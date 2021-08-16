Cancel
CreatorsPublishersAdvertisers
View more in
Computers

High-performance detection tool for ReDoS-vulnerability

By Chinese Academy of Sciences
techxplore.com
 5 days ago

Cover picture for the articleRegular expressions (regexes) are widely used in different fields of computer science. However, the Regular expression Denial of Service (ReDoS) vulnerability forms a class of common and serious algorithmic complexity attacks. The existing ReDoS-vulnerability detection tools have defects of low precision or low recall rate due to the lacking of...

techxplore.com

Comments / 0

IN THIS ARTICLE
#Redos#Precision And Recall#Cve#Flashregex#Ase 2020
YOU MAY ALSO LIKE
NewsBreak
Technology
NewsBreak
Computers
NewsBreak
Computer Science
Country
China
Related
Softwarearxiv.org

Disentangled High Quality Salient Object Detection

Aiming at discovering and locating most distinctive objects from visual scenes, salient object detection (SOD) plays an essential role in various computer vision systems. Coming to the era of high resolution, SOD methods are facing new challenges. The major limitation of previous methods is that they try to identify the salient regions and estimate the accurate objects boundaries simultaneously with a single regression task at low-resolution. This practice ignores the inherent difference between the two difficult problems, resulting in poor detection quality. In this paper, we propose a novel deep learning framework for high-resolution SOD task, which disentangles the task into a low-resolution saliency classification network (LRSCN) and a high-resolution refinement network (HRRN). As a pixel-wise classification task, LRSCN is designed to capture sufficient semantics at low-resolution to identify the definite salient, background and uncertain image regions. HRRN is a regression task, which aims at accurately refining the saliency value of pixels in the uncertain region to preserve a clear object boundary at high-resolution with limited GPU memory. It is worth noting that by introducing uncertainty into the training process, our HRRN can well address the high-resolution refinement task without using any high-resolution training data. Extensive experiments on high-resolution saliency datasets as well as some widely used saliency benchmarks show that the proposed method achieves superior performance compared to the state-of-the-art methods.
TechnologyPosted by
TheStreet

Innovative Discovery Introduces AnalyzID, An Intellectual Property Theft Detection Tool

ARLINGTON, Va., Aug. 9, 2021 /PRNewswire/ -- Innovative Discovery (ID) , data experts serving law firms, corporations, and government agencies through the information lifecycle, is proud to announce the launch of its one-of-a-kind intellectual property theft detection kit, AnalyzID. AnalyzID provides a quick and in-depth forensic analysis of departed employees' computers and automatically flags suspicious activity. The analysis focuses on three main areas: evidence of covering tracks, user activity, and data exfiltration. AnalyzID is a cost-effective way to quickly assess potential intellectual property (IP) theft and mitigate risk.
SoftwareInfoQ.com

Introducing JDKMon: a New Tool to Detect and Update JDKs

Gerrit Grunwald, principal engineer at Azul, has introduced a new tool, JDKMon, that monitors and updates installed JDKs as an alternative to existing package management systems such as SDKMAN!, Homebrew and Chocolatey. With the many available JDK distributions nowadays, keeping several of them up-to-date on a user’s machine can be a challenge. JDKMon displays the installed JDK distributions that include buttons to download the latest version for each distribution.
Engineeringarxiv.org

3D High-Fidelity Mask Face Presentation Attack Detection Challenge

Ajian Liu, Chenxu Zhao, Zitong Yu, Anyang Su, Xing Liu, Zijian Kong, Jun Wan, Sergio Escalera, Hugo Jair Escalante, Zhen Lei, Guodong Guo. The threat of 3D masks to face recognition systems is increasingly serious and has been widely concerned by researchers. To facilitate the study of the algorithms, a large-scale High-Fidelity Mask dataset, namely CASIA-SURF HiFiMask (briefly HiFiMask) has been collected. Specifically, it consists of a total amount of 54, 600 videos which are recorded from 75 subjects with 225 realistic masks under 7 new kinds of sensors. Based on this dataset and Protocol 3 which evaluates both the discrimination and generalization ability of the algorithm under the open set scenarios, we organized a 3D High-Fidelity Mask Face Presentation Attack Detection Challenge to boost the research of 3D mask-based attack detection. It attracted 195 teams for the development phase with a total of 18 teams qualifying for the final round. All the results were verified and re-run by the organizing team, and the results were used for the final ranking. This paper presents an overview of the challenge, including the introduction of the dataset used, the definition of the protocol, the calculation of the evaluation criteria, and the summary and publication of the competition results. Finally, we focus on introducing and analyzing the top ranking algorithms, the conclusion summary, and the research ideas for mask attack detection provided by this competition.
Cell PhonesTelegraph

New Covid detection tool asks people to cough into smartphones

People who are being tested for Covid are being asked to cough into their smartphones, in a bid to develop a new detection app. Trials by the Department of Health are assessing whether recordings of coughs and breathing are enough to inform a diagnosis. The system – dubbed “cough in...
Industryarxiv.org

Detecting and interpreting faults in vulnerable power grids with machine learning

Unscheduled power disturbances cause severe consequences both for customers and grid operators. To defend against such events, it is necessary to identify the causes of interruptions in the power distribution network. In this work, we focus on the power grid of a Norwegian community in the Arctic that experiences several faults whose sources are unknown. First, we construct a data set consisting of relevant meteorological data and information about the current power quality logged by power-quality meters. Then, we adopt machine-learning techniques to predict the occurrence of faults. Experimental results show that both linear and non-linear classifiers achieve good classification performance. This indicates that the considered power-quality and weather variables explain well the power disturbances. Interpreting the decision process of the classifiers provides valuable insights to understand the main causes of disturbances. Traditional features selection methods can only indicate which are the variables that, on average, mostly explain the fault occurrences in the dataset. Besides providing such a global interpretation, it is also important to identify the specific set of variables that explain each individual fault. To address this challenge, we adopt a recent technique to interpret the decision process of a deep learning model, called Integrated Gradients. The proposed approach allows to gain detailed insights on the occurrence of a specific fault, which are valuable for the distribution system operators to implement strategies to prevent and mitigate power disturbances.
Electronicshakin9.org

