Do Céu aos Genes: transições epistêmicas, anomalias cosmológicas e suas inquietações éticas: uma interlocução foucaultiana / From Heaven to Genes: epistemic transitions, cosmological anomalies and their ethical concerns: Foucault\'s dialogue

Carvalho, Alexey Dodsworth Magnavita de

19 September 2013

A presente pesquisa aborda o problema das descontinuidades históricas que deram lugar às mudanças epistêmicas ao longo dos séculos. As rupturas cosmológicas são apresentadas como os elementos de erosão epistêmica referidos por Foucault, e apontadas como o gatilho de desencadeamento do conceito de anomalia. Das anomalias celestiais aos indivíduos anormais, questões éticas são evocadas como inquietações que antecedem o que Foucault descreve como a morte do homem. / This research deals with the problem of historical discontinuities that have given rise to epistemic changes through the centuries. Cosmological ruptures are presented as the \"elements of epistemic erosion\" mentioned by Foucault, and identified as unleashing triggers of the anomaly concept. From heavenly anomalies to abnormal individuals, ethical issues are raised as concerns that preced what Foucault describes as the death of man.

Abnormal

Anomalia

Anomaly

Anormal

Cosmologia

Cosmology

Epistemologia

Epistemology

Ethics

Ética

Anomaly detection via high-dimensional data analysis on web access data.

January 2009

Suen, Ho Yan. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2009. / Includes bibliographical references (leaves 99-104). / Abstract also in Chinese. / Abstract --- p.i / Acknowledgement --- p.iv / Chapter 1 --- Introduction --- p.1 / Chapter 1.1 --- Motivation --- p.1 / Chapter 1.2 --- Organization --- p.4 / Chapter 2 --- Literature Review --- p.6 / Chapter 2.1 --- Related Works --- p.6 / Chapter 2.2 --- Background Study --- p.7 / Chapter 2.2.1 --- World Wide Web --- p.7 / Chapter 2.2.2 --- Distributed Denial of Service Attack --- p.11 / Chapter 2.2.3 --- Tools for Dimension Reduction --- p.13 / Chapter 2.2.4 --- Tools for Anomaly Detection --- p.20 / Chapter 2.2.5 --- Receiver operating characteristics (ROC) Analysis --- p.22 / Chapter 3 --- System Design --- p.25 / Chapter 3.1 --- Methodology --- p.25 / Chapter 3.2 --- System Overview --- p.27 / Chapter 3.3 --- Reference Profile Construction --- p.31 / Chapter 3.4 --- Real-time Anomaly Detection and Response --- p.32 / Chapter 3.5 --- Chapter Summary --- p.34 / Chapter 4 --- Reference Profile Construction --- p.35 / Chapter 4.1 --- Web Access Logs Collection --- p.35 / Chapter 4.2 --- Data Preparation --- p.37 / Chapter 4.3 --- Feature Extraction and Embedding Engine (FEE Engine) --- p.40 / Chapter 4.3.1 --- Sub-Sequence Extraction --- p.42 / Chapter 4.3.2 --- Hash Function on Sub-sequences (optional) --- p.45 / Chapter 4.3.3 --- Feature Vector Construction --- p.46 / Chapter 4.3.4 --- Diffusion Wavelets Embedding --- p.47 / Chapter 4.3.5 --- Numerical Example of Feature Set Reduction --- p.49 / Chapter 4.3.6 --- Reference Profile and Further Use of FEE Engine --- p.50 / Chapter 4.4 --- Chapter Summary --- p.50 / Chapter 5 --- Real-time Anomaly Detection and Response --- p.52 / Chapter 5.1 --- Session Filtering and Data Preparation --- p.54 / Chapter 5.2 --- Feature Extraction and Embedding --- p.54 / Chapter 5.3 --- Distance-based Outlier Scores Calculation --- p.55 / Chapter 5.4 --- Anomaly Detection and Response --- p.56 / Chapter 5.4.1 --- Length-Based Anomaly Detection Modules --- p.56 / Chapter 5.4.2 --- Characteristics of Anomaly Detection Modules --- p.59 / Chapter 5.4.3 --- Dynamic Threshold Adaptation --- p.60 / Chapter 5.5 --- Chapter Summary --- p.63 / Chapter 6 --- Experimental Results --- p.65 / Chapter 6.1 --- Experiment Datasets --- p.65 / Chapter 6.1.1 --- Normal Web Access Logs --- p.66 / Chapter 6.1.2 --- Attack Data Generation --- p.68 / Chapter 6.2 --- ROC Curve Construction --- p.70 / Chapter 6.3 --- System Parameters Selection --- p.71 / Chapter 6.4 --- Performance of Anomaly Detection --- p.82 / Chapter 6.4.1 --- Performance Analysis --- p.85 / Chapter 6.4.2 --- Performance in defending DDoS attacks --- p.87 / Chapter 6.5 --- Computation Requirement --- p.91 / Chapter 6.6 --- Chapter Summary --- p.95 / Chapter 7 --- Conclusion and Future Work --- p.96 / Bibliography --- p.99

