Global ETD Search

381	Algorithmes d'apprentissage statistique pour l'analyse géométrique et topologique de données / Statistical learning algorithms for geometric and topological data analysis Bonis, Thomas 01 December 2016 (has links) Dans cette thèse, on s'intéresse à des algorithmes d'analyse de données utilisant des marches aléatoires sur des graphes de voisinage, ou graphes géométriques aléatoires, construits à partir des données. On sait que les marches aléatoires sur ces graphes sont des approximations d'objets continus appelés processus de diffusion. Dans un premier temps, nous utilisons ce résultat pour proposer un nouvel algorithme de partitionnement de données flou de type recherche de modes. Dans cet algorithme, on définit les paquets en utilisant les propriétés d'un certain processus de diffusion que l'on approche par une marche aléatoire sur un graphe de voisinage. Après avoir prouvé la convergence de notre algorithme, nous étudions ses performances empiriques sur plusieurs jeux de données. Nous nous intéressons ensuite à la convergence des mesures stationnaires des marches aléatoires sur des graphes géométriques aléatoires vers la mesure stationnaire du processus de diffusion limite. En utilisant une approche basée sur la méthode de Stein, nous arrivons à quantifier cette convergence. Notre résultat s'applique en fait dans un cadre plus général que les marches aléatoires sur les graphes de voisinage et nous l'utilisons pour prouver d'autres résultats : par exemple, nous arrivons à obtenir des vitesses de convergence pour le théorème central limite. Dans la dernière partie de cette thèse, nous utilisons un concept de topologie algébrique appelé homologie persistante afin d'améliorer l'étape de "pooling" dans l'approche "sac-de-mots" pour la reconnaissance de formes 3D. / In this thesis, we study data analysis algorithms using random walks on neighborhood graphs, or random geometric graphs. It is known random walks on such graphs approximate continuous objects called diffusion processes. In the first part of this thesis, we use this approximation result to propose a new soft clustering algorithm based on the mode seeking framework. For our algorithm, we want to define clusters using the properties of a diffusion process. Since we do not have access to this continuous process, our algorithm uses a random walk on a random geometric graph instead. After proving the consistency of our algorithm, we evaluate its efficiency on both real and synthetic data. We then deal tackle the issue of the convergence of invariant measures of random walks on random geometric graphs. As these random walks converge to a diffusion process, we can expect their invariant measures to converge to the invariant measure of this diffusion process. Using an approach based on Stein's method, we manage to obtain quantitfy this convergence. Moreover, the method we use is more general and can be used to obtain other results such as convergence rates for the Central Limit Theorem. In the last part of this thesis, we use the concept of persistent homology, a concept of algebraic topology, to improve the pooling step of the bag-of-words approach for 3D shapes. Graphes géométriques aléatoires Marches aléatoires Partitionnement de données flou Méthode de Stein Homologie persistante Sac-de-mots Random geometric graphs Random walks Soft clustering Stein's method Persistent homology Bag-of-words
382	Software-defined Situation-aware Cloud Security January 2020 (has links) abstract: The use of reactive security mechanisms in enterprise networks can, at times, provide an asymmetric advantage to the attacker. Similarly, the use of a proactive security mechanism like Moving Target Defense (MTD), if performed without analyzing the effects of security countermeasures, can lead to security policy and service level agreement violations. In this thesis, I explore the research questions 1) how to model attacker-defender interactions for multi-stage attacks? 2) how to efficiently deploy proactive (MTD) security countermeasures in a software-defined environment for single and multi-stage attacks? 3) how to verify the effects of security and management policies on the network and take corrective actions? I propose a Software-defined Situation-aware Cloud Security framework, that, 1) analyzes the attacker-defender interactions using an Software-defined Networking (SDN) based scalable attack graph. This research investigates Advanced Persistent Threat (APT) attacks using a scalable attack graph. The framework utilizes a parallel graph partitioning algorithm to generate an attack graph quickly and efficiently. 