DOCSLIB.ORG

OPINION SECURITY File Systems NETWORKING Columns Book

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

August 2010 VOLUME 35 NUMBER 4 OPINION Musings 2 RikR FaR ow SECURITY Making Sense of Logs 8 R oN DiLLEY THE USENIX MAGAZINE Don’t Take LaTeX Files from Strangers 17 STEPHEN CHECKOWAY, HoVaV SHaCHaM, aND ERiC RESCoRLa SymbianS O Platform Security Model 23 B o Li, ELENa RESHEToVa, aND TUoMaS aURa F ILE SYSTEMS Cephs a a Scalable Alternative to the Hadoop Distributed File System 38 CL aR oS M aLTZaHN, ESTEBaN MoLiNa-ESToLaNo, aMaNDEEP kHURaNa, aLEX J. NELS oN, SCoTT a. BRaNDT, aND SaGE wEiL NETWORKING Improving the Performance and Robustness of P2P Live Streaming with Contracts 50 M iCHaEL PiaTEk aND aRViND kRiSHNaMURTHY C OLUMNS Practical Perl Tools: Random Acts of Kindness 56 Da ViD N. BLaNk-EDELMaN Pete’s All Things Sun: The Status of Sun Products 61 P ETER BaER GaLViN iVoyeur: Pockets-o-Packets, Part 2 67 Da VE JoSEPHSEN /dev/random: A Debatably Helpful Guide to IT Disaster Planning 72 Ro BERT G. FERRELL B OOK reVIEWS Book Reviews 74 ELiZabeth ZwiCkY ET aL. useni X NOTES USENIX Lifetime Achievement Award 77 STUG Award 77 USENIX Association Financial Statements for 2009 78 EL L iE YoUNG C ONFERENCES Reportsn o NSDI ’10: 7th USENIX Symposium on Networked Systems Design and Implementation 80 Report on the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET ’10) 94 2010 Internet Network Management Workshop/Workshop on Research on Enterprise Networking (INM/WREN ’10) 101 9th International Workshop on Peer-to-Peer Systems (IPTPS ’10) 105 BSDCan 2010: The Technical BSD Conference 108 The Advanced Computing Systems Association aug10covers.indd 1 7.14.10 1:46 PM Upcoming Events 9th USENIX symposium on operatIng systems 24th Large InstallatIon system adInIstratIon desIgn and ImpLementatIon (OSDI ’10) ConferenCe (LISA ’10) Sponsored by USENIX in cooperation with ACM SIGOPS Sponsored by USENIX in cooperation with LOPSA and SNIA o Ctober 4–6, 2010, vanCoUver, bC, Canada november 7–12, 2010, San joSe, Ca, USa http://www.usenix.org/osdi10 http://www.usenix.org/lisa10 workshops Co-LoCated wIth OSDI ’10: 9th USENIX ConferenCe on file and storage workshop on sUpportIng dIversIty In systems teChnoLogIes (FAST ’11) researCh (dIversIty ’10) Sponsored by USENIX in cooperation with ACM SIGOPS o Ctober 2–3, 2010 Febr Uary 15–18, 2011, San joSe, Ca, USa http://www.usenix.org/diversity10 http://www.usenix.org/fast11 Submissions due: September 2, 2010 workshop on managIng systems vIa Log anaLysIs and maChIne LearnIng teChnIqUes 8th USENIX symposium on networked systems (m sLa L ’10) desIgn and ImpLementatIon (NSDI ’11) o Ctober 2–3, 2010 Sponsored by USENIX in cooperation with ACM SIGCOMM and http://www.usenix.org/slaml10 ACM SIGOPS mr a Ch 30–april 1, 2011, boSton, MA , USa sixth workshop on hot topics In system http://www.usenix.org/nsdi11 dependability (hotdep ’10) Submissions due: September 16, 2010 o Ctober 3, 2010 http://www.usenix.org/hotdep10 13th workshop on hot topics In operatIng systems (hotOS XIII) orkshop on ower ware ompUtIng 2010 w p a C Sponsored by USENIX in cooperation with the IEEE Technical and systems (hotpower ’10) Committee on Operating Systems (TCOS) o Ctober 3, 2010 m ay 8–10, 2011, napa, Ca, USa http://www.usenix.org/hotpower10 http://www.usenix.org/hotos11 Submissions due: January 15, 2011 2010 workshop on the eConomics of networks, systems, and CompUtatIon (neteCon ’10) Sponsored by USENIX in cooperation with ACM SIGecom o Ctober 3, 2010 http://www.usenix.org/netecon10 5th InternatIonaL workshop on systems software verIficatIon (SSV ’10) o Ctober 6–7, 2010 http://www.usenix.org/ssv10 For a complete list of all USENIX & USENIX co-sponsored events, see http://www.usenix.org/events. aug10covers.indd 2 7.14.10 1:46 PM OPINION Musings 2 R Ik FARROw SECURITY Making Sense of Logs 8 RON DILLEY Don’t Take LaTeX Files from Strangers 17 ST EPHEN CHECkOwAY, HOVAV sHACHAM, AND ERIC RE sCORLA Symbian OS Platform Security Model 23 BO LI, ELENA RE sHEtOVA, AND contents tuOMAs AuRA F ILE SYSTEMS Ceph as a Scalable Alternative to the Hadoop Distributed File System 38 CARLO s MALtZAHN, EstEBAN MOLINA-EstOLANO, AMANDEEP kHuRANA, ALEX J. NEL sON, sCOtt A. BRAND t, AND sAGE wEIL NETWORKING Improving the Performance and Robustness of P2P Live Streaming with Contracts 50 MICHAEL PIAtEk AND ARVIND kRIsHNAMuRtHY C OLUMNS Practical Perl Tools: Random Acts of VOL. 35, #4, August 2010 Kindness 56 Editor ;login: is the official D AVID N. Blank-EDELMAN Rik Farrow magazine of the Pete’s All Things Sun: [email protected] USENIX Association. The Status of Sun Products 61 Managing Editor ;login: (ISSN 1044-6397) is PBEREtER A Galvin Jane-Ellen Long published bi-monthly by the [email protected] USENIX Association, 2560 iVoyeur: Pockets-o-Packets, Part 2 67 Ninth Street, Suite 215, DVEJ A OsEPHsEN Copy Editor Berkeley, CA 94710. Steve Gilmartin /dev/random: A Debatably Helpful Guide [email protected] $90 of each member’s annual dues is for an annual sub- to IT Disaster Planning 72 produCtion scription to ;login:. Subscrip- R OBERt G. F ERRELL Casey Henderson tions for nonmembers are Jane-Ellen Long $125 per year. Jennifer Peterson B OOK reVIEWS Book Reviews 74 Periodicals postage paid at typEsEttEr Berkeley, CA, and additional E LIZABEtH ZwICkY Et AL. Star Type offices. [email protected] POSTMASTER: Send address useni X NOTES USENIX Lifetime Achievement Award 77 usEniX assoCiation changes to ;login:, 2560 Ninth Street, USENIX Association, STUG Award 77 Suite 215, Berkeley, 2560 Ninth Street, California 94710 Suite 215, Berkeley, USENIX Association Financial Statements Phone: (510) 528-8649 CA 94710. for 2009 78 FAX: (510) 548-5738 E YLLIE Oung ©2010 USENIX Association http://www.usenix.org http://www.sage.org USENIX is a registered trade- mark of the USENIX Associa- C ONFERENCES Reports on NSDI ’10: 7th USENIX Symposium tion. Many of the designations on Networked Systems Design and used by manufacturers and Implementation 80 sellers to distinguish their products are claimed as trade- Report on the 3rd USENIX Workshop on marks. USENIX acknowledges Large-Scale Exploits and Emergent Threats all trademarks herein. Where those designations appear in (LEET ’10) 94 this publication and USENIX 2010 Internet Network Management is aware of a trademark claim, Workshop/Workshop on Research on the designations have been printed in caps or initial caps. Enterprise Networking (INM/WREN ’10) 101 9th International Workshop on Peer-to-Peer Systems (IPTPS ’10) 105 BSDCan 2010: The Technical BSD Conference 108 ;LOGIN: AuGust 2010 ARtICLE tItLE 1 AUGUST2010_loginarticles.indd 1 7.14.10 11:19 AM Another d Ay, Another exploit. Today I read that some researchers plan on RikR Fa R ow demoing a rootkit for Android at DefCon 2010. In May, UW and UCSD researchers announced remote control of a car via the diagnostic port [1] and a wireless link. They could disable the brakes totally, apply the brakes to just one wheel (or more), stall the musings engine, and control the display panel. And Rik is the Editor of ;login:. just wait until you learn what can be done [email protected] with your new smartphone. I got interested in computer security because I found it both intriguing and challenging. Under- standing security involves knowledge of program- ming, system administration, OS design and imple- mentation, and networking. Few CS disciplines cross so many boundaries. I’ve done well in the field, but still feel like I am groping in the dark. Visualization Speaking of darkness, I decided to visualize what government-sponsored2 attackers might be using in ;LOGIN: VOL. 35, NO. 4 the near future. It would have been really nice to have a console that was not only used for attack- ing (or, more politely, penetration testing), like Metasploit, but something that displays the status of the systems and networks that may be involved in the attack. Of course, I also imagine that the operator can call up lists of potential attacks and chose to execute an attack with a few keystrokes (real hackers keep their hands on the keyboard— mouses are for sissies). On that note, here goes . Maxim glanced at his smartphone, checked the time, and stubbed out his cigarette. He really hated himself for smoking, but did it for the sharpened focus it seemed to bring. He looked around the stuffy, windowless room, with its piles of books, magazines, and stacks of paper, then turned out the dim LED lamp over his desk. Finally, he lifted the helmet from its rest and settled it into position. Maxim sighed deeply. As usual, he felt enthralled by the display. He appeared to be floating in the depths of space, but instead of stars, collections of brightly colored lights surrounded him. With a couple of keystrokes, he could zoom in on an area and view the tags that provided more detail. Or he could add in overlays that showed the amount of network traffic between any of the targets in his display. Soft pops, crackles, and chimes came from all directions. The UI people had decided that enhanc- AUGUST2010_loginarticles.indd 2 7.14.10 11:19 AM ing the display with sound was a good idea, and Maxim agreed. Humans retain ancient instincts from their hunter-gatherer days, when someone who ignored a cracking branch might miss finding dinner, or quickly become dinner. As new sources of information appeared, they chimed softly, then crackled as more information about the source was added. What Maxim really hated was the thumper. If the back-end AI decided that the attacker had been detected, it not only produced a tremendous crump sound, it also thumped the seat hard enough to jolt his whole body.
Recommended publications
  • A the Hacker

