Search for: All records

Abstract The labyrinth of the vertebrate inner ear is a sensory system that governs the perception of head rotations. Central hypotheses predict that labyrinth shape and size are related to ecological adaptations, but this is under debate and has rarely been tested outside of mammals. We analyze the evolution of labyrinth morphology and its ecological drivers in living and fossil turtles, an understudied group that underwent multiple locomotory transitions during 230 million years of evolution. We show that turtles have unexpectedly large labyrinths that evolved during the origin of aquatic habits. Turtle labyrinths are relatively larger than those of mammals, and comparable to many birds, undermining the hypothesis that labyrinth size correlates directly with agility across vertebrates. We also find that labyrinth shape variation does not correlate with ecology in turtles, undermining the widespread expectation that reptilian labyrinth shapes convey behavioral signal, and demonstrating the importance of understudied groups, like turtles. 

The large amount of third-party packages available in fast-moving software ecosystems, such as Node.js/npm, enables attackers to compromise applications by pushing malicious updates to their package dependencies. Studying the npm repository, we observed that many packages in the npm repository that are used in Node.js applications perform only simple computations and do not need access to filesystem or network APIs. This offers the opportunity to enforce least-privilege design per package, protecting applications and package dependencies from malicious updates. We propose a lightweight permission system that protects Node.js applications by enforcing package permissions at runtime. We discuss the design space of solutions and show that our system makes a large number of packages much harder to be exploited, almost for free. 

An understanding of person dynamics is indispensable for numerous urban applications, including the design of transportation networks and planning for business development. Pedestrian counting often requires utilizing manual or technical means to count individuals in each location of interest. However, such methods do not scale to the size of a city and a new approach to fill this gap is here proposed. In this project, we used a large dense dataset of images of New York City along with computer vision techniques to construct a spatio-temporal map of relative person density. Due to the limitations of state-of-the-art computer vision methods, such automatic detection of person is inherently subject to errors. We model these errors as a probabilistic process, for which we provide theoretical analysis and thorough numerical simulations. We demonstrate that, within our assumptions, our methodology can supply a reasonable estimate of person densities and provide theoretical bounds for the resulting error. 

With an increased level of automation provided by package managers, which sometimes allow updates to be installed automatically, malicious package updates are becoming a real threat in software ecosystems. To address this issue, we propose an approach based on anomaly detection, to identify suspicious updates based on security-relevant features that attackers could use in an attack. We evaluate our approach in the context of Node.js/npm ecosystem, to show its feasibility in terms of reduced review effort and the correct identification of a confirmed malicious update attack. Although we do not expect it to be a complete solution in isolation, we believe it is an important security building block for software ecosystems. 

Transparent environments and social-coding platforms asGitHub help developers to stay abreast of changes during the development and maintenance phase of a project. Especially, notification feeds can help developers to learn about relevant changes in other projects. Unfortunately, transparent environments can quickly overwhelm developers with too many notifications, such that they lose the important ones in a sea of noise. Complementing existing prioritization and filtering strategies based on binary compatibility and code ownership, we develop an anomaly detection mechanism to identify unusual commits in a repository, which stand out with respect to other changes in the same repository or by the same developer. Among others, we detect exceptionally large commits, commits at unusual times, and commits touching rarely changed file types given the characteristics of a particular repository or developer. We automatically flag unusual commits on GitHub through a browser plug-in. In an interactive survey with 173 active GitHub users, rating commits in a project of their interest, we found that, although our unusual score is only a weak predictor of whether developers want to be notified about a commit, information about unusual characteristics of a commit changes how developers regard commits. Our anomaly detection mechanism is a building block for scaling transparent environments. 

Abstract Theropod dinosaurs were relatively scarce in the Late Cretaceous ecosystems of southeast Brazil. Instead, hypercarnivorous crocodyliforms known as baurusuchids were abundant and probably occupied the ecological role of apex predators. Baurusuchids exhibited a series of morphological adaptations hypothesized to be associated with this ecological role, but quantitative biomechanical analyses of their morphology have so far been lacking. Here, we employ a biomechanical modelling approach, applying finite element analysis (FEA) to models of the skull and mandibles of a baurusuchid specimen. This allows us to characterize the craniomandibular apparatus of baurusuchids, as well as to compare the functional morphology of the group with that of other archosaurian carnivores, such as theropods and crocodylians. Our results support the ecological role of baurusuchids as specialized apex predators in the continental Late Cretaceous ecosystems of South America. With a relatively weak bite force (~600 N), the predation strategies of baurusuchids likely relied on other morphological specializations, such as ziphodont dentition and strong cervical musculature. Comparative assessments of the stress distribution and magnitude of scaled models of other predators (the theropodAllosaurus fragilisand the living crocodylianAlligator mississippiensis) consistently show different responses to loadings under the same functional scenarios, suggesting distinct predatory behaviors for these animals. The unique selective pressures in the arid to semi‐arid Late Cretaceous ecosystems of southeast Brazil, which were dominated by crocodyliforms, possibly drove the emergence and evolution of the biomechanical features seen in baurusuchids, which are distinct from those previously reported for other predatory taxa.