2) models single-stage and multi-stage attacks (APTs) using the game-theoretic model and provides SDN-based MTD countermeasures. I propose a Markov Game for modeling multi-stage attacks. 3) introduces a multi-stage policy conflict checking framework at the SDN network's application plane. I present INTPOL, a new intent-driven security policy enforcement solution. INTPOL provides a unified language and INTPOL grammar that abstracts the network administrator from the underlying network controller's lexical rules. INTPOL develops a bounded formal model for network service compliance checking, which significantly reduces the number of countermeasures that needs to be deployed. Once the application-layer policy conflicts are resolved, I utilize an Object-Oriented Policy Conflict checking (OOPC) framework that identifies and resolves rule-order dependencies and conflicts between security policies. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2020 Computer science Advanced Persistent Threat (APT) Attack Graph Bounded Model Checking Markov Game Moving Target Defense (MTD) Software-defined Networking (SDN)
383	Tools and Techniques for Efficient Transactions Poudel, Pavan 07 September 2021 (has links) No description available. Computer Science transactional memory persistent memory versioning concurrency conflicts switching distributed system scheduling execution time communication cost data-flow control-flow predefined order dynamic algorithm
384	Synthèse d'observateurs pour les systèmes non linéaires, non uniformément observables / Synthesis observers for non uniformly observable nonlinear systems Ltaief, Ali 19 May 2017 (has links) Les résultats présentés dans cette thèse s’articulent autour de la synthèse d’observateurs de type grand gain pour des classes de systèmes non linéaires multi-entrées, multi-sorties non uniformément observables. Dans un premier temps, la classe de systèmes considérées est telle que la dynamique des variables d’état est décrite par la somme de deux termes. Le premier correspond à une partie affine en l’état décrite par le produit d’une matrice, dont les entrées (fonctions non linéaires de l’état) ont une structure triangulaire, par le vecteur d’état. Le deuxième terme est composé par les non linéarités du système qui ont aussi une structure triangulaire. Le gain de l’observateur proposé est issu de la résolution d’une équation différentielle ordinaire de type Lyapunov.La convergence exponentielle de l’erreur d’observation sous-jacente est établie sous une une certaine condition d’excitation persistante dépendant de l’entrée du système et de l’état de l’observateur.Dans un deuxième temps, la synthèse de cet observateur est étendue à une classe plus large de systèmes non linéaires où des états peuvent intervenir de manière non triangulaire.La notion d’indices caractéristiques associés à ces états est alors introduite et elle a permis de définir une structure triangulaire étendue pour la quelle la synthèse de l’observateur a aussi été effectuée.Enfin, il a été établi que les observateurs proposés peuvent être utiliséscomme observateurs adaptatifs pour l’estimation simultanée de l’état et de certains paramètres et une forme adaptative de ces observateurs a été générée.Les performances des différents observateurs proposés ont été illustrées à travers des exemples en simulation / The results given in this thesis deal with the design of high gain observers for some classes on Multi Input Multi Output non uniformly observable nonlinear systems. In a first step, the class of considered systems is such that the dynamics of the state variables is the sum of two terms. The first term is affine in the state and is composed by the product of a matrix, whose entries are nonlinear functions of the state with a triangular structure, by the state vector. The second term describes the system nonlinearities which also assume a triangular structure. The gain of the proposed observer is issued from the resolution of a Lyapunov ordinary differential equation. The exponential convergence of the underlying observation error is established under a persistent excitation condition involving the system inputs and the state of the observer. In a second step, the observer design has been extended to a larger class of nonlinear systems where