Researchers from the UGR develop a new software which adapts medical technology to see the interior of a sculpture

Researchers from the UGR develop a new software which adapts medical technology to see the interior of a sculpture

A student at the University of Granada (UGR) has designed software that adapts current medical technology to analyze the interior of sculptures. It’s a tool to see the interior without damaging wood carvings, and it has been designed for the restoration and conservation of the sculptural heritage.

Francisco Javier Melero, professor of Languages and Computer Systems at the University of Granada and director of the project, says that the new software simplifies medical technology and adapts it to the needs of restorers working with wood carvings.

The software, called 3DCurator, has a specialized viewfinder that uses computed tomography in the field of restoration and conservation of sculptural heritage. It adapts the medical CT to restoration and it displays the 3-D image of the carving with which it is going to work.

Replacing the traditional X-rays for this system allows restorers to examine the interior of a statue without the problem of overlapping information presented by older techniques, and reveals its internal structure, the age of the wood from which it was made, and possible additions.

“The software that carries out this task has been simplified in order to allow any restorer to easily use it. You can even customize some functions, and it allows the restorers to use the latest medical technology used to study pathologies and apply it to constructive techniques of wood sculptures,” says professor Melero.

 

This system, which can be downloaded for free from www.3dcurator.es, visualizes the hidden information of a carving, verifies if it contains metallic elements, identifies problems of xylophages like termites and the tunnel they make, and detects new plasters or polychrome paintings added later, especially on the original finishes.

The main developer of 3DCurator was Francisco Javier Bolívar, who stressed that the tool will mean a notable breakthrough in the field of conservation and restoration of cultural assets and the analysis of works of art by experts in Art History.

Professor Melero explains that this new tool has already been used to examine two sculptures owned by the University of Granada: the statues of San Juan Evangelista, from the 16th century, and an Immaculate from the 17th century, which can be virtually examined at the Virtual Heritage Site Of the Andalusian Universities (patrimonio3d.ugr.es/).

 

 

[Source:- Phys.org]

 

Attackers start wiping data from CouchDB and Hadoop databases

Data-wiping attacks have hit exposed Hadoop and CouchDB databases.

It was only a matter of time until ransomware groups that wiped data from thousands of MongoDB databases and Elasticsearch clusters started targeting other data storage technologies. Researchers are now observing similar destructive attacks hitting openly accessible Hadoop and CouchDB deployments.

Security researchers Victor Gevers and Niall Merrigan, who monitored the MongoDB and Elasticsearch attacks so far, have also started keeping track of the new Hadoop and CouchDB victims. The two have put together spreadsheets on Google Docs where they document the different attack signatures and messages left behind after data gets wiped from databases.

In the case of Hadoop, a framework used for distributed storage and processing of large data sets, the attacks observed so far can be described as vandalism.

That’s because the attackers don’t ask for payments to be made in exchange for returning the deleted data. Instead, their message instructs the Hadoop administrators to secure their deployments in the future.

According to Merrigan’s latest count, 126 Hadoop instances have been wiped so far. The number of victims is likely to increase because there are thousands of Hadoop deployments accessible from the internet — although it’s hard to say how many are vulnerable.

The attacks against MongoDB and Elasticsearch followed a similar pattern. The number of MongoDB victims jumped from hundreds to thousands in a matter of hours and to tens of thousands within a week. The latest count puts the number of wiped MongoDB databases at more than 34,000 and that of deleted Elasticsearch clusters at more than 4,600.

A group called Kraken0, responsible for most of the ransomware attacks against databases, is trying to sell its attack toolkit and a list of vulnerable MongoDB and Elasticsearch installations for the equivalent of US$500 in bitcoins.

The number of wiped CouchDB databases is also growing rapidly, reaching more than 400 so far. CouchDB is a NoSQL-style database platform similar to MongoDB.

Unlike the Hadoop vandalism, the CouchDB attacks are accompanied by ransom messages, with attackers asking for 0.1 bitcoins (around $100) to return the data. Victims are advised against paying because, in many of the MongoDB attacks, there was no evidence that attackers had actually copied the data before deleting it.

Researchers from Fidelis Cybersecurity have also observed the Hadoop attacks and have published a blog post with more details and recommendations on securing such deployments.

