Security and Privacy in Computer Systems

Security and Privacy in Computer Systems is a paper by Willis Ware that was first presented to the public at the 1967 Spring Joint Computer Conference. == Significance == Ware's presentation was the first public conference session about information security and privacy in respect of computer systems, especially networked or remotely-accessed ones. The IEEE Annals of the History of Computing said that Ware's 1967 Spring Joint Computer Conference session, together with 1970's Ware report, marked the start of the field of computer security.

Highway network

In machine learning, the Highway Network was the first working very deep feedforward neural network with hundreds of layers, much deeper than previous neural networks. It uses skip connections modulated by learned gating mechanisms to regulate information flow, inspired by long short-term memory (LSTM) recurrent neural networks. The advantage of the Highway Network over other deep learning architectures is its ability to overcome or partially prevent the vanishing gradient problem, thus improving its optimization. Gating mechanisms are used to facilitate information flow across the many layers ("information highways"). Highway Networks have found use in text sequence labeling and speech recognition tasks. In 2014, the state of the art was training deep neural networks with 20 to 30 layers. Stacking too many layers led to a steep reduction in training accuracy, known as the "degradation" problem. In 2015, two techniques were developed to train such networks: the Highway Network (published in May), and the residual neural network, or ResNet (December). ResNet behaves like an open-gated Highway Net. == Model == The model has two gates in addition to the H ( W H , x ) {\displaystyle H(W_{H},x)} gate: the transform gate T ( W T , x ) {\displaystyle T(W_{T},x)} and the carry gate C ( W C , x ) {\displaystyle C(W_{C},x)} . The latter two gates are non-linear transfer functions (specifically sigmoid by convention). The function H {\displaystyle H} can be any desired transfer function. The carry gate is defined as: C ( W C , x ) = 1 − T ( W T , x ) {\displaystyle C(W_{C},x)=1-T(W_{T},x)} while the transform gate is just a gate with a sigmoid transfer function. == Structure == The structure of a hidden layer in the Highway Network follows the equation: y = H ( x , W H ) ⋅ T ( x , W T ) + x ⋅ C ( x , W C ) = H ( x , W H ) ⋅ T ( x , W T ) + x ⋅ ( 1 − T ( x , W T ) ) {\displaystyle {\begin{aligned}y=H(x,W_{H})\cdot T(x,W_{T})+x\cdot C(x,W_{C})\\=H(x,W_{H})\cdot T(x,W_{T})+x\cdot (1-T(x,W_{T}))\end{aligned}}} == Related work == Sepp Hochreiter analyzed the vanishing gradient problem in 1991 and attributed to it the reason why deep learning did not work well. To overcome this problem, Long Short-Term Memory (LSTM) recurrent neural networks have residual connections with a weight of 1.0 in every LSTM cell (called the constant error carrousel) to compute y t + 1 = F ( x t ) + x t {\textstyle y_{t+1}=F(x_{t})+x_{t}} . During backpropagation through time, this becomes the residual formula y = F ( x ) + x {\textstyle y=F(x)+x} for feedforward neural networks. This enables training very deep recurrent neural networks with a very long time span t. A later LSTM version published in 2000 modulates the identity LSTM connections by so-called "forget gates" such that their weights are not fixed to 1.0 but can be learned. In experiments, the forget gates were initialized with positive bias weights, thus being opened, addressing the vanishing gradient problem. As long as the forget gates of the 2000 LSTM are open, it behaves like the 1997 LSTM. The Highway Network of May 2015 applies these principles to feedforward neural networks. It was reported to be "the first very deep feedforward network with hundreds of layers". It is like a 2000 LSTM with forget gates unfolded in time, while the later Residual Nets have no equivalent of forget gates and are like the unfolded original 1997 LSTM. If the skip connections in Highway Networks are "without gates," or if their gates are kept open (activation 1.0), they become Residual Networks. The residual connection is a special case of the "short-cut connection" or "skip connection" by Rosenblatt (1961) and Lang & Witbrock (1988) which has the form x ↦ F ( x ) + A x {\displaystyle x\mapsto F(x)+Ax} . Here the randomly initialized weight matrix A does not have to be the identity mapping. Every residual connection is a skip connection, but almost all skip connections are not residual connections. The original Highway Network paper not only introduced the basic principle for very deep feedforward networks, but also included experimental results with 20, 50, and 100 layers networks, and mentioned ongoing experiments with up to 900 layers. Networks with 50 or 100 layers had lower training error than their plain network counterparts, but no lower training error than their 20 layers counterpart (on the MNIST dataset, Figure 1 in ). No improvement on test accuracy was reported with networks deeper than 19 layers (on the CIFAR-10 dataset; Table 1 in ). The ResNet paper, however, provided strong experimental evidence of the benefits of going deeper than 20 layers. It argued that the identity mapping without modulation is crucial and mentioned that modulation in the skip connection can still lead to vanishing signals in forward and backward propagation (Section 3 in ). This is also why the forget gates of the 2000 LSTM were initially opened through positive bias weights: as long as the gates are open, it behaves like the 1997 LSTM. Similarly, a Highway Net whose gates are opened through strongly positive bias weights behaves like a ResNet. The skip connections used in modern neural networks (e.g., Transformers) are dominantly identity mappings.

