Web-based mechanisms, often mediated by malicious JavaScript code, play an important role in malware delivery today, making defenses against web-borne malware crucial for system security. This paper explores weaknesses in existing approaches to the detection of malicious JavaScript code. These approaches generally fall into two categories: lightweight techniques focusing on syntactic features s...

A significant number of attacks on systems are against the non-cryptographic components such as the human interaction with the system. In this paper, we propose a taxonomy of human-protocol interaction weaknesses. This set of weaknesses presents a harmonization of many findings from different research areas. In doing so we collate the most common human-interaction problems that can potentially ...

A recent article in TREE [1] presented a heavily documented review of experimental evolution, addressing three major issues: main questions and applications; experimental design and study systems; and caveats and limitations. Here, we comment on the latter issue. The soundness of a scientific method depends on not only its adequacy relative to the specific goals, but also the relative suitabili...

We propose a new attack on Feistel ciphers with a non-surjective round function. CAST and LOKI91 are examples of such ciphers. We extend the attack towards ciphers that use a non–uniformly distributed round function and apply the attack to CAST.

Existing classification and rule learning algorithms in machine learning mainly use heuristic/greedy search to find a subset of regularities (e.g., a decision tree or a set of rules) in data for classification. In the past few years, extensive research was done in the database community on learning rules using exhaustive search under the name of association rule mining. The objective there is t...

This report presents analysis of the compression function of a recently proposed hash function, FORK-256. We exhibit some unexpected differentials existing for the step transformation and show their possible uses in collision-finding attacks on different variants of FORK256. As a simple application of those observations we present a method of finding chosen IV collisions for a variant of FORK-2...

Recently, a certificateless signcryption scheme in the standard model was proposed by Liu et al. in [1]. Another certificateless signcryption scheme in the standard model was proposed by Xie et al. in [2]. Here, we show that the scheme in [1] and [2] are not secure against Type-I adversary. 1 Certificateless Signcryption Scheme by Liu et al.[1] 1.1 Review of the Scheme In this section, we revie...

The El Escorial criteria for the diagnosis of amyotrophic lateral sclerosis (ALS) were established 20 years ago and have been used as inclusion criteria for clinical trials. However, concerns have been raised concerning their use as diagnostic criteria in clinical practice. Moreover, as modern genetics have shed new light on the heterogeneity of ALS and the close relationship between ALS and fr...

raine is one of the last post-communist countries where implementation administrative reforms has started in practice. The aim study to analyze local-level results main stage reform Ukraine which was carried out 2014–2020. analysis concerns Ukrainian local government units equivalent LAU 1 and 2. When collecting data, so-called triangulation sources applied. SWOT method used analysis, Neshkova ...