some state variables may intervene in a non triangular way. The notion of the characteristic indices associated to these state variables is then introduced and it allowed to define an extended triangular structure for which a high gain observer has been designed. Finally, it has been established that the proposed observers can be used as adaptive ones to jointly estimate the system state together with some unknown parameters and an adaptive form of these observers has been derived. The performance and main properties of the proposed observers have been illustrated in simulation by considering many examples throughout this thesis. SSystème non uniformément observables Indices caractéristiques Excitation persistante Nonlinear systems Non uniformly observable systems High gain observers Characteristic indices Persistent excitation Adaptive observers
385	Architectural Principles for Database Systems on Storage-Class Memory Oukid, Ismail 05 December 2017 (has links) Database systems have long been optimized to hide the higher latency of storage media, yielding complex persistence mechanisms. With the advent of large DRAM capacities, it became possible to keep a full copy of the data in DRAM. Systems that leverage this possibility, such as main-memory databases, keep two copies of the data in two different formats: one in main memory and the other one in storage. The two copies are kept synchronized using snapshotting and logging. This main-memory-centric architecture yields nearly two orders of magnitude faster analytical processing than traditional, disk-centric ones. The rise of Big Data emphasized the importance of such systems with an ever-increasing need for more main memory. However, DRAM is hitting its scalability limits: It is intrinsically hard to further increase its density. Storage-Class Memory (SCM) is a group of novel memory technologies that promise to alleviate DRAM’s scalability limits. They combine the non-volatility, density, and economic characteristics of storage media with the byte-addressability and a latency close to that of DRAM. Therefore, SCM can serve as persistent main memory, thereby bridging the gap between main memory and storage. In this dissertation, we explore the impact of SCM as persistent main memory on database systems. Assuming a hybrid SCM-DRAM hardware architecture, we propose a novel software architecture for database systems that places primary data in SCM and directly operates on it, eliminating the need for explicit IO. This architecture yields many benefits: First, it obviates the need to reload data from storage to main memory during recovery, as data is discovered and accessed directly in SCM. Second, it allows replacing the traditional logging infrastructure by fine-grained, cheap micro-logging at data-structure level. Third, secondary data can be stored in DRAM and reconstructed during recovery. Fourth, system runtime information can be stored in SCM to improve recovery time. Finally, the system may retain and continue in-flight transactions in case of system failures. However, SCM is no panacea as it raises unprecedented programming challenges. Given its byte-addressability and low latency, processors can access, read, modify, and persist data in SCM using load/store instructions at a CPU cache line granularity. The path from CPU registers to SCM is long and mostly volatile, including store buffers and CPU caches, leaving the programmer with little control over when data is persisted. Therefore, there is a need to enforce the order and durability of SCM writes using persistence primitives, such as cache line flushing instructions. This in turn creates new failure scenarios, such as missing or misplaced persistence primitives. We devise several building blocks to overcome these challenges. First, we identify the programming challenges of SCM and present a sound programming model that solves them. Then, we tackle memory management, as the first required building block to build a database system, by designing a highly scalable SCM allocator, named PAllocator, that fulfills the versatile needs of database systems. Thereafter, we propose the FPTree, a highly scalable hybrid SCM-DRAM persistent B+-Tree that bridges the gap between the performance of transient and persistent B+-Trees. Using these building blocks, we realize our envisioned database architecture in SOFORT, a hybrid SCM-DRAM columnar transactional engine. We propose an SCM-optimized MVCC scheme that