Anomaly detection (Computer security)

Denial of service attacks

Internet searching--Mathematics

Space Vehicle Testing

Belsick, Charlotte Ann

01 December 2012

Requirement verification and validation is a critical component of building and delivering space vehicles with testing as the preferred method. This Master’s Project presents the space vehicle test process from planning through test design and execution. It starts with an overview of the requirements, validation, and verification. The four different verification methods are explained including examples as to what can go wrong if the verification is done incorrectly. Since the focus of this project is on test, test verification is emphasized. The philosophy behind testing, including the “why” and the methods, is presented. The different levels of testing, the test objectives, and the typical tests are discussed in detail. Descriptions of the different types of tests are provided including configurations and test challenges. While most individuals focus on hardware only, software is an integral part of any space product. As such, software testing, including mistakes and examples, is also presented. Since testing is often not performed flawlessly the first time, sections on anomalies, including determining root cause, corrective action, and retest is included. A brief discussion of defect detection in test is presented. The project is actually presented in total in the Appendix as a Power Point document.

test

verification

software

hardware

anomaly

Les anomalies fortes et électromagnétiques dans les désintégrations faibles des mésons

Trine, Stéphanie

06 December 2004

Les effets des opérateurs liés aux anomalies axiale et de trace de QCD et de QED dans les désintégrations faibles des mésons sont analysés dans deux régimes extrêmes: tout d'abord lorsque les densités anomales de gluons et de photons sont générées à courte distance par une boucle de quark lourd, ensuite lorsqu'elles sont générées à longue distance par des corrections fortes associées aux quarks légers u, d et s. A courte distance, l'ensemble des corrections de type pingouin à une interaction effective à quatre quarks arbitraire est obtenu à partir de l'expansion en la masse inverse du propagateur d'un quark lourd plongé dans un champ de jauge classique. Une suppression des effets anomaux est ainsi mise en évidence dans le Modèle Standard. Un nouvel ensemble d'opérateurs de dimension huit décrivant les effets du quark charmé dans les désintégrations des kaons est également établi. A longue distance, les effets anomaux associés aux quarks légers dans les désintégrations faibles hadroniques et radiatives des kaons sont analysés dans le formalisme des Lagrangiens chiraux. Une contribution potentiellement importante de l'opérateur d'anomalie de trace est ainsi mise en évidence. Les implications d'une éventuelle dominance des anomalies sont également étudiées.

Effective Lagrangian

Anomaly

Kaon

Heavy quark integration

OPE

Chiral theories

Does Market Learning Explain the Disappearance of the Accrual Anomaly?