CamRaptor – a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials

Exploits vulnerabilities in most popular camera models such as Novo, CeNova and QSee. Optimized to exploit multiple cameras at one time from list with threading enabled. usage: camraptor [-h] [-t] [-o OUTPUT] [-i INPUT] [-a ADDRESS] [--shodan SHODAN] [--zoomeye ZOOMEYE] [-p PAGES] CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials. optional arguments: -h, --help show this help message and exit -t, --threads Use threads for fastest work. -o OUTPUT, --output OUTPUT Output result to file. -i INPUT, --input INPUT Input file of addresses. -a ADDRESS, --address ADDRESS Single address. --shodan SHODAN Shodan API key for exploiting devices over Internet. --zoomeye ZOOMEYE ZoomEye API key for exploiting devices over Internet. -p PAGES, --pages PAGES Number of pages you want to get from ZoomEye.
Computer Sciencearxiv.org

Towards an Automatic Proof of Lamport's Paxos

Lamport's celebrated Paxos consensus protocol is generally viewed as a complex hard-to-understand algorithm. Notwithstanding its complexity, in this paper, we take a step towards automatically proving the safety of Paxos by taking advantage of three structural features in its specification: spatial regularity in its unordered domains, temporal regularity in its totally-ordered domain, and its hierarchical composition. By carefully integrating these structural features in IC3PO, a novel model checking algorithm, we were able to infer an inductive invariant that identically matches the human-written one previously derived with significant manual effort using interactive theorem proving. While various attempts have been made to verify different versions of Paxos, to the best of our knowledge, this is the first demonstration of an automatically-inferred inductive invariant for Lamport's original Paxos specification. We note that these structural features are not specific to Paxos and that IC3PO can serve as an automatic general-purpose protocol verification tool.
EconomyCPA Trendlines

Five Keys to Becoming a High-Performing Firm

Transformation must come at all levels. After your assessment of the leadership team, and the assessment of your own leadership, we move on to the challenge of answering the key question – what steps need to be taken (the road map) to move the firm from where it is today to a standout, high-performing firm?
Aerospace & Defensearxiv.org

A compact instrument for gamma-ray burst detection on a CubeSat platform I: Design drivers and expected performance

David Murphy, Alexey Ulyanov, Sheila McBreen, Maeve Doyle, Rachel Dunwoody, Joseph Mangan, Joseph Thompson, Brian Shortt, Antonio Martin-Carrillo, Lorraine Hanlon. The Educational Irish Research Satellite 1 (EIRSAT-1) is a 2U CubeSat being developed under ESA's Fly Your Satellite! programme. The project has many aspects, which are primarily educational, but also include space qualification of new detector technologies for gamma-ray astronomy and the detection of gamma-ray bursts (GRBs). The Gamma-ray Module (GMOD), the main mission payload, is a small gamma-ray spectrometer comprising a 25 mm $\times$ 25 mm $\times$ 40 mm cerium bromide scintillator coupled to an array of 16 silicon photomultipliers. The readout is provided by IDE3380 (SIPHRA), a low-power and radiation tolerant readout ASIC. GMOD will detect gamma-rays and measure their energies in a range from tens of keV to a few MeV.
ComputersHEXUS.net

'Intel Arc' high-performance graphics brand revealed

Intel has announced a new brand for its high-performance graphics products for consumers. The Intel Arc brand will embrace hardware, software and services addressing this market segment. We are told that the first gen Intel Arc hardware, based on the Xe-HPG architecture, will be code-named Alchemist (formerly known as DG2). Moreover, Alchemist will be followed up with future generations dubbed Battlemage, Celestial and Druid.
Mathematicsarxiv.org

Classifier construction in Boolean networks using algebraic methods

We investigate how classifiers for Boolean networks (BNs) can be constructed and modified under constraints. A typical constraint is to observe only states in attractors or even more specifically steady states of BNs. Steady states of BNs are one of the most interesting features for application. Large models can possess many steady states. In the typical scenario motivating this paper we start from a Boolean model with a given classification of the state space into phenotypes defined by high-level readout components. In order to link molecular biomarkers with experimental design, we search for alternative components suitable for the given classification task. This is useful for modelers of regulatory networks for suggesting experiments and measurements based on their models. It can also help to explain causal relations between components and phenotypes. To tackle this problem we need to use the structure of the BN and the constraints. This calls for an algebraic approach. Indeed we demonstrate that this problem can be reformulated into the language of algebraic geometry. While already interesting in itself, this allows us to use Groebner bases to construct an algorithm for finding such classifiers. We demonstrate the usefulness of this algorithm as a proof of concept on a model with 25 components.
Softwaretowardsdatascience.com

Anomaly Detection — How to Tell Good Performance from Bad

Beyond accuracy, the False Positive and False Negative rates are sensible, intuitive ways of assessing performance. Not all anomaly detectors are equal: performance scores can differ substantially between anomaly detectors, operating on the same real-life time-series data for business metrics. In our test data, Avora’s anomaly detector achieves better performance...
California, PADerrick

The newest disease detection tool for COVID and beyond: Poop

Since reopening campus at the University of California, San Diego last summer, university officials have relied on the tried-and-true public health strategies of testing and contact tracing. But they have also added a new tool to their arsenal: excrement. That tool alerted researchers to about 85% of cases in dorms...

Comments / 0

Community Policy