eliminates write-ahead logging from the critical path of transactions. Since SCM -resident data is near-instantly available upon recovery, the new recovery bottleneck is rebuilding DRAM-based data. To alleviate this bottleneck, we propose a novel recovery technique that achieves nearly instant responsiveness of the database by accepting queries right after recovering SCM -based data, while rebuilding DRAM -based data in the background. Additionally, SCM brings new failure scenarios that existing testing tools cannot detect. Hence, we propose an online testing framework that is able to automatically simulate power failures and detect missing or misplaced persistence primitives. Finally, our proposed building blocks can serve to build more complex systems, paving the way for future database systems on SCM. info:eu-repo/classification/ddc/004 ddc:004
386	“Jag vill nästan kalla det för mördarkultur” : En kvalitativ studie om tystnadskultur inom kriminella nätverk Eychouh, Petra, Forsberg, Moa, Karlsson, Ronja January 2021 (has links) The code of silence is a major social issue because it obstructs the work against criminal networks. It is based on the fact that members of the networks tend not to report crimes or testify, partly due to the norm of not talking to representatives of the judiciary and due to the risk of being subjected to violence. The aim of this qualitative study is to gain a deeper understanding of the code of silence as a phenomenon within criminal networks. The study is based on interviews with former members of criminal networks. Previous research has shown that legitimacy of violence does not deter members from prosecution. Members also find it difficult to leave the network due to the social relationship. The interviewees emphasize that there is a code of silence towards the police and other members. A deeply imprinted behavior persists till today. The conclusion is that the code of silence towards the police is considered to be an essential part of the network, which is maintained due to violence and learned behavior. The emotional bonds that remain towards the network are the reasons for the participants behavior still being pervaded by a code of silence. / Tystnadskultur är ett stort samhällsproblem eftersom det försvårar arbetet mot kriminella nätverk. Det baseras på att medlemmar tenderar att inte anmäla brott eller vittna, dels på grund av normen kring att inte prata med rättsväsendets representanter och dels på grund av risken att utsättas för våld om de gör det. Syftet med denna kvalitativa studie att få djupare förståelse för tystnadskulturen som fenomen inom de kriminella nätverken. Studien baseras på intervjuer med före detta medlemmar av kriminella nätverk. Tidigare forskning har visat att våldets legitimitet inte avskräcker medlemmar från lagföring och straff. Medlemmar har också svårt att lämna på grund av den sociala relationen till nätverket. Studien baseras på intervjuer med före detta medlemmar av kriminella nätverk. Intervjupersonerna betonar att det finns tystnadskultur både mot polis och andra medlemmar. Det är även ett djupt präglat beteende som finns kvar även idag. Slutsatsen är att tystnadskulturen mot polisen är viktigt för nätverkets struktur. Den upprätthålls på grund av rädsla för våldet och betraktas som ett inlärt beteende. Den emotionella relationen som finns kvar mot nätverket gör att intervjupersonernas vardagliga beteende fortfarande präglas av tystnadskulturen. code of silence criminal gangs violence street culture persistent code of silence tystnadskultur kriminella nätverk våld gatukultur ihållande tystnadskultur Other Social Sciences Annan samhällsvetenskap
387	Reliability-Based Analysis of Concrete Dams Fouhy, David, Ríos Bayona, Francisco January 2014 (has links) Dams are designed and assessed based on traditional factor of safety methodology. Several drawbacks of this approach exist; for example varying failure probability for structures where the factor of safety is the same. This traditional factor of safety methodology imposes conservative assumptions in terms of both design and analysis. A probability-based analysis has been suggested to account for the omission of uncertainties and provide a less conservative analysis (Westberg & Johansson, 2014). Through the stability analyses of three existing dam structures, a minimum level of reliability or maximum failure probability may be calculated with the ultimate goal of defining a target safety index (β-target) for buttress and gravity dams. These analyses shall in turn contribute to the formulation of a probability-based guideline for the design and assessment of Swedish concrete dams. This probability-based guideline shall be known as the ‘Probabilistic Model Code for Concrete Dams.’ The calculations carried out in this study adhere to the methodologies and specifications set out in the preliminary draft of the Probabilistic Model Code for Concrete Dams. These methodologies encompass analyses within two dominating failure modes for concrete dams; sliding stability and overturning stability. Various load combinations have been modelled for each dam structure to account for the probabilistic failure of each dam under commonly occurring circumstances. A parametric study has been carried out in order to provide insight into the contribution that existing rock bolts provide to the stability of each dam. Furthermore, a study has been carried out into the existence of a persistent rock joint or failure plane in the rock foundation and the effects its presence would have on the sliding stability of a dam. Finally a discussion had been carried out in order to provide suggestions into the formulation of a target safety index through the data envisaged by our analyses for the design and assessment of Swedish concrete dams. concrete dams buttress dams gravity dams probabilistic analyses stability analyses sliding stability overturning stability rock bolts persistent rock joint dam safety Civil Engineering Samhällsbyggnadsteknik
388	Vilka är de miljöbelastande ingredienserna i kosmetika och hur ser förekomsten av dessa ut i svenska vatten? / What cosmetic ingredients are environmentally harmful and can they be found in Swedish waters? Rempling, Rebecca January 2016 (has links) Kosmetika är något som används i stor utsträckning i dagens samhälle. Läkemedelsverket är den ansvariga myndigheten för kosmetika och är de som definierar vad begreppet kosmetika innefattar. På EU-nivå är det Kosmetikaförordningen som reglerar vilka ingredienser som får förekomma i kosmetika. För miljöskadliga ämnen ska EU:s kemikalielagstiftning REACH säkerställa att dessa inte får användas. Dock finns det brister i både REACH och Kosmetikaförordningen. Det är därför möjligt att det idag används kosmetiska produkter med ingredienser som är belastande eller till och med farliga för miljön. För att få en tydligare bild av huruvida detta är ett problem, har i detta projekt undersökts ca 1440 kosmetiska ingredienser. Undersökningen har skett med avseende på ingrediensernas persistens, bioackumuleringsförmåga och toxicitet. Projektet har utförts i samarbete med Naturskyddsföreningen. Syftet var att fylla på Naturskyddsföreningens egna kosmetikadatabas med information om vilka ämnen som är klassade som persistenta, bioackumulerande och/eller toxiska. De klassade ingredienserna togs även vidare för att ta reda på om de förekommer ute i svenska vatten. Projektet genomfördes genom att söka upp ingredienserna i ECHA, som är EU:s kemikaliemyndighets databas, där information om ingrediensernas PBT-utredningar fanns att hämta. Ett ämne klassas som PBT om det uppfyller kraven för både persistent, bioackumulerande och toxisk. Ett ämne kan också vara mycket persistent och mycket bioackumulerande, vPvB. De ingredienser som var P, B, T, vP och/eller vB, togs sedan vidare att jämföras med vattenanalysresultat från IVL:s screeningdatabas. En sammanställning gjordes av vilka ämnen som förekom även där, och i vilka halter de uppmätts. Under projektets gång påträffades svårigheter såsom att ganska många ämnen saknade en registrerad PBT-utredning i ECHA. Ämnen som idag inte har någon registrerad PBT-utredning är troligtvis de ämnen som produceras eller importeras i mängder om 1-100 ton/år. Detta eftersom dessa ämnen fått en tidsfrist till år 2018 innan registreringen i ECHA måste göras. Resultatet av projektet blev att av 1440 ämnen kunde endast 880 stycken som hittas i ECHA:s databas. Av dessa hade 300 ämnen en registrerad PBT-utredning, och 270 stycken av dem var inte klassade som persistenta, bioackumulerande eller toxiska. De kvarvarande 30 ämnena var - eller kunde inte uteslutas vara - persistenta, bioackumulerande eller toxiska. Då de 30 ämnena jämfördes mot IVL:s databas, återfanns nio av dem även där. Ämnena förekom i dessa analyser i koncentrationer om upp till 32 μg/l. Zinc pyrithione var det ämne som hade det högst detekterade värdet. Resultatet