Search for: All records

The deployment of deep learning-based malware detection systems has transformed cybersecurity, offering sophisticated pattern recognition capabilities that surpass traditional signature-based approaches. However, these systems introduce new vulnerabilities requiring systematic investigation. This chapter examines adversarial attacks against graph neural network-based malware detection systems, focusing on semantics-preserving methodologies that evade detection while maintaining program functionality. We introduce a reinforcement learning (RL) framework that formulates the attack as a sequential decision making problem, optimizing the insertion of no-operation (NOP) instructions to manipulate graph structure without altering program behavior. Comparative analysis includes three baseline methods: random insertion, hill-climbing, and gradient-approximation attacks. Our experimental evaluation on real world malware datasets reveals significant differences in effectiveness, with the reinforcement learning approach achieving perfect evasion rates against both Graph Convolutional Network and Deep Graph Convolutional Neural Network architectures while requiring minimal program modifications. Our findings reveal three critical research gaps: transitioning from abstract Control Flow Graph representations to executable binary manipulation, developing universal vulnerability discovery across different architectures, and systematically translating adversarial insights into defensive enhancements. This work contributes to understanding adversarial vulnerabilities in graph-based security systems while establishing frameworks for evaluating machine learning-based malware detection robustness. 

Abstract Assimilating polarimetric radar data within a double-moment microphysics scheme requires that both hydrometeor mixing ratios and number concentrations be updated simultaneously to effectively utilize the radar information. This study directly assimilates polarimetric radar data in a fraternal twin observing system simulation experiment (OSSE) using both mixing ratios and number concentrations as analysis variables within a variational approach. A newly developed set of parameterized forward operators for polarimetric radar data, incorporating a new continuous melting model, is employed. To address challenges in minimizing the cost function, a power transformation function is applied to the analysis variables of mixing ratios and number concentrations. This approach alleviates issues arising from the very large dynamic range of number concentrations and the highly nonlinear relationship between the model’s hydrometeors and radar variables. Results from several groups of sensitivity experiments show that updating number concentrations using an appropriate power transformation function together with mixing ratios of hydrometeors reduces the analysis errors of radar variables and improves the analysis of polarimetric radar signatures. Updating number concentrations proves to be quite sensitive when assimilating differential reflectivity, while the additional assimilation of specific differential phase yields smaller analysis errors for reflectivity and mixing ratios of water vapor and rainwater compared to differential reflectivity assimilation alone. Experiments with smaller observation errors provide better analyses of the radar variables but also increase model variable analysis errors. Among the threshold values tested for reflectivity and polarimetric variables, assimilating polarimetric variables at grids where reflectivity exceeds 15 dBZprovides the best qualitative analysis. 

Abstract Binary analysis, the process of examining software without its source code, plays a crucial role in understanding program behavior, e.g., evaluating the security properties of commercial software, and analyzing malware. One challenging aspect of this process is to classify data encoding schemes, such as encryption and compression, due to the absence of high-level semantic information. Existing approaches either rely on code similarity, which only works for known schemes, or heuristic rules, which lack scalability. In this paper, we propose DESCG, a novel deep learning-based method for automatically classifying four widely employed kinds of data encoding schemes in binary programs: encryption, compression, decompression, and hashing. Our approach leverages dynamic analysis to extract execution traces from binary programs, builds data dependency graphs from these traces, and incorporates critical feature engineering. By combining the specialized graph representation with the Graph Neural Network (GNN), our approach enables accurate classification without requiring prior knowledge of specific encoding schemes. The Evaluation result shows that DESCG achieves 97.7% accuracy and an F1 score of 97.67%, outperforming baseline models. We also conducted an extensive evaluation of DESCG to explore which feature is more important for it and examine its performance and overhead. 

We report transition metal catalysis using novel chiral metal-chelating ligands featuring a silanol coordinating group and peptide-like aminoamide scaffold. The catalytic properties of the silanol ligand are demonstrated through an enantioselective Cu-catalyzed N–H insertion affording unnatural amino acid derivatives in high selectivity. Our investigations into the silanol coordination mode include DFT calculations, ligand structure investigations, and X-ray structure analyses, which support the formation of an H-bond stabilized silanol-chelating copper carbenoid complex. A p–p stacking interaction revealed by DFT calculations is proposed to enable selectivity for aryl diazoacetate substrates, overcoming some of the traditional limitations of using these substrates. 

The interaction between soil minerals and soil organic matter (SOM) plays an important role in governing carbon release and sequestration in soil, yet understanding their behavior during wildfires remains poorly understood. This study examined the evolution of humic acid (HA, a representative of SOM) under simulated wildfire heating conditions (30–900 °C) in the presence of two representative soil minerals: montmorillonite (Mnt) and ferrihydrite (Fhy). Whereas Fhy accelerated the mineralization of HA, Mnt enhanced its preservation. These disparities stemmed from variations in the surface reactivity, structure, and transformations of Fhy and Mnt. Lewis acid sites, more abundant on Fhy surfaces than on Mnt surfaces, enhanced the decarboxylation of HA and caused carbon losses as CO2. However, Brønsted acid sites, which are more abundant on Mnt surfaces than on Fhy surfaces, enhanced carbon preservation by promoting HA isomerization and aromatization. Above 350 °C, lattice oxygen release from Fhy promoted the oxidative decomposition of HA, while Fhy itself underwent reduction to form magnetite, wüstite, and zero-valent iron. The confinement of HA within the micro/mesopores created by Mnt’s inert nanolayers prevented the thermal degradation of HA, enhancing carbon preservation. These findings advance our understanding of the specific roles of soil minerals in the decomposition, transformation, and preservation of SOM during wildfires.