The destructive attacks against online database storage systems are not likely to stop soon because there are other technologies that have not yet been targeted and that might be similarly misconfigured and left unprotected on the internet by users.

 

 

[Source:- JW]

New JVM language stands apart from Scala, Clojure

New JVM language stands apart from Scala, Clojure

Another JVM language, Haskell dialect Eta, has arrived on the scene, again centering on functional programming.

Intended for building scalable systems, Eta is a strongly typed functional language. It’s similar to Scala, a JVM language that also emphasizes functional programming and scalability, and Clojure, another a functional language on the JVM.

But Eta sets itself apart from such competitors because it’s immutable by default, it uses lazy evaluation, and it has a very powerful type system, said Eta founder Rahul Muttineni, CTO at TypeLead, which oversees the language. This combination allows static guarantees and conciseness simply not possible in Scala or Clojure.

Currently at version 0.0.5 in an alpha release, Eta is interoperable with Java, allowing reuse of Java libraries in Eta projects and use of Eta modules in Java. Strong type safety enables developers to tell the compiler more information about code, while immutability in Eta boosts concurrency.

Eta also features purity, in which calling a function with the same arguments yields the same results each time; function definitions are treated as equations and substitutions can be performed like in math. Eta proponents said this makes it easier to understand code and prevents a lot of bugs typical in imperative languages. “Purity allows you to treat your code like equations in mathematics and makes it a lot easier to reason about your code, especially in concurrency and parallelism settings,” Muttineni said.

Eta is “lazy by default,” meaning data stays in an unevaluated state until a function needs to see inside. This lets developers program without having to be concerned about whether they have done more computation than was required. Developers also can write multipass algorithms in a single pass. “Laziness allows you to stop worrying about the order in which you write your statements,” said Muttineni. “Just specify the data dependencies by defining expressions and their relationships to each other, and the compiler will execute them in the right order and only if the expressions are needed.”

Plans call for fitting Eta with a concurrent runtime, an interactive REPL, metaprogramming, massive parallelism, and transactional concurrency. Support for the Maven build manager and a core library are in development as well, along with boilerplate generation for Java Foreign Function Interface imports.

 

 

[Source:- Javaworld]

How to print from Edge for Windows 10

Image result for How to print from Edge for Windows 10b

How do I print web pages in Edge?

Microsoft Edge features all of the standard print tools for creating copies of web pages; those important stories and official forms can be physically printed on your printer, or they can be converted to PDF for further editing. Here’s everything you need to know about printing from Edge for Windows 10.

A look at Edge’s print settings

For anyone unfamiliar with printing from the web, here’s a look at the print settings in Edge.

  • Printer: Choose which printer you’d like to use.
  • Orientation: Choose from Portrait or Landscape.
  • Copies: Choose how many full copies of the printing job you want to be printed.
  • Pages: Choose from all pages, the current page shown in the preview, or page range. You can specify the range yourself by typing, for example, 5-7.
  • Scale: Change how large you’d like text and images to appear.
  • Margins: Set how wide or narrow you’d like the margins to be on printed pages.
  • Headers and footers: Toggle on and off. When on, the article’s title, the website, and the page number will be displayed at the top of the page, while the URL and date will be displayed at the bottom of the page.

For more settings, click More settings near the bottom of the print window.

  • Collation: Choose from collated or uncollated. Collated print jobs involving multiple copies will print in sequence, making it easier for physical distribution and binding. Uncollated print jobs with multiple copies will print out of sequence, i.e. four copies of page one, then four copies of page two, etc.
  • Pages per sheet: Choose how many pages you want to see on each sheet of paper. Scaling will occur.
  • Paper size: Choose the paper size you’re currently using in your printer.
  • Paper type: Choose the type of paper you’re currently using in your printer.
  • Paper tray: Choose which tray on your printer to use.

  • How to print a webpage

    First things first; here’s how to print a page as-is in Edge.

    1. Launch Edge from your Start menu, taskbar, or desktop.
    2. Navigate to a webpage you want to print.
    3. Click the More button in the top-right corner of the window. It looks like •••

 

[Source:- Windowscentral]

Will the R language benefit from Microsoft acquisition?