Microsoft Support Diagnostic Tool

The Microsoft Support Diagnostic Tool (MSDT) is a legacy service in Microsoft Windows that allows Microsoft technical support agents to analyze diagnostic data remotely for troubleshooting purposes. In April 2022 it was observed to have a security vulnerability that allowed remote code execution which was being exploited to attack computers in Russia and Belarus, and later against the Tibetan government in exile. Microsoft advised a temporary workaround of disabling the MSDT by editing the Windows registry. == Use == When contacting support the user is told to run MSDT and given a unique "passkey" which they enter. They are also given an "incident number" to uniquely identify their case. The MSDT can also be run offline which will generate a .CAB file which can be uploaded from a computer with an internet connection. == Security vulnerabilities == === Follina === Follina is the name given to a remote code execution (RCE) vulnerability, a type of arbitrary code execution (ACE) exploit, in the Microsoft Support Diagnostic Tool (MSDT) which was first widely publicized on May 27, 2022, by a security research group called Nao Sec. This exploit allows a remote attacker to use a Microsoft Office document template to execute code via MSDT. This works by exploiting the ability of Microsoft Office document templates to download additional content from a remote server. If the size of the downloaded content is large enough it causes a buffer overflow allowing a payload of Powershell code to be executed without explicit notification to the user. On May 30 Microsoft issued CVE-2022-30190 with guidance that users should disable MSDT. Malicious actors have been observed exploiting the bug to attack computers in Russia and Belarus since April, and it is believed Chinese state actors had been exploiting it to attack the Tibetan government in exile based in India. Microsoft patched this vulnerability in its June 2022 patches. === DogWalk === The DogWalk vulnerability is a remote code execution (RCE) vulnerability in the Microsoft Support Diagnostic Tool (MSDT). It was first reported in January 2020, but Microsoft initially did not consider it to be a security issue. However, the vulnerability was later exploited in the wild, and Microsoft released a patch for it in August 2022. The vulnerability is caused by a path traversal vulnerability in the sdiageng.dll library. This vulnerability allows an attacker to trick a victim into opening a malicious diagcab file, which is a type of Windows cabinet file that is used to store support files. When the diagcab file is opened, it triggers the MSDT tool, which then executes the malicious code. Originally discovered by Mitja Kolsek, the DogWalk vulnerability is caused by a path traversal vulnerability in the sdiageng.dll library. This vulnerability allows an attacker to trick a victim into opening a malicious diagcab file, which is a type of Windows cabinet file that is used to store support files. When the diagcab file is opened, it triggers the MSDT tool, which then executes the malicious code. The vulnerability is exploited by creating a malicious diagcab file that contains a specially crafted path. This path contains a sequence of characters that is designed to exploit the path traversal vulnerability in the sdiageng.dll library. When the diagcab file is opened, the MSDT tool will attempt to follow the path. However, the path will contain characters that are not valid for a Windows path. This will cause the MSDT tool to crash. When the MSDT tool crashes, it will generate a memory dump. This memory dump will contain the malicious code that was executed by the MSDT tool. The attacker can then use this memory dump to extract the malicious code and execute it on their own computer. == Retirement == Microsoft will no longer be supporting the Windows legacy inbox Troubleshooters. In 2025, Microsoft will remove the MSDT platform entirely. Get Help is the replacement tool. == Windows versions == Windows 7 Windows 8.1 Windows 10 Windows 11 (up to 22H2) Future versions and feature upgrades will deprecate the MSDT after May 23, 2023.