har också jämförts med tidigare arbeten inom området, och där kan framförallt konstateras att ett ämne som kommit på fråga i flera av dem är Cetrimonium chloride. Under projektets gång har konstaterats att vi i dagens läge inte har riktigt koll på alla de ämnen vi tillåter släpps ut i vår miljö. Kanske man i framtiden borde följa och analysera samtliga ämnen som klassas som persistenta, bioackumulerande och/eller toxiska. Inte bara de som redan är känt miljöfarliga och som importeras/produceras i mängder större än ett ton per år. Slutsatsen blev att av 1440 undersökta ämnen återfanns 30 stycken som är klassade som - eller inte kan uteslutas att vara - persistenta, bioackumulerande eller toxiska. Av dem återfanns nio stycken i IVL:s vattenanalyser. En intressant aspekt är att hela fyra av dessa ämnen, är sådana som används för UV-skydd i kosmetiska produkter. Man bör därför utreda dessa ingredienstyper närmare och försöka hitta bättre alternativ till dem. Särskilt då vi under sommaren smörjer in en stor del av kroppen med produkter innehållandes UV-skydd och sedan badar med det. Det innebär antagligen att det varje år läcker ut relativt stora mängder av dessa miljöbelastande ämnen i våra sjöar och hav, utan att de passerar några reningsverk som skulle kunna rena bort dem. / The use of cosmetics is widely spread in today’s society. In Sweden, the Medical Products Agency (Läkemedelsverket) is the authority responsible for cosmetic products, and they define which products belongs in that category. When it comes to which ingredients a cosmetic product may contain, it is in the European Union defined in the Cosmetics Regulation. For environmentally harmful substances, the REACH Regulation shall make sure these are not used. There are however some shortages in both the REACH and Cosmetics Regulation. Therefore, there may today still be products in use on the market containing ingredients that are harmful to the environment. To get a better picture of whether this is a problem or not, this project has consisted in examining the environmental harmfulness of approximately 1440 cosmetic ingredients. The project was done in cooperation with the Swedish Society for Nature Conservation (Naturskyddsföreningen). The purpose of the project was to supply their database of cosmetic ingredients with another bit of information - if the ingredients are classified as persistent, bioaccumulating and/or toxic. The ingredients that had a classification were then compared to results from analyzes done on Swedish waters. The information of whether the substances were persistent, bioaccumulating and/or toxic, was found in the database of the European Chemicals Agency, ECHA. The results from the water analyzes were found in the database of IVL. An issue that occurred during the project, was that some substances did not have a registered PBT-assessment in ECHA. PBT stands for persistent, bioaccumulating and toxic, and if a substance fulfills the criteria of all these three, it is classified as PBT. A substance can also be vPvB, very persistent and very bioaccumulating. The substances that today are missing a registered PBT-assessment in ECHA, are most likely those that are produced or imported in quantities of 1 000 – 100 000 kilograms per year. This is because these substances have been given time until year 2018 before they have to be registered. The result of the project is that out of 1440 substances, only 880 were found in ECHA. Out of these, 300 substances had a registered PBT-assessment. Among them, 270 were not classified as persistent, bioaccumulating or toxic. The remaining 30 substances had a classification - or could not be entirely excluded. Nine of the remaining 30 substances were found in IVL’s database. These substances turned out to occur in Swedish waters in concentrations of up to 32 μg/liter. The substance with the highest concentration value was Zinc pyrithione. When comparing the result of the project with earlier studies done within this subject, it can be concluded that the substance Cetrimonium chloride occurred in several of them. From the project it can be concluded that we are not fully aware of which substances we let out into our environment today. In the future it would perhaps be better to do water analyzes for all substances that are classified as persistent, bioaccumulating and/or toxic. Not just for the substances that are already known to be environmentally harmful, and imported or produced