Microsoft’s recent acquisition of Revolution Analytics represents a significant move on the company’s part. Revolution Analytics is built around the highly popular R language, an open source programming language designed specifically for statistical analytics.

In addition to the R language, Revolution Analytics offers two platforms for developing and deploying R-based applications, one of which is also open source and available free to the public. With this acquisition, Microsoft is clearly moving into new territory. The question that remains is whether the impact will be felt only within Microsoft, or across the R community at large.

The world of Revolution Analytics

Formed in 2007, Revolution Analytics set out to build and support the R community as well as meet the needs of a growing commercial base. Since then, Revolution Analytics has become the world’s largest provider of R-related software and services. That shouldn’t be surprising, given that R is the world’s most widely used programming language for statistical computing and predictive analytics.

Since its rise to fame, Revolution Analytics has continued to support the open source community, contributing regularly to projects such as RHadoopand ParallelR. The company also supports more than 150 R-based user groups across the globe. Revolution Analytics’ own open source product, Revolution R Open, provides a development platform for R-based applications that users can download for free and share with other users, making analytical software affordable to a wide range of individuals and organizations.

Yet Revolution Analytics has been just as busy on the commercial side with Revolution R Enterprise, a more sophisticated version of the open platform. With the enterprise edition, organizations can implement scaled-out options for exploring and modeling large sets of data. The enterprise edition uses parallel external memory algorithms to support large-scale predictive modeling, data statistics and machine-learning capabilities, delivered at breakneck speeds on multiple environments.

A closer look at R

Ross Ihaka and Robert Gentleman at the University of Auckland created the R language in 1993 to address the limitations of existing analytical solutions. In 1995, they released R to the open source community under the terms of the GNU General Public License established by the Free Software Foundation.

From there, the code quickly gained in popularity among analysts and those developing analytical applications. Organizations that have used R include Google, Facebook, Twitter, Nordstrom, Bank of America and The New York Times, to name a few. R set a new standard for analytics that delivered predictive modeling capabilities lacking in more traditional languages.

Because R was created by and for statisticians, it contains many of the features needed to accomplish common statistical-related tasks. For example, R includes data frames, a natural data structure available in few other languages. R also makes it easier to track unknown values within an application so the actual values can be easily inserted once they are known. In addition, R makes it easy to save, reuse and share new analytical techniques with other developers and data scientists.

The R language is particularly efficient at generating visualizations, such as charts and graphs, to identify patterns and hidden anomalies. The language is efficient at reading data, generating lines and points, and properly positioning them into meaningful representations, whether maps, plots (image, scatter, bar), 3-D surfaces or pie charts.

What’s in it for Microsoft?

According to Microsoft, the Revolution Analytics acquisition will help its customers more easily implement advanced analytics within Microsoft platforms, including on-premises, on Microsoft Azure or in hybrid cloud implementations.

To this end, Microsoft plans to build R and Revolution Analytics’ technologies into Microsoft data systems, including SQL Server. Developers and data scientists will be able to take advantage of in-database analytic capabilities that can be deployed across environments. Microsoft also plans to integrate R into Azure HDInsight and Azure Machine Learning, providing more options for creating analytical models that can aid in making data-driven decisions.

Microsoft’s deep pockets also will let the company invest in the R-based applications that Revolution Analytics brings to the table. In addition, Microsoft promises continued support of Revolution R Enterprise across multiple operating systems and heterogeneous platforms such as Hadoopand Teradata. In addition, Microsoft says it will also continue Revolution Analytics’ education and training efforts for developers and data scientists.

What is particularly interesting about Microsoft’s acquisition is its stated commitment to foster Revolution Analytics’ open source nature, not only for the R language, but also for other open source commitments, including Revolution R Open, ParallelR, RHadoop, DeployR and other notable projects.

Perhaps this isn’t such a leap. Microsoft was already an R proponent long before bringing Revolution Analytics on board, having used R to enhance Xbox online gaming and to apply machine learning to data coming from such sources as Bing, Azure and Office. And Microsoft already supports R extensively within the Azure framework.

Microsoft’s acquisition of Revolution Analytics is still new, and despite the promises coming out of both companies, we don’t know what R will look like once everything has played out. What we do know is that R is a popular and widely implemented technology used in a wide range of analytical applications. The marriage between Microsoft and Revolution Analytics could go a long way in solidifying R’s hold on analytics. And we all know how much Microsoft likes to maintain its hold over those industry pieces of the pie.