Frame grabber

A frame grabber is an electronic device that captures (i.e., "grabs") individual, digital still frames from an analog video signal or a digital video stream. It is usually employed as a component of a computer vision system, in which video frames are captured in digital form and then displayed, stored, transmitted, analyzed, or combinations of these. Historically, frame grabber expansion cards were the predominant way to interface cameras to PCs. Other interface methods have emerged since then, with frame grabbers (and in some cases, cameras with built-in frame grabbers) connecting to computers via interfaces such as USB, Ethernet and IEEE 1394 ("FireWire"). Early frame grabbers typically had only enough memory to store a single digitized video frame, whereas many modern frame grabbers can store multiple frames. Modern frame grabbers often are able to perform functions beyond capturing a single video input. For example, some devices capture audio in addition to video, and some devices provide, and concurrently capture frames from multiple video inputs. Other operations may be performed as well, such as deinterlacing, text or graphics overlay, image transformations (e.g., resizing, rotation, mirroring), and conversion to JPEG or other compressed image formats. To satisfy the technological demands of applications such as radar acquisition, manufacturing and remote guidance, some frame grabbers can capture images at high frame rates, high resolutions, or both. == Circuitry == Analog frame grabbers, which accept and process analog video signals, include these circuits: Input signal conditioner that buffers the analog video input signal to protect downstream circuitry Video decoder that converts SD analog video (e.g., NTSC, SECAM, PAL) or HD analog video (e.g., AHD, HD-TVI, HD-CVI) to a digital format Digital frame grabbers, which accept and process digital video streams, include these circuits: Digital video decoder that interfaces to and converts a specific type of digital video source, such as Camera Link, CoaXPress, DVI, GigE Vision, LVDS, or SDI Circuitry common to both analog and digital frame grabbers: Memory for storing the acquired image (i.e., a frame buffer) A bus interface through which a processor can control the acquisition and access the data General purpose I/O for triggering image acquisition or controlling external equipment == Applications == === Healthcare === Frame grabbers are used in medicine for many applications, including telenursing and remote guidance. In situations where an expert at another location needs to be consulted, frame grabbers capture the image or video from the appropriate medical equipment, so it can be sent digitally to the distant expert. === Manufacturing === "Pick and place" machines are often used to mount electronic components on circuit boards during the circuit board assembly process. Such machines use one or more cameras to monitor the robotics that places the components. Each camera is paired with a frame grabber that digitizes the analog video, thus converting the video to a form that can be processed by the machine software. === Network security === Frame grabbers may be used in security applications. For example, when a potential breach of security is detected, a frame grabber captures an image or a sequence of images, and then the images are transmitted across a digital network where they are recorded and viewed by security personnel. === Personal use === In recent years with the rise of personal video recorders like camcorders, mobile phones, etc. video and photo applications have gained ascending prominence. Frame grabbing is becoming very popular on these devices. === Astronomy & astrophotography === Amateur astronomers and astrophotographers use frame grabbers when using analog "low light" cameras for live image display and internet video broadcasting of celestial objects. Frame grabbers are essential to connect the analog cameras used in this application to the computers that store or process the images.