in amounts of over 1 000 kilograms per year. The overall conclusion of the project was that out of 1440 examined substances, 30 had – or were suspected to may have – a classification as persistent, bioaccumulating or toxic. Nine of these substances were also found in water analysis results from IVL. An interesting fact is, that four out of these substances are used in cosmetic products as UV-protection. Therefore, products containing UV-protection, such as sunscreen, should definitely be examined further, and maybe even the ingredients should be exchanged for better alternate ones in the future. Especially since most of us cover ourselves in sunscreen products during sunny days, and then go swimming in our seas and oceans. This probably causes the release of a large amount of these environmentally harmful ingredients into our waters. Water that does not pass any water treatment plant that could possibly purify it from the substances. Kosmetika miljö ingredienser PBT vPvB persistent bioackumulerande toxisk vatten analys PBT-utredning klassning UV Kosmetikaförordningen Naturskyddsföreningen ECHA REACH IVL Chemical Engineering Kemiteknik
389	Detecting Lateral Movement in Microsoft Active Directory Log Files : A supervised machine learning approach Uppströmer, Viktor, Råberg, Henning January 2019 (has links) Cyberattacker utgör ett stort hot för dagens företag och organisationer, med engenomsnittlig kostnad för ett intrång på ca 3,86 miljoner USD. För att minimera kostnaden av ett intrång är det viktigt att detektera intrånget i ett så tidigt stadium som möjligt. Avancerande långvariga hot (APT) är en sofistikerad cyberattack som har en lång närvaro i offrets nätverk. Efter attackerarens första intrång kommer fokuset av attacken skifta till att få kontroll över så många enheter som möjligt på nätverket. Detta steg kallas för lateral rörelse och är ett av de mest kritiska stegen i en APT. Syftet med denna uppsats är att undersöka hur och hur väl lateral rörelse kan upptäckas med hjälp av en maskininlärningsmetod. I undersökningen jämförs och utvärderas fem maskininlärningsalgoritmer med upprepad korsvalidering följt av statistisk testning för att bestämma vilken av algoritmerna som är bäst. Undersökningen konkluderar även vilka attributer i det undersökta datasetet som är väsentliga för att detektera laterala rörelser. Datasetet kommer från en Active Directory domänkontrollant där datasetets attributer är skapade av korrelerade loggar med hjälp av datornamn, IP-adress och användarnamn. Datasetet består av en syntetisk, samt, en verklig del vilket skapar ett semi-syntetiskt dataset som innehåller ett multiklass klassifierings problem. Experimentet konkluderar att all fem algoritmer klassificerar rätt med en pricksäkerhet (accuracy) på 0.998. Algoritmen RF presterar med den högsta f-measure (0.88) samt recall (0.858), SVM är bäst gällande precision (0.972) och DT har denlägsta inlärningstiden (1237ms). Baserat på resultaten indikerar undersökningenatt algoritmerna RF, SVM och DT presterar bäst i olika scenarier. Till exempel kan SVM användas om en låg mängd falsk positiva larm är viktigt. Om en balanserad prestation av de olika prestanda mätningarna är viktigast ska RF användas. Undersökningen konkluderar även att en stor mängd utav de undersökta attributerna av datasetet kan bortses i framtida experiment, då det inte påverkade prestandan på någon av algoritmerna. / Cyber attacks raise a high threat for companies and organisations worldwide. With the cost of a data breach reaching $3.86million on average, the demand is high fora rapid solution to detect cyber attacks as early as possible. Advanced persistent threats (APT) are sophisticated cyber attacks which have long persistence inside the network. During an APT, the attacker will spread its foothold over the network. This stage, which is one of the most critical steps in an APT, is called lateral movement. The purpose of the thesis is to investigate lateral movement detection with a machine learning approach. Five machine learning algorithms are compared using repeated cross-validation followed statistical testing to determine the best performing algorithm and feature importance. Features used for learning the classifiers are extracted from Active Directory log entries that relate to each other, with a similar workstation, IP, or account name. These features are the basis of a semi-synthetic dataset, which consists of a multiclass classification problem. The