 

 

 

[Source:- techtarget]

Azure Data Lake Analytics gets boost from U-SQL, a new SQL variantb

Image result for Azure Data Lake Analytics gets boost from U-SQL, a new SQL variant

The big data movement has frozen out many data professionals who are versed in SQL. Microsoft’s U-SQL programming language tries to get such folks back in the data querying game

One of the dirty little secrets of big data is that longtime data professionals have often been kept on the sidelines….

Hadoop, Spark and related application frameworks for big data rely more on Java programing skills and less on SQL skills, thus freezing out many SQL veterans — be they Microsoft T-SQL adepts or others.

While continuing its push into Azure cloud support for Hadoop, Hive, Spark,R and the like, Microsoft is looking to enable T-SQL users to join the big data experience as well.

Its answer is U-SQL, a dialect of T-SQL meant to handle disparate data, while supporting C# extensions and, in-turn, .NET libraries. It is presently available as part of a public preview of Microsoft’s Azure Data Lake Analytics cloud service, first released last October.

U-SQL is a language intended to support queries on all kinds of data, not just relational data. It is focused solely on enhancements to the SQL SELECT statement, and it automatically deploys code to run in parallel. U-SQL was outlined in detail by Microsoft this week at the Data Science Summit it held in conjunction with its Ignite 2016 conference in Atlanta.

Beyond Hive and Pig

The Hadoop community has looked to address this by adding SQL-oriented query engines and languages, such as Hive and Pig. But there was a need for something more akin to familiar T-SQL, according to Alex Whittles, founder of the Purple Frog Systems Ltd. data consultancy in Birmingham, England, and a Microsoft MVP.

“Many of the big data tools — for example, MapReduce — come from a Hadoop background, and they tend to require [advanced] Java coding skills. Tools like Hive and Pig are attempts to bridge that gap to try to make it easier for SQL developers,” he said.

But, “in functionality and mindset, the tools are from the programming world and are not too appropriate for people whose job it is to work very closely with a database,” Whittles said.

This is an important way to open up Microsoft’s big data systems to more data professionals, he said.

“U-SQL gives data people the access to a big data platform without requiring as much learning,” he said. That may be doubly important, he added, as Hive-SQL developers are still a small group, compared with the larger SQL army.

U-SQL is something of a differentiator for Azure Data Lake Analytics, according to Warner Chaves, SQL Server principal consultant with The Pythian Group Inc. in Ottawa and also a Microsoft MVP.

“The feedback I have gotten from database administrators is that big data has seemed intimidating, requiring you to deploy and manage Hadoop clusters and to learn a lot of tools, such as Pig, Hive and Spark,” he said. Some of those issues are handled by Microsoft’s Azure cloud deployment — others by U-SQL.

“With U-SQL, the learning curve for someone working in any SQL — not just T-SQL — is way smaller,” he said. “It has a low barrier to entry.”

He added that Microsoft’s scheme for pricing cloud analytics is also an incentive for its use. The Azure Data Lake itself is divided into separate analytics and storage modules, he noted, and users only have to pay for the analytics processing resources when they’re invoked.

More in store

While it looks out for its traditional T-SQL developer base, Microsoft is also pursuing enhanced capabilities for Hive in the Azure Data Lake.

This week at the Strata + Hadoop World conference in New York, technology partner Hortonworks Inc. released its version of an Apache Hive update using LLAP, or Live Long and Process, which uses in-memory and other architectural enhancements to speed Hive queries. It’s meant to work with Microsoft’s HDInsight, a Hortonworks-based Hadoop and big data platform that is another member of the Azure Data Lake Analytics family.

PRO+

Content

Find more PRO+ content and other member only offers, here.

  • E-Handbook

    Shining a light on SQL Server storage tactics

Meanwhile, there’s more in store for U-SQL. As an example, at Microsoft’s Data Science Summit, U-SQL driving force Michael Rys, a principal program manager at Microsoft, showed attendees how U-SQL can be extended, focusing on how queries in the R language can be exposed for use in U-SQL.

