Suchergebnisse

AbstractMalware constitutes a major global risk affecting millions of users each year. Standard algorithms in detection systems perform insufficiently when dealing with malware passed through obfuscation tools. We illustrate this studying in detail an open source metamorphic software, making use of a hybrid framework to obtain the relevant features from binaries. We then provide an improved alternative solution based on adversarial risk analysis which we illustrate describe with an example.

AbstractMany important problems in Operations Research and Statistics require the computation of nondominated (or Pareto or efficient) sets. This task may be currently undertaken efficiently for discrete sets of alternatives or for continuous sets under special and fairly tight structural conditions. Under more general continuous settings, parametric characterisations of the nondominated set, for example through convex combinations of the objective functions or ε‐constrained problems, or discretizations‐based approaches, pose several problems. In this paper, the lack of a general approach to approximate the nondominated set in continuous multiobjective problems is addressed. Our simulation‐based procedure only requires to sample from the set of alternatives and check whether an alternative dominates another. Stopping rules, efficient sampling schemes, and procedures to check for dominance are proposed. A continuous approximation to the nondominated set is obtained by fitting a surface through the points of a discrete approximation, using a local (robust) regression method. Other actions like clustering and projecting points onto the frontier are required in nonconvex feasible regions and nonconnected Pareto sets. In a sense, our method may be seen as an evolutionary algorithm with a variable population size. © 2005 Wiley Periodicals, Inc. Naval Research Logistics, 2005.

We provide an adversarial risk analysis framework for batch acceptance problems in which a decision maker relies exclusively on the size of the batch to accept or reject its admission to a system, albeit being aware of the presence of an opponent. The adversary acts as a data-fiddler attacker perturbing the observations perceived by the decision maker through injecting faulty items and/or modifying the existing items to faulty ones. We develop optimal policies against this combined attack strategy and illustrate the methodology with a review spam example.