experiment concludes that all five algorithms perform with an accuracy of 0.998. RF displays the highest f1-score (0.88) and recall (0.858), SVM performs the best with the performance metric precision (0.972), and DT has the lowest computational cost (1237ms). Based on these results, the thesis concludes that the algorithms RF, SVM, and DT perform best in different scenarios. For instance, SVM should be used if a low amount of false positives is favoured. If the general and balanced performance of multiple metrics is preferred, then RF will perform best. The results also conclude that a significant amount of the examined features can be disregarded in future experiments, as they do not impact the performance of either classifier. Advanced Persistent Threat Lateral Movement Active Directory Multiclass Classification Intrusion Detection System Avancerade långvariga hot Lateral rörelse Active Directory Multiklassklassificering Intrångsdetektering Computer Systems Datorsystem
390	Riskfaktorer för kvarvarande symtom post-covid-19 : En uppföljningsstudie på sex månader efter utskrivning från sjukhus / Risk factors for persistent symptoms post covid-19 : A follow-up study of six months after discharge from hospital Sarenmalm, Emelie January 2022 (has links) Bakgrund: I början av december 2019 kom de första rapporterna om viruset Severe Acute Respiratory Syndrome Coronavirus 2 som orsakar sjukdomen Coronavirus Disease 2019 (covid-19). Många som genomgått en covid-19-infektion får långvariga besvär. Syfte: Syftet var att undersöka eventuella samband mellan riskfaktorer och kvarvarande symtom efter genomgången covid-19 upp till sex månader efter utskrivning från sjukhus. Metod: Studien är en icke-experimentell prospektiv longitudinell kohortstudie. Kohorten består av 37 patienter som vårdades på ett sjukhus i Västra Götaland för covid-19 under perioden juni 2020 till februari 2021. Potentiella riskfaktorer, biomarkörer och infektionsparametrar under sjukhusvistelsen analyserades tillsammans med patienternas självskattade upplevelse av symtom enligt skalan Post Covid-19 Functional Status (PCFS), vid en, tre och sex månader efter genomgången covid-19. Resultat: Resultatet av analysen visade signifikanta relationer mellan rökning (p=.018), sekundära diagnoser under vårdtiden (p=.003), en ålder >65 år (p=.014) samt att ha en cancerdiagnos (p=.046) och att rapportera kvarvarande symtom som påverkar vardagen. Trötthet och nedsatt ork var de vanligast rapporterade symtomen post-covid, följt av andningsrelaterade besvär. Vid sex månaders uppföljning rapporterar 62% ett eller flera kvarvarande symtom. Slutsats: Då detta är en liten studie kan inga säkra slutsatser dras från analysen. Studien visar dock att det finns anledning till oro angående de långsiktiga konsekvenserna av covid-19. / Background: In early December 2019, reports came about the Severe Acute Respiratory Syndrome Coronavirus 2 causing Coronavirus Disease 2019 (COVID-19). Many who have gone through COVID-19 get long-term symptoms. Aim: The aim was to investigate possible links between risk factors and persisting symptoms after having COVID-19, up to six months after discharge from hospital. Method: The study is a non-experimental prospective longitudinal cohort study. Included were 37 patients who were treated for COVID-19 at a Swedish hospital between June 2020 and February 2021. Potential risk factors, biomarkers and vital signs during the hospital stay were analyzed together with patients' self-assessed experience of symptoms and functionality according to Post COVID-19 Functional Status (PCFS), up to six months after having COVID-19. Results: Significant relationships are shown between smoking (p = .018), secondary diagnoses during the hospital stay (p = .003), age> 65 years (p = .014) and having a cancer diagnosis (p = .046) and to report persistent symptoms that affect daily life. Fatigue was the most commonly reported symptom, followed by respiratory symptoms. At the six-month follow-up, 62% of patients report one or more remaining symptoms. Conclusion: As this was a small scale study, no definite conclusions can be drawn from the analysis. However, the study shows that there is cause for concern regarding the long term consequences of COVID-19. / <p>Program: - (fristående kurs) </p> Covid-19 follow-up persistent symptoms post covid-19 risk factors Covid-19 kvarvarande symtom post-covid-19 riskfaktorer uppföljning Nursing Omvårdnad

Search results