Valentine writing paper: October 2019

Thursday, October 31, 2019

How the Russian Economy Can Regain Its International Presence Essay

How the Russian Economy Can Regain Its International Presence - Essay Example This research will begin with the definition of a Market Economy. Janos Kornai's book The Socialist System: The Political Economy of Communism is a useful point of departure for defining a market economy. Five distinctive features of a socialist economy versus a market economy follow naturally from his classification. First, the foremost criterion of the communist economy was the supremacy of the Communist Party, with its ideology and politics, over the economy. This is so evident that it is often neglected. Now it has ceased. The economy has become depoliticized. Second, centralized state allocation, with centralized commands to enterprises on physical output targets and deliveries, has ended. State orders lingered on for some time in 1992 and 1993, but now they have been whittled down to nothing. Vertical, administrative allocation has been replaced by free, horizontal bargaining between independent enterprises. The economy has been liberalized both internally and externally. For i mports, all quotas are gone, and the protectionism the researcher discusses amounts to the level of the customs tariffs. For exports, some quotas, licenses, and taxes remain, but export deregulation is proceeding and an important additional step was taken in a presidential edict of May 23, 1994. In spite of periodic setbacks in the internal liberalization, market saturation is increasing steadily. The allocation has become depoliticized.... Consequently, the remaining state enterprises are independent, as in a market economy. Ownership has been depoliticized. Fourth, the economy has been monetized and the ruble has become a real, reasonably convertible, currency, with a unified exchange rate that is market-deter-mined and floating. Admittedly, the volume of U.S. dollars in circulation and in Russian bank accounts exceeds the volume of Russian rubles in Russia, but the dollar is also a currency. The problem here is not lack of monetization but the stabilization of the ruble. Fifth, the last major hurdle to making Russia a market economy was to introduce hard budget constraints in enterprises. This was essentially done on September 25, 1993, when President Boris Yeltsin issued a decree abolishing subsidized credits. The refinance rate was already high and rose to 17.5 percent a month--that is, 593 percent a year--on October 15, 1993, and it has stayed high in real terms since then. The budget deficit has been kept fixed at about 9-10 percent of GDP. Thus, since October 1992, Russia and Russian enterprises have faced a severe monetary squeeze, and Russia has reacted exactly as market economies do: the inflation rate has fallen, from over 20 percent a month last year to about 9 percent a month from February through April 1994. As a result, during those months Russia had a positive real interest rate of 9 percent a month, or 180 percent a year. A Russian enterprise in trouble can no longer count on the state to bail it out. Credit has become relatively, thou gh not completely, depoliticized (Aslund p. 5-6). The current attempt at financial stabilization may fail, and the social costs of the Russian transition might rise higher because of gradualism and

Tuesday, October 29, 2019

The VIctim and Victmizer Essay Example for Free

The VIctim and Victmizer Essay We read five words on the first page of a really good novel and we begin to forget that we are reading printed words on a page; we begin to see images. These were the word spoken by John Gardner and describe exactly what a reader goes through in Millers Death of a Salesman. A victim is the one against whom the act is perpetrated against and the victimizer is the abuser of the crime. Throughout Death of a Salesman, the main character Willy Loman both victimzes his wife and two sons and is also victimized. Linda, who is Willys loyal wife, is victimized by Willy through disrespect. Willy Loman usually has no time for her, he show impatience towards her and responds to her very abruptly. Willy complains when she buys a new type of cheese and throughout the play, he yells at her often when she is mending her stockings. LINDA: Oliver always though the highest of him Ã‚ WILLY: Will you let me talk?Ã‚ BIFF: Dont yell at her, pop, will ya?Ã‚ WILLY (angrily): I was talking, wasnt I?Ã‚ (Miller, pg. 38)Ã‚ It is clear that even Biff notices the disrespect of Willy towards his mother and he is hurt by it. In another scene, Biff describes his parents relationship.Ã‚ BIFF: He always, always wiped the floor with you. Never had an ounce of respect for you.