The R language has garnered more and more support within Microsoft since the company purchased Revolution Analytics in 2015. While R programmers dramatically lag SQL programmers in size of population, R is finding use in new analytics applications, including ones centered on machine learning.

 

[Source:- techtarget]

Planning an efficient upgrade from SQL Server 2005: Step 3 of 3

Image result for Planning an efficient upgrade from SQL Server 2005: Step 3 of 3

As the end-of-support deadline for SQL Server 2005 draws near (April 12, 2016), you are probably starting to think about your upgrade strategy. Upgrading SQL Server is a multistage effort that takes time. Planning your SQL Server upgrade early will help you save money and prevent unnecessary business interruptions.

In our previous two posts, we discussed the importance of discovering what you’re running in your IT environment and then finding ways to customize your upgrade by choosing target destinations for each of your applications and workloads — on-premises servers, virtual machines or the cloud.

Now, we’ll walk you through some common upgrade strategies and offer ways that you can approach the upgrade process. By planning thoughtfully, your upgrade will be smoother, less complicated and more cost-effective.

Common upgrade strategies

Consider the following three approaches for your SQL Server upgrade:

  • In-place. An in-place upgrade replaces an existing instance of SQL Server 2005 by installing SQL Server 2014 over it and using the same hardware and platform. This strategy is great for when you aren’t worried about a little downtime and would prefer not to have to re-create the database configuration. While this might be the most straightforward way to upgrade, it is the least common, because most organizations prefer to take the opportunity to consolidate servers, perform hardware refreshes, or target some servers for virtualization rather than remaining physical.
  • Side-by-side. A side-by-side upgrade involves installing SQL Server 2014 as a secondary instance on the same hardware and platform as SQL Server 2005. In this scenario, you can keep your old system running right up until you switch to the new version of the database. This minimizes downtime and allows for parallel testing. While this option might be used in dev-test scenarios, it is uncommon in production server upgrades.
  • New instance installation. The most common and recommended upgrade strategy for SQL Server 2005 is to install SQL Server 2014 as a new instance using different hardware and new OS platform. Many organizations can benefit from acquiring new hardware or virtualizing their infrastructure as part of a SQL Server upgrade. This strategy, like side-by-side upgrade, allows for parallel side-by-side testing, and also renders your organization especially immune to any kind of downtime during the upgrade process. In addition, installing a new instance allows organizations to upgrade from 32-bit to 64-bit platforms and provides the most flexibility for taking advantage of the new features in SQL Server 2014.

The upgrade process

Regardless of which strategy you choose, it’s a good idea to tackle any database upgrade methodically so you can respond along the way as aspects of the project unfold — especially if your database systems are large and complex. Plan thoughtfully to avoid unnecessary time and resource costs.

You can choose any process framework for running your upgrade — Microsoft Operations Framework (MOF), Prince2, ITIL, SixSigma, etc. What’s important is that you identify one that works for your individual environment and stick with it. Know that most likely you will have to revisit earlier stages in the process and potentially need to reshape your plan as the migration and upgrade progresses. You may even need to revise your initial scope if you discover additional downstream systems.

 

Larger upgrade projects can take six to 12 months to execute, so the time to begin planning is now. Mitigate any concerns about business interruptions and achieve a faster, highly available system at the end of the upgrade process.

 

[Source: Blogs Technet]

Has BlackBerry eliminated Its BBM App From The home windows keep?

BlackBerry Logo

looks as if we’ve got another exit. It seems that Blackberry has unexpectedly removed its BBM app for home windows telephone from the home windows shop. No reason has been provided for this, if you’re wondering.

This, of path, follow Brexit, the selection that Britain made the day gone by to exit the ecu Union.

however this one is far much less severe from what the electorate in the uk decided.

Blackberry users, or even the majority, took to the employer’s cozy messaging platform, BBM, which presently is one of the maximum famous messaging gear round. So famous, in truth, that Blackberry ended up producing customers for different cell running structures.

even if they struggled to stay relevant in the market themselves.

home windows telephone, with all its trials and tribulations, obtained a BBM messaging app, which until currently changed into to be had within the windows save for users to download and set up on their handsets.

however, the app is now longer available in the store.