    A the Hacker

    A The Hacker Madame Curie once said “En science, nous devons nous int´eresser aux choses, non aux personnes [In science, we should be interested in things, not in people].” Things, however, have since changed, and today we have to be interested not just in the facts of computer security and crime, but in the people who perpetrate these acts. Hence this discussion of hackers. Over the centuries, the term “hacker” has referred to various activities. We are familiar with usages such as “a carpenter hacking wood with an ax” and “a butcher hacking meat with a cleaver,” but it seems that the modern, computer-related form of this term originated in the many pranks and practi- cal jokes perpetrated by students at MIT in the 1960s. As an example of the many meanings assigned to this term, see [Schneier 04] which, among much other information, explains why Galileo was a hacker but Aristotle wasn’t. A hack is a person lacking talent or ability, as in a “hack writer.” Hack as a verb is used in contexts such as “hack the media,” “hack your brain,” and “hack your reputation.” Recently, it has also come to mean either a kludge, or the opposite of a kludge, as in a clever or elegant solution to a difficult problem. A hack also means a simple but often inelegant solution or technique. The following tentative definitions are quoted from the jargon file ([jargon 04], edited by Eric S. Raymond): 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.
  • Diapositiva 1

    Diapositiva 1

    Feliciano Intini Responsabile dei programmi di Sicurezza e Privacy di Microsoft Italia • NonSoloSecurity Blog: http://blogs.technet.com/feliciano_intini • Twitter: http://twitter.com/felicianointini 1. Introduction - Microsoft Security Intelligence Report (SIR) 2. Today‘s Threats - SIR v.8 New Findings – Italy view 3. Advancements in Software Protection and Development 4. What the Users and Industry Can Do The 8th volume of the Security Intelligence Report contains data and intelligence from the past several years, but focuses on the second half of 2009 (2H09) Full document covers Malicious Software & Potentially Unwanted Software Email, Spam & Phishing Threats Focus sections on: Malware and signed code Threat combinations Malicious Web sites Software Vulnerability Exploits Browser-based exploits Office document exploits Drive-by download attacks Security and privacy breaches Software Vulnerability Disclosures Microsoft Security Bulletins Exploitability Index Usage trends for Windows Update and Microsoft Update Microsoft Malware Protection Center (MMPC) Microsoft Security Response Center (MSRC) Microsoft Security Engineering Center (MSEC) Guidance, advice and strategies Detailed strategies, mitigations and countermeasures Fully revised and updated Guidance on protecting networks, systems and people Microsoft IT ‗real world‘ experience How Microsoft IT secures Microsoft Malware patterns around the world with deep-dive content on 26 countries and regions Data sources Malicious Software and Potentially Unwanted Software MSRT has a user base
  • Proposal of N-Gram Based Algorithm for Malware Classification