Ã‚ (Miller, pg. 30) Even so, the disrespect is evident when the story unfolds and the audience is made aware that Willy has been cheating on Linda and giving her stockings to another woman. However much outrage this may cause the audience, the disgusting and appalling behaviour of Willy towards Linda, she too victimizes her husband. Although it is completely clear that she is a well-caring mother and wife, no one can deny that she plays a part in Willys death. Linda finds out about Willys deliberate car crashes and about the ripples in the gas line. She still supports him and pretends she knows nothing about it. She could have stopped Willy and helped him change instead of brushing it under the carpet and being ignorant to what was happening. Through that change, Willys death would have been avoided. She is afraid to hurt Willy and doesnt want him to know that she is aware of his feeble attempts of suicide. She wishes not to let Willy think that he has failed as a father and as a husband and has failed his financial responsibility.Ã‚ BIFF: Did you have it taken off?Ã‚ LINDA: Im Im ashamed to. How can I mention it to him? Everyday I go down and take away that little rubber pipe. But when he comes back home, I put it back where it was. How can I insult him that way? I dont know what to do. (Miller, pg. 60)Ã‚ Furthermore, Willy also victimizes his son Biff and has many flashback memories of his son. Willys feelings towards Biff are very strong and though he has two sons, he seems more inclined towards pleasing Biff. Willy loves Biff and has high expectations for him and at the end of the play, he thinks he has done Biff a favour by committing suicide. When he was young, Willy could find no fault with Biff and does not scold him for cheating or stealing. Once, Willy asks Bernard to give Biff the answers for the test and hence teaches his son immoral behaviour of cheating to get ahead in life. As a result, Biff is victimized because he grows up not knowing the real difference between right and wrong and what is immoral and correct. At the end, when Biff leaves, he goes for a last visit to Willy and tells him that his life as a failure is the fault of Willy. Willy refuses to accept it and accuses him of spite and continues to repeat that he wont accept the blame. Biff replies to his father. BIFF: I never got anywhere because you blew me so full of hot air I could never stand taking orders from anybody! Thats whose fault it is!Ã‚ (Miller, pg. 131)Ã‚ He also tells Willy that he and him are nothing and to give up his hopes for him.Ã‚ BIFF (crying, broken): Will you let me go, for Christs sake? Will you take that phony dream and burn it before something happens?Ã‚ (Miller, pg. 133)Ã‚ Even so, Willys victimization led to Biff victimizing Willy. Willy is caught by Biff when he is cheating on his mother and there is another woman with him in the room in Boson. Biff loses the respect for his father and he becomes sour and disillusioned. BIFF: You fake! You phoney little fake! You fake!Ã‚ (Miller, pg. 121)Ã‚ So, the attitude that Willy had towards his sons and his disrespectful behaviour and cheating towards his wife lead Biff to victimize him by becoming a failure and losing all respect for his father. He loses hope of ever being what his father dreamed of him being one day.Ã‚ In comparison, Willys attitude and relationship between Happy is different in that he does not expect very much from him and he doesnt have the high hopes and dreams for him like he does for Biff. His victimization of Happy is when he ignores or giver very little attention to him although Happy tends to be an attention-seeker throughout the play. Willy hardly ever speaks to him and if he does, it is through Biff or related to him somehow. Happy also victimizes Willy by not letting him down about the other woman and he ignored and denies Willy as his father later in the story when they meet at the Chop-House. LEETA: Dont you want to tell your father Ã‚ HAPPY: No, thats not my father. Hes just a guy.Ã‚ (Miller, pg. 115)Ã‚ He also tells lies about it to his mother when he is questioned by her.Ã‚ He then goes to later lies about it to his mother, Linda, when she rebukes them for deserting him in the restaurant for girls,Ã‚ LINDA (shouting after Biff): You invite him for dinner. He looks forwards for it all dayand then you desert him there. Theres no stranger youd do that to.Ã‚ HAPPY: He had a swell time with us. Listen when I desert him, I hope I dont outlive the day!Ã‚ (Miller, pg. 123) To conclude, Arthur Millers Death of a Salesman is filled with victimizations throughout the play whether they are directly or indirectly targeted. Willy victimizes his wife and his two sons but is also victimized by them throughout the play. But the real tragedy of his victimization is that it leads to more harm than he originally caused and he becomes the biggest victim of it also. In turn, the audience is shocked to see that he turns to victimize those closest to him. To some, he may be deserving of victimization, but others may sympathize with him and say justice has not been served.

