Characterizing Linux-based malware: Findings and recent trends
مشخص کردن بدافزار مبتنی بر لینوکس: یافته ها و روندهای اخیر-2020
Malware targeting interconnected infrastructures has surged in recent years. A major factor driving this phenomenon is the proliferation of large networks of poorly secured IoT devices. This is exacerbated by the commoditization of the malware development industry, in which tools can be readily obtained in specialized hacking forums or underground markets. However, despite the great interest in targeting this infrastructure, there is little understanding of what the main features of this type of malware are, or the motives of the criminals behind it, apart from the classic denial of service attacks. This is vital to modern malware forensics, where analyses are required to measure the trustworthiness of files collected at large during an investigation, but also to confront challenges posed by tech-savvy criminals (e.g., Trojan Horse Defense). In this paper, we present a comprehensive characterization of Linux-based malware. Our study is tailored to IoT malware and it leverages automated techniques using both static and dynamic analysis to classify malware into related threats. By looking at the most representative dataset of Linux-based malware collected by the community to date, we are able to show that our system can accurately characterize known threats. As a key novelty, we use our system to investigate a number of threats unknown to the community. We do this in two steps. First, we identify known patterns within an unlabeled dataset using a classifier trained with the labeled dataset. Second, we combine our features with a custom distance function to discover new threats by clustering together similar samples. We further study each of the unknown clusters by using state-of-the-art reverse engineering and forensic techniques and our expertise as malware analysts. We provide an in-depth analysis of what the most recent unknown trends are through a number of case studies. Among other findings, we observe that: i) crypto-mining malware is permeating the IoT infrastructure, ii) the level of sophistication is increasing, and iii) there is a rapid proliferation of new variants with minimal investment in infrastructure.
Keywords: Malware forensics | IoT | Embedded systems | Data analytics | Machine learning | Expert systems
Analytical games for knowledge engineering of expert systems in support to Situational Awareness: The Reliability Game case study
بازی های تحلیلی برای مهندسی دانش سیستم های خبره در حمایت از آگاهی وضعیتی: مطالعه موردی بازی اطمینان-2019
Knowledge Acquisition (KA) methods are of paramount importance in the design of intelligent systems. Research is ongoing to improve their effectiveness and efficiency. Analytical games appear to be a promis- ing tool to support KA. In fact, in this paper we describe how analytical games could be used for Knowl- edge Engineering of Bayesian networks, through the presentation of the case study of the Reliability Game. This game has been developed with the aim of collecting data on the impact of meta-knowledge about sources of information upon human Situational Assessment in a maritime context. In this paper we describe the computational model obtained from the dataset and how the card positions, which reflect a player belief, can be easily converted in subjective probabilities and used to learn latent constructs, such as the source reliability, by applying the Expectation-Maximisation algorithm.
Keywords: Source reliability | Expert knowledge | Knowledge acquisition | Bayesian networks | Parameter learning | Analytical game
A systematic survey of computer-aided diagnosis in medicine: Past and present developments
مرور سیستماتیک تشخیص کمک به رایانه در پزشکی: تحولات گذشته و حال-2019
Computer-aided diagnosis (CAD) in medicine is the result of a large amount of effort expended in the interface of medicine and computer science. As some CAD systems in medicine try to emulate the diag- nostic decision-making process of medical experts, they can be considered as expert systems in medicine. Furthermore, CAD systems in medicine may process clinical data that can be complex and/or massive in size. They do so in order to infer new knowledge from data and use that knowledge to improve their diagnostic performance over time. Therefore, such systems can also be viewed as intelligent systems be- cause they use a feedback mechanism to improve their performance over time. The main aim of the literature survey described in this paper is to provide a comprehensive overview of past and current CAD developments. This survey/review can be of significant value to researchers and professionals in medicine and computer science. There are already some reviews about specific aspects of CAD in medicine. How- ever, this paper focuses on the entire spectrum of the capabilities of CAD systems in medicine. It also identifies the key developments that have led to today’s state-of-the-art in this area. It presents an ex- tensive and systematic literature review of CAD in medicine, based on 251 carefully selected publica- tions. While medicine and computer science have advanced dramatically in recent years, each area has also become profoundly more complex. This paper advocates that in order to further develop and im- prove CAD, it is required to have well-coordinated work among researchers and professionals in these two constituent fields. Finally, this survey helps to highlight areas where there are opportunities to make significant new contributions. This may profoundly impact future research in medicine and in select areas of computer science.