    Proposal of N-Gram Based Algorithm for Malware Classification

    SECURWARE 2011 : The Fifth International Conference on Emerging Security Information, Systems and Technologies Proposal of n-gram Based Algorithm for Malware Classification Abdurrahman Pektaş Mehmet Eriş Tankut Acarman The Scientific and Technological The Scientific and Technological Computer Engineering Dept. Research Council of Turkey Research Council of Turkey Galatasaray University National Research Institute of National Research Institute of Istanbul, Turkey Electronics and Cryptology Electronics and Cryptology e-mail:[email protected] Gebze, Turkey Gebze, Turkey e-mail:[email protected] e-mail:[email protected] Abstract— Obfuscation techniques degrade the n-gram malware used by the previous work. Similar methodologies features of binary form of the malware. In this study, have been used in source authorship, information retrieval methodology to classify malware instances by using n-gram and natural language processing [5], [6]. features of its disassembled code is presented. The presented The first known use of machine learning in malware statistical method uses the n-gram features of the malware to detection is presented by the work of Tesauro et al. in [7]. classify its instance with respect to their families. n-gram is a fixed size sliding window of byte array, where n is the size of This detection algorithm was successfully implemented in the window. The contribution of the presented method is IBM’s antivirus scanner. They used 3-grams as a feature set capability of using only one vector to represent malware and neural networks as a classification model. When the 3- subfamily which is called subfamily centroid. Using only one grams parameter is selected, the number of all n-gram vector for classification simply reduces the dimension of the n- features becomes 2563, which leads to some spacing gram space.
  • Ceph: Distributed Storage for Cloud Infrastructure

    Ceph: Distributed Storage for Cloud Infrastructure

    ceph: distributed storage for cloud infrastructure sage weil msst – april 16, 2012 outline ● motivation ● practical guide, demo ● overview ● hardware ● ● how it works installation ● failure and recovery ● architecture ● rbd ● data distribution ● libvirt ● rados ● ● rbd project status ● distributed file system storage requirements ● scale ● terabytes, petabytes, exabytes ● heterogeneous hardware ● reliability and fault tolerance ● diverse storage needs ● object storage ● block devices ● shared file system (POSIX, coherent caches) ● structured data time ● ease of administration ● no manual data migration, load balancing ● painless scaling ● expansion and contraction ● seamless migration money ● low cost per gigabyte ● no vendor lock-in ● software solution ● commodity hardware ● open source ceph: unified storage system ● objects ● small or large ● multi-protocol Netflix VM Hadoop ● block devices radosgw RBD Ceph DFS ● snapshots, cloning RADOS ● files ● cache coherent ● snapshots ● usage accounting open source ● LGPLv2 ● copyleft ● free to link to proprietary code ● no copyright assignment ● no dual licensing ● no “enterprise-only” feature set distributed storage system ● data center (not geo) scale ● 10s to 10,000s of machines ● terabytes to exabytes ● fault tolerant ● no SPoF ● commodity hardware – ethernet, SATA/SAS, HDD/SSD – RAID, SAN probably a waste of time, power, and money architecture ● monitors (ceph-mon) ● 1s-10s, paxos ● lightweight process ● authentication, cluster membership, critical cluster state ● object storage daemons (ceph-osd)
  • Game Hacking 101