Altibase

Altibase is a hybrid database, relational database management system manufactured by the Altibase Corporation. The software's hybrid architecture allows it to access both memory-resident and disk-resident tables using single interface. It supports both synchronous and asynchronous replication and offers real-time ACID compliance. Support is also offered for a variety of SQL standards and programming languages. Other important capabilities include data import and export, data encryption for security, multiple data access command sets, materialized view and temporary tables, and others. == History == From 1991 through 1997 the Mr. RT project was an in-memory database research project, conducted by the Electronics and Telecommunications Research Institute a government-funded research organization in South Korea. Altibase was incorporated in 1999. Altibase acquired an in-memory database engine from the Electronics and Telecommunications Research Institute in February 2000, and commercialized the database in October of the same year. In 2001, Altibase changed the name of the in-memory database product from "Spiner" to "Altibase" in 2001. In 2004, Altibase integrated the in-memory database with a disk-resident database to create a hybrid DBMS, released version 4.0 and renamed it as ALTIBASE HDB. Altibase released version 5.5.1 and 6.1.1 in 2012, version 6.3.1 in November 2013, and 6.5.1 in May 2015. Altibase claims that this is the world's first hybrid DBMS. Altibase released its open source edition version 7.1, however, closed the source in 2023. In August 2023, Altibase released its cloud-optimized version 7.3. === Awards === In 2006, Received the Presidential Award at the Korea Software Awards In 2007, Selected as World-Class Product by the Ministry of Commerce, Industry and Energy In 2009, Awarded the Outstanding Product Award in China's Telecommunications Industry In 2009, Received Outstanding Product Award at the China Billing China 2009 Telecommunication Industry Awards In 2010, Commendation from the Minister of Knowledge Economy for Technological Practicalization In 2011, Received the Grand Prize at the 10th Software Enterprise Competitiveness Award In 2011, Selected as Top 10 Emerging Technologies and received Special Award at the Korea Technology Grand Prize In 2012, Awarded for Contributions to Military Manpower Administration In 2014~2016, Included in Gartner Magic Quadrant for Operational DBMS In 2015, Selected as Outstanding BSS by China Fujian Mobile. In 2023, Awarded as the Excellent Research and Development Institution by the Korean Ministry Science and ICT In 2023, Won the Global Premium Commercial Software Presidential Award at the 9th Global Commercial Software Grand Exhibition in Korea === Release === The first version, called Spiner, was released in 2000 for commercial use. It took half of the in-memory DBMS market share in South Korea. In 2002 the second version was released renamed to Altibase v2.0. By 2003, Altibase v3.0 was released and it entered the Chinese market. Released version 4.0 with hybrid architecture, combining RAM and disk databases, was released in 2004. In 2005 Altibase began working with Chinese telecommunications providers for billing systems, and some financial companies in Taiwan, China, for home trading systems. The software was certified by the Telecommunications Technology Association. The Ministry of Government Administration and Home Affairs gave it an award in 2006. Offices in China and United States opened in 2009. In 2011, version 5.5.1 was renamed it to HDB (for "hybrid database"). The Altibase Data Stream product for complex event processing was renamed DSM. The product received a Korean technology award. Altibase introduced certification services. In 2012, HDB Zeta and Extreme were announced, and DSM renamed to CEP. In 2013, yet another variant called XDB was announced, and the company received ISO/IEC 20000 certification. In 2018, Altibase went open source. Altibase went open source in February, 2018. Altibase Corp has made the decision to discontinue the Altibase 7.1 open source edition, effective March 17, 2023. As a result, the open-source edition of Altibase 7.1 will no longer be available for download or use. Altibase released version 7.3 in September, 2023, its notable feature is the world’s first hybrid partition, allowing data to be stored in both memory and on disk at the partition level. Version 7.3 also added parallel processing capabilities for