Keywords: Computer-aided diagnosis | Computer-aided detection | Expert and intelligent systems | Computerized signal analysis | Segmentation | Classification
Supervisory control strategies evaluated on a pilot Jameson flotation cell
استراتژی های کنترل نظارت بر روی یک سلول شناور جیمسون خلبان ارزیابی شده-2019
An L-150 pilot Jameson flotation cell was instrumented and a distributed control system was developed. The parameters of a metallurgic phenomenological model were estimated from industrial data. A steady state simulator was built based on this nonlinear model. This hybrid system combines on-line measured operating variables with virtual variables, characterizing the feed. All these variables are fed on-line to a simulator to predict the characteristics of the concentrate and tailings. The expert system modifies the set points of the distributed control system, including two routines: expert feedback and feed forward control. Several cases for different feed conditions are discussed.
Keywords: Control | Flotation | Expert systems | Supervision | Jameson cell
Do we need a buildings’ inspection, diagnosis and service life prediction software?
آیا به نرم افزار بازرسی ، تشخیص و پیش بینی طول عمر ساختمان ها احتیاج داریم؟-2019
During decades, the maintenance of buildings has been mainly reactive, based on subjective criteria, thus compromising the users’ safety and leading to a built park highly deteriorated. The effective planning of maintenance strategies requires the development of accurate tools to aid stakeholders’ decisions about when and how to intervene. This study analyses the utility of two computational tools to aid the adoption of conditionbased maintenance policies, developed for the buildings’ envelope elements. The first tool is as an expert diagnosis and inspection system, which allows understanding how to intervene, based on the pathological characterization of the element analysed. The second tool provides information related with the element’s service life (when to intervene), according to their characteristics. However, before the definition of these tools, a question must be raised: “Do users need a buildings’ inspection, diagnosis and service life prediction software?” Therefore, this study performs a market survey involving 57 varied stakeholders working on the maintenance sector, evaluating the usefulness of the proposed computational tools, identifying the characteristics that the software must have to ensure its use by the sector.
Keywords: Maintenance, inspection and diagnosis | Service life | Computer models | Decision making | Expert systems
Prediction of irrigation event occurrence at farm level using optimal decision trees
پیش بینی وقوع رویداد آبیاری در سطح مزرعه با استفاده از درختان تصمیم بهینه-2019
Irrigation water demand is highly variable and depends on farmers’ decision about when to irrigate. Their decision affects the performance of the irrigation networks. An accurate daily prediction of irrigation events occurrence at farm scale is a key factor to improve the management of the irrigation districts and consequently the sustainability of the irrigated agriculture. In this work, a hybrid heuristic methodology that combines Decision Trees and Genetic Algorithm has been developed to find the optimal decision tree to model farmer’s behaviour, predicting the occurrence of irrigation events. The methodology has been tested in a real irrigation district and results showed that the optimal models developed have been able to predict between 68% and 100% of the positive irrigation events and between 93% and 100% of the negative irrigation events.
Keywords: Artificial intelligence | Multiobjective genetic algorithm | Irrigation scheduling | Expert systems
Land suitability assessments for yield prediction of cassava using geospatial fuzzy expert systems and remote sensing
ارزیابی تناسب اراضی برای پیش بینی عملکرد از این گونه گیاهان با استفاده از سیستم های خبره فازی جغرافیایی و سنجش از دور-2019
Cassava has the potential to be a promising crop that can adapt to changing climatic conditions in Indonesia due to its low water requirement and drought tolerance. However, inappropriate land selection decisions limit cassava yields and increase production-related costs to farmers. As a root crop, yield prediction using vegetation indices and biophysical properties is essential to maximize the yield of cassava before harvesting. Therefore, the purpose of this research was to develop a yield prediction model based on suitable areas that assess with land suitability analysis (LSA). For LSA, the priority indicators were identified using a fuzzy expert system combined with a multicriteria decision method including ecological categories. Furthermore, the yield prediction method was developed using satellite remote sensing datasets. In this analysis, Sentinel-2 datasets were collected and analyzed in SNAP® and ArcGIS® environments. The multisource database of ecological criteria for cassava production was built using the fuzzy membership function. The results showed that 42.17% of the land area was highly suitable for cassava production. Then, in the highly suitable area, the yield prediction model was developed using the vegetation indices based on Sentinel-2 datasets with 10m resolution for the accuracy assessment. The vegetation indices were used to predict cassava growth, biophysical condition, and phenology over the growing seasons. The NDVI, SAVI, IRECI, LAI, and fAPAR were used to develop the model for predicting cassava growth. The generated models were validated using regression analysis between observed and predicted yield. As the vegetation indices, NDVI showed higher accuracy in the yield prediction model (R2=0.62) compared to SAVI and IRECI. Meanwhile, LAI had a higher prediction accuracy (R2=0.70) than other biophysical properties, fAPAR. The combined model using NDVI, SAVI, IRECI, LAI, and fAPAR reported the highest accuracy (R2=0.77). The ground truth data were used for the evaluation of satellite remote sensing data in the comparison between the observed and predicted yields. This developed integrated model could be implemented for the management of land allocation and yield assessment in cassava production to ensure regional food security in Indonesia.