    Game Hacking 101

    6627ch02.qxd_lb 6/22/07 7:31 AM Page 19 2 Game Hacking 101 oftware piracy has long been a problem in the computer games busi- Sness—ever since games moved from stand-alone machines in the 1970s to PCs in the 1980s. Game makers, justifiably, have gone to great lengths to thwart piracy. In the past, game makers added various countermeasures to their software to make games harder to crack. The main purpose was to prevent rampant copying so that people who wanted to play the game had to buy it. In the end, these games were always cracked—but in some cases, the countermeasures delayed the release of a cracked version by days or even weeks. This delay earned real revenue for the game companies because delaying a crack for even a week translated into hundreds of thousands of dollars. Antipiracy countermeasures made some economic sense in the over-the- counter paradigm, in which a gamer purchased a copy of the game from a retailer and installed the copy locally on his or her PC. But things have changed. Many modern games have moved online, and with the advent of game consoles connected to the Internet, this trend is likely to accelerate.1 That means companies now have two revenue sources to protect: the 1. The hugely popular Nintendo Wii, which debuted in late 2006, will certainly accelerate this trend. 19 6627ch02.qxd_lb 6/22/07 7:31 AM Page 20 20 Chapter 2 Game Hacking 101 original game price in the retail channel, and a monthly subscription revenue stream for online access.
  • Re-Purposing Commercial Entertainment Software for Military Use

    Re-Purposing Commercial Entertainment Software for Military Use

    Calhoun: The NPS Institutional Archive Theses and Dissertations Thesis Collection 2000-09 Re-purposing commercial entertainment software for military use DeBrine, Jeffrey D. Monterey, California. Naval Postgraduate School http://hdl.handle.net/10945/26726 HOOL NAV CA 9394o- .01 NAVAL POSTGRADUATE SCHOOL Monterey, California THESIS RE-PURPOSING COMMERCIAL ENTERTAINMENT SOFTWARE FOR MILITARY USE By Jeffrey D. DeBrine Donald E. Morrow September 2000 Thesis Advisor: Michael Capps Co-Advisor: Michael Zyda Approved for public release; distribution is unlimited REPORT DOCUMENTATION PAGE Form Approved OMB No. 0704-0188 Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instruction, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington DC 20503. 1 . AGENCY USE ONLY (Leave blank) 2. REPORT DATE REPORT TYPE AND DATES COVERED September 2000 Master's Thesis 4. TITLE AND SUBTITLE 5. FUNDING NUMBERS Re-Purposing Commercial Entertainment Software for Military Use 6. AUTHOR(S) MIPROEMANPGS00 DeBrine, Jeffrey D. and Morrow, Donald E. 8. PERFORMING 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) ORGANIZATION REPORT Naval Postgraduate School NUMBER Monterey, CA 93943-5000 9. SPONSORING / MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSORING/ Office of Economic & Manpower Analysis MONITORING AGENCY REPORT 607 Cullum Rd, Floor IB, Rm B109, West Point, NY 10996-1798 NUMBER 11.
  • Quake Manual

    Quake Manual

    The Story QUAKE Background: You get the phone call at 4 a.m. By 5:30 you're in the secret installation. The commander explains tersely, "It's about the Slipgate device. Once we perfect these, we'll be able to use them to transport people and cargo from one place to another instantly. "An enemy codenamed Quake, is using his own slipgates to insert death squads inside our bases to kill, steal, and kidnap. "The hell of it is we have no idea where he's from. Our top scientists think Quake's not from Earth, but another dimension. They say Quake's preparing to unleash his real army, whatever that is. "You're our best man. This is Operation Counterstrike and you're in charge. Find Quake, and stop him ... or it ... You have full authority to requisition anything you need. If the eggheads are right, all our lives are expendable." Prelude to Destruction: While scouting the neighborhood, you hear shots back at the base. Damn, that Quake bastard works fast! He heard about Operation Counterstrike, and hit first. Racing back, you see the place is overrun. You are almost certainly the only survivor. Operation Counterstrike is over. Except for you. You know that the heart of the installation holds a slipgate. Since Quake's killers came through, it is still set to his dimension. You can use it to get loose in his hometown. Maybe you can get to the asshole personally. You pump a round into your shotgun, and get moving. System Requirements General Quake System Requirements IBM PC and Compatible Computers Pentium 75 MHz processor or better (absolutely must have a Math Co-Processor!) VGA Compatible Display or better Windows 95 Operation: 16MB RAM minimum, 24MB+ recommended CD-ROM drive required Hard Drive Space Needed: 80 MB Specialized Requirements For WinQuake (WINQUAKE.EXE): Windows 95/98/ME/NT/2000 For GLQuake (GLQUAKE.EXE): Windows 95/98/ME/NT/2000 Open GL Compatible Video Card GLQUAKE supports most 100% fully OpenGL compliant 3D accelerator cards.
  • Download Slides