The employer has not supplied any info on why it determined to cast off the application.

then again, as matters stand, this unexpected disappearance is both a mistake or an intentional removal that would imply a pair of things. That Blackberry might be getting rid of guide for windows smartphone, or that it is readying an updated UWP model of the utility.

Of path, this is all natural speculation at this factor.

Germany’s Merkel alerts sober separation from ecu ‘accomplice’ Britain

German Chancellor Angela Merkel called on Saturday for clear-headed negotiations with “near companion” Britain over its departure from the eu Union.

overseas ministers of the european‘s six founding participants had earlier stated Britain should leave the bloc as soon as viable after Britons voted on Thursday to stop the 28-member bloc.

however, Merkel struck a greater conciliatory tone.

“The negotiations should take place in a businesslike, precise climate,” Merkel stated after a assembly of her conservative party in Hermannswerder, out of doors Potsdam, to the west of Berlin.

“Britain will remain a near companion, with which we are related economically,” she stated, including that there was no hurry for Britain to invoke Article 50 of the eu treaty – step one it need to take to set in motion the exit process.

“It have to no longer take a long time, this is genuine, but i might no longer fight now for a quick time body,” Merkel stated, in contrast with the greater urgent call by way of the overseas ministers of Germany, France, Italy, the Netherlands, Belgium and Luxembourg, who have been meeting to the north of the German capital.

They pressed for Britain to cause the technique for exiting the bloc after Britons voted by 5248 percentage to exit the eu, which it joined extra than forty years ago.

“We now expect the United Kingdom government to offer readability and provide impact to this choice as quickly as feasible,” they stated in a joint assertion.

The president of the european Parliament, Martin Schulz, also piled pressure on Britain, calling for it to cause the leave process at a summit of ecu leaders next Tuesday.

“We count on the British government to supply now,” Schulz informed Germany’s Bild am Sonntag newspaper. “The summit on Tuesday is the precise moment to achieve this.”
U.N. Secretary preferred Ban Ki-moon, who met with French President Francois Hollande in Paris on Saturday, called for “pragmatic negotiations” as soon as Article 50 is invoked.

“My message is obvious: when we work together we are stronger. i’m hoping the British human beings may be in a position to triumph over the challenges that await them,” France’s journal du Dimanche quoted Ban as announcing in an interview.

european officers stated there was no real trouble if it took a few months to begin the system for Britain to go away, although waiting till the end of the 12 months may want to get in the manner of the subsequent spherical of ecu price range talks and eu election campaigning.

The officers stated they were worried that British high Minister David Cameron, who resigned on Friday, could give up to a person with a method to tug out the united states‘s departure.

Matthew Elliott, leader govt of the Vote go away campaign, said Britain need to start casual negotiations on a complete settlement governing its put up-Brexit courting with the eu before invoking Article 50 of the Lisbon Treaty.

FRENCH stress

France additionally pressed for a quick begin to the exit manner, with foreign Minister Jean-Marc Ayrault pronouncing negotiations have to pass fast and that the remaining european member states additionally needed to supply clean impetus to the eu challenge.

“We must provide a new feel to Europe, in any other case populism will fill the space,” he said, including that the ecu couldn’t anticipate Cameron to depart in October before the exit method starts offevolved.

Ayrault said different european leaders would positionedlots of pressure” on Cameron at Tuesday’s summit to act quick.
A spokesman for the ecu Council, which runs meetings of ecu participants‘ leaders, said that Britain ought to trigger Article 50, placing a year closing date for a deal, by using making a proper declaration to such a assembly instead of through sending a diplomatic letter to its chairman.

Hollande said the separation “could be painful for Britain however … as in all divorces, it is going to be painful for individuals who stay at the back of, too”.

France and Germany have drafted a tenpage paper mapping out 3 areas of immediately subject for the last european participants: safety, migration and refugees, and jobs and increase which diplomatic resources say they need to apply as a basis to shore up the eu, at the same time as constructing a more bendy union.

global stock markets plunged on Friday, and sterling noticed its biggest one-day drop in more than 30 years, while scores employer Moody’s downgraded Britain’s credit score outlook.

The six foreign ministers said the european turned into droppingno longer just a member state but history, lifestyle and enjoy“.