Sunday, October 27, 2019

Antivirus Research And Development Techniques

Antivirus Research And Development Techniques Antivirus software is the most booming product which has constant developments to be most up to date defensive detecting product competing with all other antivirus software products available in the commercial market. This thesis covers few techniques used by the antivirus products, a general background information about viruses and antivirus products, some research made on antivirus overheads which shows what overheads are introduced to the computer on using an antivirus products, a research made on one of the most important and common technique used by the antivirus software products to detect viruses which is signature based detection, also covers how antivirus software is updated and how new virus signatures are updated to the virus database. There is some research also on selected algorithms used by the techniques, here in this thesis it is explained how each selected algorithm works to detect the code or a file as an infected file or uninfected. In the experimentation, the expe riment is done to detect a virus using three selected popularly known antivirus software products, where reports shown by the three products are compared and concluded. Chapter 1: Introduction A life without computers cannot be imagined in the present life style where it plays a very important role though it might be any field one chooses from the millions. Computer is vulnerable to attacks which are most dangerous and hard to handle with. Just like humans even computers are attacked by viruses. A virus can be in a form of worm, malware or Trojan horses anything that infects the computer. The common source of these viruses is World Wide Web where a malicious person can spread the malware very easily. Many researchers found many methods or procedures to stop the attacks of virus that came up with many techniques or software to remove the viruses which are called Anti-Virus software. A computer virus spreads into the computer through emails, floppy disks, internet and many other sources. The spreading mechanism is usually from one computer to another where it corrupts data or deletes the data from the computer. The viruses mostly spread through internet or through emails which may have some hidden illicit software where the user unknowingly downloads the material into the computer. A virus can attack or cause damage to boot sector, system files, data files, software and also on system bios. There are many newer viruses which attack on many other parts of the computer. Viruses can spread by booting the computer using the infected file, executing or installing the infected file, or by opening the infected data or file. The main hardware sources can be floppy disks, compact disks, USB or external hard drives or a connection with other computer on an unsafe medium. This rapid growth of viruses is challenging the antivirus software in different fields like prevention of viruses, preparation, detection, recovery and control of viruses. Nowadays there are so many antivirus software tools that remove viruses from the PC and helps protect from future attacks. Antivirus raises privacy and security issues of our computers we work on which is a major issue. However, after taking so many safety measures the growth of viruses is rapidly increasing which are most dangerous and wider. In this thesis, a history on viruses and evolution of antivirus software is shown where I will explain about how viruses came into existence and what type of viruses evolved and antivirus software discovery. This general criteria of this thesis is mainly targeted on three selected techniques and is mostly concentrated one technique out of the selected three techniques and scanning methods of antivirus products and also gives a basic scenario of how an antivirus product adopts a framework to update the virus database and also gives some information about how a general computer gets an information to update the product to make it ready to defend against the zero-day viruses. A brief comparison of viruses based on types where the definitions and related threats of viruses will be explained and the working effects of each type of viruses are explained. The working of antivirus software on different types of viruses is explained. Analysis of the current antivirus techniques, showing both advantages and disadvantages. In chapter 2 gives you the general outline of the thesis in which you can know a general history of the viruses, evolution of the antivirus software. A definition to the virus, types of viruses, the most common methods or techniques used. In chapter 3 Literature Review, shows the research and review of some selected papers or literature that I found interesting about w antivirus software. In this chapter, there is research in which some antivirus products, techniques and algorithms compared according to the developments in the recent times. Chapter 4 Experimentation part of the thesis where the comparison of different commercial antivirus products based on their efficiency to detect a virus is shown and also the results are based on false positives, false negatives and hit ratios shown by each antivirus product. Chapter 5 Conclusion concludes the thesis summarizing research and experimentation done on antivirus products. Appendix holds relevant information about the undefined key words or frameworks used in this thesis. Chapter 2 Overview This chapter gives general information about the viruses and antivirus giving some basic information about the virus history and when the antivirus software evolved. There different types of viruses and are classified according to the attacking features. This chapter will lead to better understanding of the techniques used by the antivirus products and also gives you basic knowledge about different antivirus products. 