Keskek, Sami

2011 August 1900

This study investigates whether market learning explains the absence of the accrual anomaly in recent years by examining three conditions associated with the presence of the anomaly in prior research: (i) a differential relation between future earnings and cash flows versus accruals, (ii) incorrect weighting of cash flows and accruals by investors when predicting earnings, and (iii) association of earnings forecast errors with returns. All of these conditions are widely documented in the anomaly period. In the no-anomaly period, I continue to find a differential relation of cash flows and accruals with future earnings. However, investors appear to correctly weight accruals and cash flows in their earnings predictions implicit in beginning-of-year security prices, consistent with learning. This study also investigates whether improvements in analyst forecasts contribute to investor learning and the absence of the anomaly. The association between analyst optimism and accruals is weaker in the no-anomaly period, but is still statistically significant. Furthermore, the anomaly ended simultaneously for firms followed by analysts and for non-followed firms, suggesting that improvements in analyst forecasts alone cannot account for improved market efficiency with respect to accruals. The results suggest that the anomaly was similar for firms held by institutional investors and for firms with no institutional holdings before the discovery of the anomaly while the anomaly ended sooner for held firms than for non-held firms after the discovery of the anomaly, consistent with the conjecture that arbitrage by institutional investors reduce the anomaly. Overall, the findings are consistent with market learning and suggest that improvement in investors' interpretation of accruals after the discovery of the anomaly explains the end of the anomaly. This improvement in investor learning is not due to changes in analysts' forecasting behavior, however.

Market efficiency

accrual anomaly

investor sophistication

analysts’ forecast bias

Scalable Techniques for Anomaly Detection

Yadav, Sandeep 1985-

14 March 2013

Computer networks are constantly being attacked by malicious entities for various reasons. Network based attacks include but are not limited to, Distributed Denial of Service (DDoS), DNS based attacks, Cross-site Scripting (XSS) etc. Such attacks have exploited either the network protocol or the end-host software vulnerabilities for perpetration. Current network traffic analysis techniques employed for detection and/or prevention of these anomalies suffer from significant delay or have only limited scalability because of their huge resource requirements. This dissertation proposes more scalable techniques for network anomaly detection. We propose using DNS analysis for detecting a wide variety of network anomalies. The use of DNS is motivated by the fact that DNS traffic comprises only 2-3% of total network traffic reducing the burden on anomaly detection resources. Our motivation additionally follows from the observation that almost any Internet activity (legitimate or otherwise) is marked by the use of DNS. We propose several techniques for DNS traffic analysis to distinguish anomalous DNS traffic patterns which in turn identify different categories of network attacks. First, we present MiND, a system to detect misdirected DNS packets arising due to poisoned name server records or due to local infections such as caused by worms like DNSChanger. MiND validates misdirected DNS packets using an externally collected database of authoritative name servers for second or third-level domains. We deploy this tool at the edge of a university campus network for evaluation. Secondly, we focus on domain-fluxing botnet detection by exploiting the high entropy inherent in the set of domains used for locating the Command and Control (C&C) server. We apply three metrics namely the Kullback-Leibler divergence, the Jaccard Index, and the Edit distance, to different groups of domain names present in Tier-1 ISP DNS traces obtained from South Asia and South America. Our evaluation successfully detects existing domain-fluxing botnets such as Conficker and also recognizes new botnets. We extend this approach by utilizing DNS failures to improve the latency of detection. Alternatively, we propose a system which uses temporal and entropy-based correlation between successful and failed DNS queries, for fluxing botnet detection. We also present an approach which computes the reputation of domains in a bipartite graph of hosts within a network, and the domains accessed by them. The inference technique utilizes belief propagation, an approximation algorithm for marginal probability estimation. The computation of reputation scores is seeded through a small fraction of domains found in black and white lists. An application of this technique, on an HTTP-proxy dataset from a large enterprise, shows a high detection rate with low false positive rates.

scalable techniques

belief propagation

fluxing

botnets

dns

anomaly detection

An Analysis and Comparison of The Security Features of Firewalls and IDSs

Sulaman, Sardar Muhammad

January 2011

In last few years we have observed a significant increase in the usage of computing devices and their capabilities to communicate with each other. With the increase in usage and communicating capabilities the higher level of network security is also required. Today the main devices used for the network security are the firewalls and IDS/IPS that provide perimeter defense. Both devices provide many overlapping security features but they have different aims, different protection potential and need to be used together. A firewall is an active device that implements ACLs and restricts unauthorized access to protected resources. An IDS only provides information for further necessary actions, not necessarily perimeter related, but some of these needed actions can be automated, such as automatic blocking in the firewall of attacking sites, which creates an IPS. This thesis report analyzed some common firewall and IDS products, and described their security features, functionalities, and limitations in detail. It also contains the comparison of the security features of the both devices. The firewall and IDS perform different functions for the network security, so they should be used in layered defense architecture. The passwords, firewalls, IDSs/IPSs and physical security all together provide a layered defense and complement each other. The firewall and IDS alone cannot offer sufficient network protection against the network attacks, and they should be used together to enhance the defense-in-depth or layered approach.