Luxembourg overseas Minister Jean Asselborn informed Reuters: “I agree with you can wreck the eu Union with referenda. We have to speak higher what the european has performed, and we ought to work tougher on problems which include migration where we have failed.”

each Ayrault and Asselborn warned Britain not to play video games by way of drawing out the go out technique.

it’s in Britain’s hobby and within the hobby of Europeans no longer to have a period of uncertainty that might have economic effects, and that might have financial and political consequences,” he told a information convention after the assembly.

System predicts 85 percent of cyber-attacks using input from human experts

System predicts 85 percent of cyber-attacks using input from human experts

Today’s security systems usually fall into one of two categories: human or machine. So-called “analyst-driven solutions” rely on rules created by living experts and therefore miss any attacks that don’t match the rules. Meanwhile, today’s machine-learning approaches rely on “anomaly detection,” which tends to trigger false positives that both create distrust of the system and end up having to be investigated by humans, anyway.

But what if there were a solution that could merge those two worlds? What would it look like?

In a new paper, researchers from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) and the machine-learning startup PatternEx demonstrate an artificial intelligence platform called AI2 that predicts cyber-attacks significantly better than existing systems by continuously incorporating input from human experts. (The name comes from merging artificial intelligence with what the researchers call “analyst intuition.”)

The team showed that AI2 can detect 85 percent of attacks, which is roughly three times better than previous benchmarks, while also reducing the number of false positives by a factor of 5. The system was tested on 3.6 billion pieces of data known as “log lines,” which were generated by millions of users over a period of three months.

To predict attacks, AI2 combs through data and detects suspicious activity by clustering the data into meaningful patterns using unsupervised machine-learning. It then presents this activity to human analysts who confirm which events are actual attacks, and incorporates that feedback into its models for the next set of data.

“You can think about the system as a virtual analyst,” says CSAIL research scientist Kalyan Veeramachaneni, who developed AI2 with Ignacio Arnaldo, a chief data scientist at PatternEx and a former CSAIL postdoc. “It continuously generates new models that it can refine in as little as a few hours, meaning it can improve its detection rates significantly and rapidly.”

Veeramachaneni presented a paper about the system at last week’s IEEE International Conference on Big Data Security in New York City.

Creating cybersecurity systems that merge human- and computer-based approaches is tricky, partly because of the challenge of manually labeling cybersecurity data for the algorithms.

For example, let’s say you want to develop a computer-vision algorithm that can identify objects with high accuracy. Labeling data for that is simple: Just enlist a few human volunteers to label photos as either “objects” or “non-objects,” and feed that data into the algorithm.

But for a cybersecurity task, the average person on a crowdsourcing site like Amazon Mechanical Turk simply doesn’t have the skillset to apply labels like “DDOS” or “exfiltration attacks,” says Veeramachaneni. “You need security experts.”

That opens up another problem: Experts are busy, and they can’t spend all day reviewing reams of data that have been flagged as suspicious. Companies have been known to give up on platforms that are too much work, so an effective machine-learning system has to be able to improve itself without overwhelming its human overlords.

AI2’s secret weapon is that it fuses together three different unsupervised-learning methods, and then shows the top events to analysts for them to label. It then builds a supervised model that it can constantly refine through what the team calls a “continuous active learning system.”

Specifically, on day one of its training, AI2 picks the 200 most abnormal events and gives them to the expert. As it improves over time, it identifies more and more of the events as actual attacks, meaning that in a matter of days the analyst may only be looking at 30 or 40 events a day.

“This paper brings together the strengths of analyst intuition and machine learning, and ultimately drives down both false positives and false negatives,” says Nitesh Chawla, the Frank M. Freimann Professor of Computer Science at the University of Notre Dame. “This research has the potential to become a line of defense against attacks such as fraud, service abuse and account takeover, which are major challenges faced by consumer-facing systems.”

The team says that AI2 can scale to billions of log lines per day, transforming the pieces of data on a minute-by-minute basis into different “features”, or discrete types of behavior that are eventually deemed “normal” or “abnormal.”

“The more attacks the system detects, the more analyst feedback it receives, which, in turn, improves the accuracy of future predictions,” Veeramachaneni says. “That human-machine interaction creates a beautiful, cascading effect.”
[Source:- Phys.org]