2.1 History of Viruses The computer virus is a program that copies itself to the computer without user permission and infects the system (Vinod et al. 2009). Virus basically means an infection which can be of many types of malware which include worms, trojan horses, rootkits, spyware and adware. The first work on computer programs was done by John Von Neumann in 1949 (wiki 2010). In his work he suggested that a computer program (the term virus was still not invented) can self-reproduce. The first virus was discovered in early 1990s which is Creeper virus. Creeper copies itself to other computers over a network and shows messages on the infected machine: IM THE CREEPER: CATCH ME IF YOU CAN. It was harmless but to catch the Creeper and stop it the Reaper was released. In 1974 Rabbit a program that spreads and multiples itself quickly and crashes the infected system after it reaches a certain limit or number of copies. In 1980s the virus named Elk Cloner has infected many PCs. The Apple II computer which was released in 1977 loads its operating system from the floppy disks, using these characteristics the Elk Cloner installed itself to the boot sector of the floppy disk and was loaded already before the operating system. Ã‚ ©Brain was the first stealth IBM-compatible virus. This stealth virus hides itself from being known and when detected it attempts to read the infected boot sector and displays the original, uninfected data. In 1987 the most dangerous virus got into news was Vienna virus which was first to infect the .COM files. Whenever the infected file was called it infects the other .COM files in the same directory. It was the first virus that was successfully neutralized by Bernd Fix and which leads to the idea of antivirus software. Then there were many viruses which were Cascade virus the first self-encrypting virus, Suriv Family virus which was a memory resident DOS file virus. Extremely dangerous virus was Datacrime virus which destructs FAT tables and cause loss of data. In 1990s there was Chameleon Virus, Concept virus and then CIH virus and in 2000s there were ILOVEYOU virus, My Doom Sasser. (Loebenberegr 2007) Vinod et al. 2009 defines computer virus as A program that infects other program by modifying them and their location such that a call to an infected program is a call to a possibly evolved, functional similar, copy of virus. To protect from the attacks, the antivirus software companies include many different methodologies for protecting against the virus attacks. 2.2 Virus Detectors The virus detector scans the file or a program to check whether file/program is malicious or benign. In this research there will be usage of some technical terms and detection methods which are defined below. The main goal for testing the file/program is to find for false positives, false negatives and hit ratio.(Vinod et. al. 2009) False Positive: This takes place when the scanner detects a non-infected file as a virus by error. They can be a waste of time and resources. False Negatives: This occurs when the scanners fail to detect the virus in an infected files. Hit Ratio: This happens when the virus scanner scans the virus. Detections are based on 3 types of malware which are: Basic In basic type the malware attacks the program at the entry point as shown in the figure 2.2.1. The control is transferred to virus payload as the entry point itself is infected. Infected Code Main Code Entry Infected by virus Figure 2.2.1 Attacking system by basic malware. (Vinod et al 2009) Polymorphic Polymorphic viruses are viruses which mutates by hiding the original code the virus consists of encrypted malware code along with decrypted unit. They create new mutants very time it is executed. The figure 2.2.2 shows how the main code or original code is encrypted by infected file to produce a decrypted virus code. Virus Code Decrypted Code Main Code Entry Encrypted by infected file Figure 2.2.2 Attacking system by polymorphic viruses. (Vinod et al 2009) Metamorphic Metamorphic viruses can reprogram themselves using some obfuscation techniques so that the new variants are not same as the original. It sees that the signatures of the subsets are not same as the main set. Form B Virus A Form A S1 S2 S3 Figure 2.2.3 Attacking system by metamorphic viruses. (Vinod et al 2009) The above figure 2.2.3 shows that the original virus and form of that virus have different signatures where s1, s2 s3 are different signatures. 