Firewall

Intrusion Detection

Anomaly

Access Control

Packet Inspection

Signatures

IDS

EM Scattering from Perforated Films: Transmission and Resonance

Jackson, Aaron David

January 2012

<p>We calculate electromagnetic transmission through periodic gratings using a mode-matching method for solving Maxwell's equations. We record the derivation of the equations involved for several variations of the problem, including one- and two- dimensionally periodic films, one-sided films, films with complicated periodicity, and a simpler formula for the case of a single contributing waveguide mode. We demonstrate the effects of the Rayleigh anomaly, which causes energy transmission to be very low compared to nearby frequencies, and the associated transmission maxima which may be as high as 100% for certain energy frequencies. Finally we present further variations of the model to account for the effects of conductivity, finite hole arrays, and collimation. We find that assuming the film is perfectly conducting with infinite periodicity does not change the transmission sufficiently to explain the difference between experimental and theoretical results. However, removing the assumption that the incident radiation is in the form of a plane wave brings the transmission much more in agreement with experimental results.</p> / Dissertation

Mathematics

Applied mathematics

Optics

Anomaly

Extraordinary

Gratings

Periodic

Transmission

Wood

Anticyclonic eddies in northern South China Sea observed by drifters and satellite altimeter

Liao, Yun-chiang

03 August 2010

Satellite-tracked surface drifter data from 1986 to 2008 acquired from NOAA/AOML and the sea-level anomaly (SLA) data of AVISO from 1992-2008 were used in this study to investigate the mesoscale anticyclonic eddies in the northern South China Sea (SCS) and Luzon Strait. A comparison of the concurrent drifter trajectories and SLA for two eddy events (2003/12~2004/02 and 2004/11~2005/01) indicates good agreement between the two datasets. From historical SLA data (1992-2008) it is found that 78 anticyclonic eddies can be identified in the studied region. The number of occurrence is highest in 1994, 1996, 2001 and 2004, and is lowest in 1998. This result is likely due to the ENSO event and the associated wind lessening in the SCS. Most eddies were generated off southwestern Taiwan coast, northern SCS and west of Luzon Strait. During northeastern monsoon the average life time of eddies is 66.88 days, and the average sea level height difference is 10-20 cm, occasionally reached a maximum value of over 30 cm. During southwestern monsoon eddies have an average lifetime of 51.43 days, and the average sea level height difference is mostly less than 15 cm. In particular, eddies off the southwestern Taiwan coast have the characteristics of lower sea level height difference and translational speed. Location of eddy generation has a marked seasonal variation. During northeastern monsoon, most eddies were concentrated in northern Luzon Strait, propagating longer distance toward the west along the continental shelf, even reaching 112¢XE. On the other hand, eddies generated during the southwestern monsoon can only reach 118¢XE. Statistical results indicate a linear relationship exists between the sea level height difference and the life time for eddies, implying that stronger eddies are more long-lived. Finally, from drifter tracks it can be found that as Kuroshio penetrates through the Luzon Strait and forms a loop current off the southwestern Taiwan coast. Subsequently, eddies could often be identified from the SLA data. Therefore, it can be conjectured that in the northern SCS anticyclone are often shed from the Luzon Strait by Kuroshio penetration.

drifter

South China Sea

Kuroshio

sea level anomaly

eddy

A NetFlow Based Internet-worm Detecting System in Large Network

Wang, Kuang-Ming

04 September 2005

Internet-worms are a major threat to the security of today¡¦s Internet and cause significant worldwide disruptions, a huge number of infected hosts generating overwhelming traffic will impact the performance of the Internet. Network managers have the duty to mitigate this issue . In this paper we propose an automated method for detecting Internet-worm in large network based on NetFlow. We also implement a prototype system ¡V FloWorM which can help network managers to monitor suspect Internet-worms activities and identify their species in their managed networks. Our evaluation of the prototype system on real large and campus networks validates that it achieves pretty low false positive rate and good detecting rate.

NetFlow

network security

network anomaly detection

Internet-worms