    Download Slides

    Scott Wu Point in time cleaning vs. RTP MSRT vs. Microsoft Security Essentials Threat events & impacts More on MSRT / Security Essentials MSRT Microsoft Windows Malicious Software Removal Tool Deployed to Windows Update, etc. monthly since 2005 On-demand scan on prevalent malware Microsoft Security Essentials Full AV RTP Inception in Oct 2009 RTP is the solution One-off cleaner has its role Quiikck response Workaround Baseline ecosystem cleaning Industrypy response & collaboration Threat Events Worms (some are bots) have longer lifespans Rogues move on quicker MarMar 2010 2010 Apr Apr 2010 2010 May May 2010 2010 Jun Jun 2010 2010 Jul Jul 2010 2010 Aug Aug 2010 2010 1,237,15 FrethogFrethog 979,427 979,427 Frethog Frethog 880,246880,246 Frethog Frethog465,351 TaterfTaterf 5 1,237,155Taterf Taterf 797,935797,935 TaterfTaterf 451,561451,561 TaterfTaterf 497,582 497,582 Taterf Taterf 393,729393,729 Taterf Taterf447,849 FrethogFrethog 535,627535,627 AlureonAlureon 493,150 493,150 AlureonAlureon 436,566 436,566 RimecudRimecud 371,646 371,646 Alureon Alureon 308,673308,673 Alureon Alureon 441,722 RimecudRimecud 341,778341,778 FrethogFrethog 473,996473,996 BubnixBubnix 348,120 348,120 HamweqHamweq 289,603 289,603 Rimecud Rimecud289,629 289,629 Rimecud Rimecud318,041 AlureonAlureon 292,810 292,810 BubnixBubnix 471,243 471,243 RimecudRimecud 287,942287,942 ConfickerConficker 286,091286, 091 Hamwe Hamweqq 250,286250, 286 Conficker Conficker220,475220, 475 ConfickerConficker 237237,348, 348 RimecudRimecud 280280,440, 440 VobfusVobfus 251251,335, 335
  • Classification of Malware Models Akriti Sethi San Jose State University

    Classification of Malware Models Akriti Sethi San Jose State University

    San Jose State University SJSU ScholarWorks Master's Projects Master's Theses and Graduate Research Spring 5-20-2019 Classification of Malware Models Akriti Sethi San Jose State University Follow this and additional works at: https://scholarworks.sjsu.edu/etd_projects Part of the Artificial Intelligence and Robotics Commons, and the Information Security Commons Recommended Citation Sethi, Akriti, "Classification of Malware Models" (2019). Master's Projects. 703. DOI: https://doi.org/10.31979/etd.mrqp-sur9 https://scholarworks.sjsu.edu/etd_projects/703 This Master's Project is brought to you for free and open access by the Master's Theses and Graduate Research at SJSU ScholarWorks. It has been accepted for inclusion in Master's Projects by an authorized administrator of SJSU ScholarWorks. For more information, please contact [email protected]. Classification of Malware Models A Project Presented to The Faculty of the Department of Computer Science San José State University In Partial Fulfillment of the Requirements for the Degree Master of Science by Akriti Sethi May 2019 © 2019 Akriti Sethi ALL RIGHTS RESERVED The Designated Project Committee Approves the Project Titled Classification of Malware Models by Akriti Sethi APPROVED FOR THE DEPARTMENT OF COMPUTER SCIENCE SAN JOSÉ STATE UNIVERSITY May 2019 Dr. Mark Stamp Department of Computer Science Dr. Thomas Austin Department of Computer Science Dr. Philip Heller Department of Computer Science ABSTRACT Classification of Malware Models by Akriti Sethi Automatically classifying similar malware families is a challenging problem. In this research, we attempt to classify malware families by applying machine learning to machine learning models. Specifically, we train hidden Markov models (HMM) for each malware family in our dataset.
  • ABSTRACT LOHMEYER, EDWIN LLOYD. Unstable Aesthetics