2.3 Detection Methods 2.3.1 Signature based detection Here the scanners search for signatures which are sequence of bytes within the virus code and shows that the programs scanned are malicious. The signatures are developed easy if the network behavior is identified. Signature based detection is based on pattern matching. The pattern matching techniques evolved from times when the operating system was DOS. The viruses then were parasitic in nature and used to attack the host files and most common executable files. (Daniel, Sanok 2005) 2.3.2 Heuristic based detection Heuristics describe a method of scanning a virus by evaluating the patterns of behaviors. It takes the possibility of the file or program being a virus by testing the uniqueness and behavior matching them to the database of the antivirus heuristic which contains number of indicators. It is helpful to discover those viruses which does not have signatures or hides their signatures. It is also helpful to detect the metamorphic viruses (Daniel, Sanok 2005) 2.3.3 Obfuscation Technique This technique is used by the viruses to transform an original program into virus program using some transformation functions which makes the virus program irreversible, performs comparably with original program and has the functions of the original program. This technique is used mainly by metamorphic and polymorphic viruses. (Daniel, Sanok 2005) Antivirus Products There are many antivirus products available in the commercial market. Some of the most commonly used antivirus products are: McAfee G Data Symantec Avast Kaspersky Trend Micro AVG Bit Defender Norton ESET Nod32 Chapter 3: Literature Review 3.1 Antivirus workload characterization A research done by (Derek, Mischa, David 2005) shows an antivirus software package takes many ranges of techniques to check whether the file is infected or not. But from the observations of (Derek, Mischa, David 2005) to best difference between some antivirus software packages compare the overheads introduced by the respective antivirus software during on-access execution. When running antivirus software there is usage of two main models which are: on-demand. on-access. On-demand involves the scanning of the user specified files where as on-access can be a process that checks the system-level and the user-level operations and scans when an event occurs. The paper discusses the behavior of four different anti-virus software packages which run on a Intel Pentium IV being installed with Windows XP Professional. Considering three different test scenarios: A small executable file is copied from the CDROM to the hard disk. Executing a calc.exe And also executing wordpad.exe. All these executable files are running on the Windows XP Professional operating system. The antivirus packages used in this experiment were Cillin, F-Port, McAfee and Norton. The execution of the files are done using the before mentioned antivirus packages. Figure 3.1.1 shows the usage of these packages introduces some overheads during the execution which increases the time of execution. Fig 3.1.1 Performance degradation of antivirus packages (Derek, Mischa, David 2005) Then a test was made to know about the extra instructions executed when the file system operations is performed and also when loading and executing a binary. Taking the both scenarios a small binary of very less size is involved. It is found that the execution is dominated by some hot basic blocks in each antivirus package. A basic block is considered hot if it is visited more than fifty thousand times. To detect the behavior of antivirus software packages the (Derek, Mischa, David 2005) used the platform which was majorly targeted by the virus attacks and also must have the existence of some of the commercial antivirus software. A framework of simulator is introduced here called Virustech Simics this has architectural structure as shown in table 3.1.1. Virustech Simics is a simulator that includes a cycle-accurate micro-architectural model and used to get cycle-accurate performance numbers. Table 3.1.1 Virustech Simics architectural structures (Derek, Mischa, David 2005) Processor Model Processor Operating Frequency L1 Trace Cache L1 Data Cache L2 Cache Main Memory Intel Pentium 4 2.0A 2GHz 12K entry 8KB 512KB 256MB The goal behind the model is to confine the execution of antivirus software on a system. To achieve metrics the stream executed is passed to the simulator. To simulate the micro-processor, simics are configured. The host (simulator) executes the operating system loaded via simulated hard drive. On top of the operating system the researchers have installed and run the antivirus software and also the test scenarios are taken (see figure 3.1.2). After this the comparison is done between the baseline configuration execution (without the antivirus software installed) and the systems that are installed with four different antivirus packages. L2 Cache Copy/execute process Antivirus Process L1 Inst Cache L1 data Cache Operating System (Windows XP) Inst Stream Simulate micro-architecture Simulated Architecture HOST Fig 3.1.2 Multi Level architectural Micro Architectural simulation environment (Derek, Mischa, and David 2005) The table 3.1.2 shows the summary of five configurations. For each experiment an image file is created and loaded as a CDROM in the machine. The execution of the utility (contains special instructions) at the start and end of each collection was done in order to assist accurate profile collection. Table 3.1.2: Five environments evaluated: Base has no antivirus software running (Derek, Mischa, David 2005) Configuration Anti-Virus edition Version Base NAV PC-Cillin McAfee F-Port Norton Anti-Virus Professional 2004 Trend Micro Internet Security McAfee Virus scan professional F-Port Antivirus for windows 10.0.0.109 11.0.0.1253 8.0.20 3.14b The three different operations invoke anti-virus scanning. In first, a file from the CDROM to the hard drive was copied, and then the operating system accessories: calculator and wordpad are run accessing through a shortcut. After experimentation it is found that there is less than one percent difference in the work load parameters throughout the profile runs. Then on doing the antivirus characterization it is seen that there is a gradual increase in the cache activity which shows that the overheads released is smallest for F-Port and highest for Norton. The impact on memory while running the antivirus software shows that Norton and McAfee have larger footprints that the Base case, F-Port Cillin. 