Keywords: Land suitability | Cassava | Yield prediction | Fuzzy expert systems | Remote sensing
An IoT-based cognitive monitoring system for early plant disease forecast
یک سیستم نظارت شناختی مبتنی بر اینترنت اشیا برای پیش بینی بیماری اولیه گیاه-2019
In this paper, we develop an IoT-based monitoring system for precision agriculture applications such as epidemic disease control. Such an agricultural monitoring system provides environmental monitoring services that maintain the crop growing environment in an optimal status and early predicts the conditions that lead to epidemic disease outbreak. The agricultural monitoring system provides a service to store the environmental and soil information collected from a wireless sensor network installed in the planted area in a database. Furthermore, it allows users to monitor the environmental information about the planted crops in real-time through any Internet-enabled devices. We develop artificial intelligence and prediction algorithms to realize an expert system that allows the system to emulate the decision-making ability of a human expert regarding the diseases and issue warning messages to the users before the outbreak of the disease. Field experiments showed that the proposed system reduces the number of chemical applications, and hence, promotes agriculture products with no (or minimal) chemicals residues and high-quality crops. This platform is designed to be generic enough to be used with multiple plant diseases where the software architecture can handle different plant disease models or other precision agriculture applications.
Keywords: Internet of Things (IoT) | Wireless sensor network (WSN) | Precision agriculture (PA) | Epidemic disease control Expert systems | Cognitive architectures
Determining relevant biomarkers for prediction of breast cancer using anthropometric and clinical features: A comparative investigation in machine learning paradigm
تعیین نشانگرهای زیستی مربوط به پیش بینی سرطان پستان با استفاده از خصوصیات آنتروپومتریک و کلینیکی: بررسی مقایسه ای در پارادایم یادگیری ماشین-2019
Early detection of breast cancer plays crucial role in planning and result of associated treatment. The purpose of this article is threefold: (i) to investigate whether or not clinical features obtained using routine blood analysis combined with anthropometric measure- ments can be utilized for envisaging breast cancer using predictive machine learning techniques; (ii) to explore the role of various machine learning components such as feature selection, data division protocols and classification to determine suitable biomarkers for breast cancer prediction; and (iii) to evaluate a recent database of clinical and anthropometric measurements acquired from normal individuals and individuals suffering from breast cancer. A database consisting of anthropometric and clinical attributes is used in the experiments. Various feature selection and statistical significance analysis methods are used to determine the relevance of various features. Furthermore, popular classifiers such as kernel based support vector machine (SVM), Naïve Bayesian, linear discriminant, quadratic discriminant, logistic regression, K-nearest neighbor (K-NN) and random forest were implemented and evaluated for breast cancer risk prediction using these features. Results of feature selection techniques indicate that among the nine features considered in this study, glucose, age and resistin are found to be most relevant and effective biomarkers for breast cancer prediction. Further, when these three features are used for classification, the medium K-NN classifier achieves the highest classification accuracy of 92.105% followed by medium Gaussian SVM which achieves classification accuracy of 83.684% under hold out data division protocol.
Keywords: Breast cancer biomarkers | Machine learning | Expert systems | Clinical features | Feature selection
Suppression of noises using fast independent component analysis (FICA) and signal saturation using fuzzy adaptive histogram equalization (FAHE) for intensive care unit false alarms
سرکوب سر و صدا با استفاده از تجزیه و تحلیل سریع مؤلفه مستقل (FICA) و اشباع سیگنال با استفاده از تسویه حساب هیستوگرام تطبیقی فازی (FAHE) برای آلارم های دروغین بخش مراقبت ویژه-2019
In the medical field, fake alarms are classically described as alarms with no clinical or therapeutic effects. A variety of studies exist in the clinical literature regarding the alarms monitoring in Arterial Blood Pressure (ABP) Signal and intensive care medicine. In the proposed work measurement of each one of the ABP, signal values are carried out employing the Fast Independent Component Analysis (FICA), which detects areas affected with high-frequency noise. When the noises in the samples are eliminated, then the signal saturation values are decided with the help of the Fuzzy Wavelet Transform (FWT) technique. Then, the automated feature engineering was carried out utilizing the signal for ABP along with a processed signal, which has the count of the times of every monitored heartbeat acquired from the ABP signal. Subsequently, Kullback–Leibler divergence Kernel -Support Vector Machine (KLDK-SVM), Random Forest (RF), and SVM classifiers were trained so as to generate the classification models. The newly introduced scheme can be used to help the medical professional and specialists, letting them become more useful and are responsive to alarms as quickly as possible
Keywords: Machine learning | Medical expert systems | Signal processing | Fast Independent Component Analysis | (FICA) | Fuzzy Wavelet Transform (FWT) | patient |monitoring | Time series analysis | Pattern recognition | Invalid data segments | Data processing