    ABSTRACT LOHMEYER, EDWIN LLOYD. Unstable Aesthetics

    ABSTRACT LOHMEYER, EDWIN LLOYD. Unstable Aesthetics: The Game Engine and Art Modifications (Under the direction of Dr. Andrew Johnston). This dissertation examines episodes in the history of video game modding between 1995 and 2010, situated around the introduction of the game engine as a software framework for developing three-dimensional gamespaces. These modifications made to existing software and hardware were an aesthetic practice used by programmers and artists to explore the relationship between abstraction, the materiality of game systems, and our phenomenal engagement with digital media. The contemporary artists that I highlight—JODI, Cory Arcangel, Orhan Kipcak, Julian Oliver, and Tom Betts—gravitated toward modding because it allowed them to unveil the technical processes of the engine underneath layers of the game’s familiar interface, in turn, recalibrating conventional play into sensual experiences of difference, uncertainty, and the new. From an engagement with abstract forms, they employed modding techniques to articulate new modes of aesthetic participation through an affective encounter with altered game systems. Furthermore, they used abstraction, the very strangeness of the mod’s formal elements, to reveal our habitual interactions with video games by destabilizing conventional gamespaces through sensory modalities of apperception and proprioception. In considering the imbrication of technics and aesthetics in game engines, this work aims to resituate modding practices within a dynamic and more inclusive understanding
  • Open Source Software

    Open Source Software

    OPEN SOURCE SOFTWARE Product AVD9x0x0-0010 Firmware and version 3.4.57 Notes on Open Source software The TCS device uses Open Source software that has been released under specific licensing requirements such as the ”General Public License“ (GPL) Version 2 or 3, the ”Lesser General Public License“ (LGPL), the ”Apache License“ or similar licenses. Any accompanying material such as instruction manuals, handbooks etc. contain copyright notes, conditions of use or licensing requirements that contradict any applicable Open Source license, these conditions are inapplicable. The use and distribution of any Open Source software used in the product is exclusively governed by the respective Open Source license. The programmers provided their software without ANY WARRANTY, whether implied or expressed, of any fitness for a particular purpose. Further, the programmers DECLINE ALL LIABILITY for damages, direct or indirect, that result from the using this software. This disclaimer does not affect the responsibility of TCS. AVAILABILITY OF SOURCE CODE: Where the applicable license entitles you to the source code of such software and/or other additional data, you may obtain it for a period of three years after purchasing this product, and, if required by the license conditions, for as long as we offer customer support for the device. If this document is available at the website of TCS and TCS offers a download of the firmware, the offer to receive the source code is valid for a period of three years and, if required by the license conditions, for as long as TCS offers customer support for the device. TCS provides an option for obtaining the source code: You may obtain any version of the source code that has been distributed by TCS for the cost of reproduction of the physical copy.
  • Digitalocean

    Digitalocean

    UPDATE SAGE WEIL – RED HAT SC16 CEPH BOF – 2016.11.16 2 JEWEL APPAPP APPAPP HOST/VMHOST/VM CLIENTCLIENT RADOSGWRADOSGW RBDRBD CEPHCEPH FSFS LIBRADOSLIBRADOS AA bucket-based bucket-based AA reliable reliable and and fully- fully- AA POSIX-compliant POSIX-compliant AA library library allowing allowing RESTREST gateway, gateway, distributeddistributed block block distributeddistributed file file appsapps to to directly directly compatiblecompatible with with S3 S3 device,device, with with a a Linux Linux system,system, with with a a accessaccess RADOS, RADOS, andand Swift Swift kernelkernel client client and and a a LinuxLinux kernel kernel client client withwith support support for for QEMU/KVMQEMU/KVM driver driver andand support support for for C,C, C++, C++, Java, Java, FUSEFUSE Python,Python, Ruby, Ruby, andand PHP PHP AWESOME AWESOME NEARLY AWESOME AWESOME RADOSRADOS AWESOME AA reliable, reliable, autonomous, autonomous, distributed distributed object object store store comprised comprised of of self-healing, self-healing, self-managing, self-managing, intelligentintelligent storage storage nodes nodes 3 2016 = FULLY AWESOME OBJECT BLOCK FILE RGW RBD CEPHFS S3 and Swift compatible A virtual block device with A distributed POSIX file object storage with object snapshots, copy-on-write system with coherent versioning, multi-site clones, and multi-site caches and snapshots on federation, and replication replication any directory LIBRADOS A library allowing apps to direct access RADOS (C, C++, Java, Python, Ruby, PHP) RADOS A software-based,