3.2 Development techniques a framework showing malware detection using combination of techniques There are several developments in techniques used by antivirus software. These techniques must be able to detect viruses which were not detected by previous techniques and this is what we say a development in technique. Antivirus software not only does detect a virus but also worms, Trojan horses, spyware and other malicious codes which constitute malware. Malware is a code or a program which intents to damage the computer with its malicious code. We can filter malware by use of specific antivirus software that installs detection techniques and algorithms. Several commercial antivirus programs uses a common technique called signature-based matching; this technique must be often updated to store new malware signatures in virus dictionary. As the technology advances plenty of malware writers aim to employ better hiding techniques, importantly rootkits became a security issue because of its higher hiding ability. There is a development of many new detection methods which are used to detect malware, machine learning technique and data mining technique. In this research Zolkipli, M.F.; Jantan, A.,2010 have proposed a new framework to detect malware for which there is a combination of two techniques signature based technique and machine learning technique. This framework has three main sections which are signature-based detection, genetic algorithm based detection signature generator. Zolkipli, M.F.; Jantan, A., 2010 defines malware as the software that performs actions intended by an attacker without consent of the owner when executed. Every malware has precise individuality, goal attack and transmission method. According to Zolkipli, M.F.; Jantan, A., 2010 virus is that malware, which when executed tries to replicate itself into other executable code within a host. What so ever, as technology advances creating malware became sophisticated and extensively improved since early days. Signature-based matching technique is most common approach to detect malware, this technique works by contrasting file content with the signature by using an approach called string scan that search for pre-defined bit patterns. There are some limitations which needs to be solved to this technique though it is popular and very reliable for host-based security tool. The problem with signature-based matching technique I it fails to detect zero-day virus attack or zero-day malware attack. Zero-day malware attack are also called new launch malware. To store and capture a new virus pattern for upcoming use, some number of computers needs to be infected. Figure 3.2.1 shows an automatic malware removal and system repair was developed by F.Hsu et al. 2006 which has three important parts such as monitor, a logger, and a recovery agent. The framework solves two problems: Determines the un-trusted program that breaks the system integrity. Removal of un-trusted program Untrusted Process Trusted Process Logger Recovery agent Monitor Operating System Figure 3.2.1: Framework for monitoring, logging recovery by F.Hsu et al. 2006 The framework is used to monitor and enter logs of the un-trusted program. This framework is capable of defending known and unknown malware, though it does not need any prior information of the un-trusted programs. And from the user side there is no need of modifying any current programs and need not observe that the program is running in the framework as the framework is invisible to both known and unknown malware. A sample of this framework was used on the windows environment and shows that all the malware changes can be detected compared to the commercial tools which use the signature based technique. Machine learning algorithm was tested and applied on the malware detection technique. In order to classify the signature-based technique limitations that particular technique was using an adaptive data compression. The two restrictions of signature-based technique according to Zolkipli, M.F.; Jantan, A., 2010 are: It is not compulsory that all malicious programs have bit patterns which are proof of their malicious nature and are also not recorded in virus dictionaries. Many forms of bit patterns are taken by obfuscated malware that will not work on signature-based technique. Genetic Algorithm (GA) takes the full advantage of system limitations that are used to detect zero day malware or the day malware was launched. The algorithm was used to develop a detection technique called IMAD that analyzes the new malware. To oppose the restrictions of signature-based detection technique this technique has been developed. Data