhr-Universität Bochum) various systems: a library to perform optimal attacks against machine learning systems (AdversariaLib), a framework for automatically obfuscating Android applications, a system to the robust detection of Javascript malware inside PDF files (LuxOR), a robust machine learning system to the detection of Android malware, and a system to fingerprint mobile devices. I also contributed to develop Android PRAGuard, a dataset containing a lot of empirical obfuscation attacks against the Android platform. Finally, I entirely developed Slayer NEO, an evolution of a previous system to the detection of PDF malware. The results attained by using the aforementioned tools show that it is possible to proactively build systems that predict possible evasion attacks. This suggests that a proactive approach is crucial to build systems that provide concrete security against general and evasion attacks.
Resumo:
Ellis, D.I., Broadhurst, D., Rowland, J.J. and Goodacre, R. (2005) Rapid detection method for microbial spoilage using FT-IR and machine learning. In: Rapid Methods for Food and Feed Quality Determination, (Eds) van Amerongen, A., Barug, D and Lauwaars, M., Wageningen Academic Publishers, Wageningen, Netherlands, in press.
Resumo:
Janet Taylor, Ross D King, Thomas Altmann and Oliver Fiehn (2002). Application of metabolomics to plant genotype discrimination using statistics and machine learning. 1st European Conference on Computational Biology (ECCB). (published as a journal supplement in Bioinformatics 18: S241-S248).
Resumo:
Draper, J., Darby, R.M., Beckmann, M., Maddison, A.L., Mondhe, M., Sheldrick, C., Taylor, J., Goodacre, R., and Kell, D.B. (2002) Metabolic Engineering, metabolite profiling and machine learning to investigate the phloem-mobile signal in systemic acquired resistance in tobacco. First International Congress on Plant Metabolomics, Wageningen, The Netherlands
Resumo:
Ellis, D. I., Broadhurst, D., Kell, D. B., Rowland, J. J., Goodacre, R. (2002). Rapid and quantitative detection of the microbial spoilage of meat by Fourier Transform Infrared Spectroscopy and machine learning. ? Applied and Environmental Microbiology, 68, (6), 2822-2828 Sponsorship: BBSRC
Resumo:
Clare, A. and King R.D. (2002) Machine learning of functional class from phenotype data. Bioinformatics 18(1) 160-166
Resumo:
Tedd, L.(2006). Program: a record of the first 40 years of electronic library and information systems. Program: electronic library and information systems,40(1), 11-26.
Resumo:
Tedd, L.A. (2005). 40 years of library and information studies education in Wales. Education for Information, 23(1/2), 1-8.
Resumo:
Tedd, L.A. (2003). Library co-operation and ICT in the UK: an overview. Information Services and Use, 23(4), 199-210
Resumo:
Urquhart, C., Durbin, J. & Turner, J. (2005). North Wales Clinical Librarian project. Final project report. Aberystwyth: Department of Information Studies. Summary report, plus individual site summary reports also available from http://users.aber.ac.uk/cju/ Sponsorship: NHS Trusts in North Wales
Resumo:
Urquhart, C., Spink, S., Thomas, R. & Durbin, J. (2005). Systematic assessment of the training needs of health library staff. Library and Information Research, 29(93), 35-42. Sponsorship: National Library for Health (NLH)
Resumo:
Thomas, R. & Urquhart, C. NHS Wales e-library portal evaluation. (For Informing Healthcare Strategy implementation programme). Aberystwyth: Department of Information Studies, University of Wales Aberystwyth Follow-on to NHS Wales User Needs study Sponsorship: Informing Healthcare, NHS Wales
Resumo:
Cooper, J., Spink, S., Thomas, R. & Urquhart, C. (2005). Evaluation of the Specialist Libraries/Communities of Practice. Report for National Library for Health. Aberystwyth: Department of Information Studies, University of Wales Aberystwyth. Sponsorship: National Library for Health (NLH)
Resumo:
Urquhart, C., Spink, S. & Thomas, R., Assessing training and professional development needs of library staff. Report for National Library of Health. (2005). Aberystwyth: Department of Information Studies, University of Wales Aberystwyth Sponsorship: National Library for Health (NHS Information Authority)
Resumo:
Yeoman, A. J., Cooper, J. M., Urquhart, C. J. & Tyler, A. (2003). The management of health library outreach services: evaluation and reflection on lessons learned on the VIVOS project. Journal of the Medical Library Association, 91(4), 426-433. Sponsorship: Resource