high-speed performance in both partitioned and non-partitioned scenarios. Improving potential bottlenecks associated with Commit and logging that impact transaction performance, version 7.3 has achieved an approximately 490% enhancement in performance compared to previous versions. === Release history === == Clients == According to marketing research, Altibase have over 700 customers and more than 8,000 of installations and deployments, including 22 Fortune Global 500 Companies. Altibase's clients in the telecommunications, financial services, manufacturing, and utilities sectors include Bloomberg, AT&T, LG, Intel, LGU+, ETRADE, HP, UAT Inc., POSCO, SK Telecom, KT Corporation, Samsung Electronics, Shinhan Bank, Woori Bank, Canon(Toshiba), Hanhwa, The South Korean Ministry of Defense, G-Market, CJ, and Chung-Ang University. === Global clients === Japan FX Prime, a foreign exchange services company Retela Crea Securities United States AT&T Implemented Altibase for its PS-LTE Safety network, where the Presence service plays a vital role. This service handles the reception and storage of user information, conducting real-time checks for online presence and location as needed. Canada Telus One of the major telecommunication companies. Utilizes Altibase for its operations involving real-time user management, processing high volumes of dedicated terminal data, and managing real-time location information (GIS) for terminals. Altibase contributes to the company's in-house solution for maintaining uninterrupted services during national disasters or similar situations, ensuring efficiency and reliability. China China Mobile, China Unicom, China Telecom The three major telecommunications companies. Utilize ALTIBASE HDB in 29 of 31 Chinese provinces. Turkish Ziraat Bank, Halk Bank, Deniz Bank, Garanti BBVA, TEB, Oyak Bank, QNB, Burgan Bank, and others. In 2018, Altibase entered the market through a partnership with ATP-Tradesoft, a subsidiary of Ata Holdings. Collaborating with ATP-Tradesoft. Altibase integrated into the Online Trading System XFront. This integration was well-received by major financial institutions and securities firms in Turkey. Altibase is currently implemented in the XFront Online Trading System, used by 13 significant financial institutions and banks in the Turkey. Thailand Bualuang Securities Altibase has been supplied its DBMS to support the construction of the online stock trading platform. Mongolia MobiCom The Mongolian telecommunication giant, has adopted Altibase’s 7.0 version for its mobile platform for storing the infrequently used data. Azerbaijan M1 highway Altibase has been supplied as the Database Management System (DBMS) for the electronic toll collection system. One of the most crucial transportation networks in the country. India State-owned Karur Vysya Bank In 2013, Altibase provided its hybrid database solution and was deployed for the online banking system === Industries === Telecommunications LGU+ SK Telecom KT Corporation AT&T Telus Financial services Shinhan Bank Woori Bank KakaoPay Securities Implemented Altibase in its stock trading system Leveraging Altibase's replication feature, along with offline replication through shared disk and adapter functionality, the system ensures a high level of availability and consistency, with a reliability rate of 99.999% even in the event of system failures. COREDAX Cryptocurrency market Altibase has entered into a strategic partnership by signing a database management system (DBMS) supply contract with the cryptocurrency exchange Bloomberg ETRADE Manufacturing Samsung Electronics LG POSCO Hanhwa Canon(Toshiba) Intel HP Utilities South Korean Ministry of Defense G-Market CJ UAT Inc. Chung-Ang University == Features == Altibase is a so-called "hybrid DBMS", meaning that it simultaneously supports access to both memory-resident and disk-resident tables via a single interface. It is compatible with Solaris, HP-UX, AIX, Linux, and Windows. It supports the complete SQL standard, features Multiversion concurrency control (MVCC), implements Fuzzy and Ping-Pong Checkpointing for periodically backing up memory-resident data, and ships with Replication and Database Link functionality. High performance, large -capacity service Fast real-time data processing and large amounts of data stable Provide parallel processing architecture for large data management Developed and provided Hybrid Partitioned Table function for efficiency according to data personality High stability

Knowledge graph embedding

In representation learning, knowledge graph embedding (KGE), also called knowledge representation learning (KRL), or multi-relation learning, is a machine learning task of learning a low-dimensional representation of a knowledge graph's entities and relations while preserving their semantic meaning. Leveraging their embedded representation, knowledge graphs can be used for various applications such as link prediction, triple classification, entity recognition, clustering, and relation extraction. == Definition == A knowledge graph G = { E , R , F } {\displaystyle {\mathcal {G}}=\{E,R,F\}} is a collection of entities E {\displaystyle E} , relations R {\displaystyle R} , and facts F {\displaystyle F} . A fact is a triple ( h , r , t ) ∈ F {\displaystyle (h,r,t)\in F} that denotes a link r ∈ R {\displaystyle r\in R} between the head h ∈ E {\displaystyle h\in E} and the tail t ∈ E {\displaystyle t\in E} of the triple. Another notation that is often used in the literature to represent a triple (or fact) is ⟨ head , relation , tail ⟩ {\displaystyle \langle {\text{head}},{\text{relation}},{\text{tail}}\rangle } . This notation is called the Resource Description Framework (RDF). A knowledge graph represents the knowledge related to a specific domain; leveraging this structured representation, it is possible to infer a piece of new knowledge from it after some refinement steps. However, nowadays, people have to deal with the sparsity of data and the computational inefficiency to use them in a real-world application. The embedding of a knowledge graph is a function that translates each entity and each relation into a vector of a given dimension d {\displaystyle d} , called embedding dimension. It is even possible to embed the entities and relations with different dimensions. The embedding vectors can then be used for other tasks. A knowledge graph embedding is characterized by four aspects: Representation space: The low-dimensional space in which the entities and relations are represented. Scoring function: A measure of the goodness of a triple-embedded representation. Encoding models: The modality in which the embedded representation of the entities and relations interact with each other. Additional information: Any additional information coming from the knowledge graph that can enrich the embedded representation. Usually, an ad hoc scoring function is integrated into the general scoring function for each additional piece of information. == Embedding procedure == All algorithms for creating a knowledge graph embedding follow the same approach. First, the embedding vectors are initialized to random values. Then, they are iteratively optimized using a training set of triples. In each iteration, a batch of size b {\displaystyle b} triples is sampled from the training set, and a triple from it is sampled and corrupted—i.e., a triple that does not represent a true fact in the knowledge graph. The corruption of a triple involves substituting the head or the tail (or both) of the triple with another entity that makes the fact false. The original triple and the corrupted triple are added in the training batch, and then the embeddings are updated, optimizing a scoring function. Iteration stops when a stop condition is reached. Usually, the stop condition depends on the overfitting of the training set. At the end, the learned embeddings should have extracted semantic meaning from the training triples and should correctly predict unseen true facts in the knowledge graph. === Pseudocode === The following is the pseudocode for the general embedding procedure. algorithm Compute entity and relation embeddings input: The training set S = { ( h , r , t ) } {\displaystyle S=\{(h,r,t)\}} , entity set E {\displaystyle E} , relation set R {\displaystyle R} , embedding dimension k {\displaystyle k} output: Entity and relation embeddings initialization: the entities e {\displaystyle e} and relations r {\displaystyle r} embeddings (vectors) are randomly initialized while stop condition do S b a t c h ← s a m p l e ( S , b ) {\displaystyle S_{batch}\leftarrow sample(S,b)} // Sample a batch from the training set for each ( h , r , t ) {\displaystyle (h,r,t)} in S b a t c h {\displaystyle S_{batch}} do ( h ′ , r , t ′ ) ← s a m p l e ( S ′ ) {\displaystyle (h',r,t')\leftarrow sample(S')} // Sample a corrupted fact T b a t c h ← T b a t c h ∪ { ( ( h , r , t ) , ( h ′ , r , t ′ ) ) } {\displaystyle T_{batch}\leftarrow T_{batch}\cup \{((h,r,t),(h',r,t'))\}} end for Update embeddings by minimizing the loss function end while == Performance indicators == These indexes are often used to measure the embedding quality of a model. The simplicity of the indexes makes them very suitable for evaluating the performance of an embedding algorithm even on a large scale. Given Q {\displaystyle {\ce {Q}}} as the set of all ranked predictions of a model, it is possible to define three different performance indexes: Hits@K, MR, and MRR. === Hits@K === Hits@K or in short, H@K, is a performance index that measures the probability to find the correct prediction in the first top K model predictions. Usually, it is used k = 10 {\displaystyle k=10} . Hits@K reflects the accuracy of an embedding model to predict the relation between two given triples correctly. Hits@K = | { q ∈ Q : q < k } | | Q | ∈ [ 0 , 1 ] {\displaystyle ={\frac {|\{q\in Q:q

NRD Cyber Security

NRD Cyber Security is a Lithuanian company that provides cybersecurity solutions, consulting, and other services. The organization specializes in CSIRT and SOC creation, modernization and training. It has helped to establish national and sectorial CSIRTs around the world, including countries, such as Bangladesh, Egypt, Bhutan, Kosovo, Malawi and others. NRD Cyber Security was found in 2013 to provide quality cybersecurity services to nations and organizations. In 2018 it was included in The Deloitte Technology Fast 50 in Europe list. In 2024 it was awarded the #98 place in MSSP Alert Top 250 world's managed security service providers. The company is a member of various cybersecurity organizations, such as Forum of Incident Response and Security Teams (FIRST), The Global Forum on Cyber Expertise (GFCE), Unicrons Lt. It is a strategic partner of The Global Cyber Security Capacity Centre (GCSCC) at University of Oxford.