mining is another technique which was applied on malware detection much before. The standard data mining algorithm classifies every block file content as normal or used to categorize potentially the malware. To defeat the limitations of signature-based antivirus programs an Intelligent Malware Detection System known as IMDS was developed. This system used Object Oriented Association which adapts OOA_Fast_FPGrowth algorithm. A complete experimentation on windows API file sequence was done which re called PE files. The huge gathering of PE files was taken from the King Soft Corporation antivirus laboratory which is used to compare many malware detection approaches. The results show that IMDS system shows the best results than Norton and McAfee. The proposed framework has two techniques combined which are signature-based technique and GA technique. It was designed to resolve two challenges of malware detections. How to detect newly launched malware (Zolkipli, M.F.; Jantan, A., 2010) How to generate signature from infected file (Zolkipli, M.F.; Jantan, A., 2010) Signature Generator S-Based Detection GA Detection Figure 3.2.2: Framework for malware detection technique (Zolkipli, M.F.; Jantan, A., 2010) The main components are s-based detection, s-based generator and GA detection(see figure 3.2.2). The s-based detection acts first in defending the malware, then GA detection is the second layer which is another defense layer that is used to detect newly launched malware. After creating the new signature from zero-day malware these signatures are used by signature based detection technique. Signature based detection is a fixed examining method used on every antivirus product. This is also called a static analysis method. This decides whether the code is malicious or not by using its malware characterization. This technique is sometimes also called scan strings. In general every malware has one or more patterns of signature which has unique characters. Antivirus software searches through data stream bytes, when a program is executed. Database of antivirus software has thousands of signatures it scans through each signature comparing it with the program code which is executed. For comparing purposes searching algorithm is used, the comparison is usually between program code content with the signature database. The Zolkipli, M.F.; Jantan, A., 2010 chooses this technique at the beginning of the framework because of its effective detection of well known viruses. This technique was used in this framework in order to develop the competence of computer operation. G.A detection technique is one of the most popular technique that is used to detect newly launched malware. This is used to learn approaches to resolve algebraic or statistical research problems. This is a machine learning technique which applies genetic programming that learns a evolving population. Chromosomes are used for data representation which is used in this algorithm, chromosomes are bit string values, new chromosomes are developed from a bit string combinations from existing chromosomes. Basing the nature of the problem the solution for the problem is given. Crossover and mutation are 2 types of basic operations in GA, to solve the issues concerned with polymorphic viruses and new types of malware this technique was introduced in this framework. By using this technique codes of malware using hidden technique can also be detected which only because of its learning and filtering aspects of virus behavior.( Zolkipli, M.F.; Jantan, A., 2010) S-based generator generate string patterns are used by signatures which are used to characterize and identify the viruses. Forensic experts started creating signatures once a new virus sample is found, based on the virus behavior these signatures are created. All the antivirus products creates their own signatures and accessing records they are encrypted in case there are more than one antivirus software installed on the computer. As soon as a signature is created the signature database is updated with it. Every computer user requires updating the antivirus product with the database in order to defense against the new viruses. Signature pattern is 16 bytes and to detect 16 bit virus 16 bytes is more than enough.( Zolkipli, M.F.; Jantan, A., 2010) This generator takes the behavior of virus which identified by the GA detection. The signature pattern of the virus is generated and is added to virus database as a new signature for the signature based detection. To replace the forensic experts task this framework was proposed. This creation of framework was lot useful in detecting the new virus signature, and to improve the efficiency and performance of the computer. 3.3 Improving speed of signature scanners using BMH algorithm. This paper discusses about the problem of detecting viruses using signature scanning method that relies on fast pattern matching algorithm So basically in this technique the pattern is a virus signature which is searched for anywhere in the file. This algorithm is an expensive task which affects the performance frequently. Many users may find it impatient if the pattern matching algorithm does not work fast and consumes lot of time. So to avoid this faster pattern matching algorithm is used to the scanner which is Boyer-Moore Horspool algorithm when compare d to Boyer-Moore algorithm and Turbo Boyer Moore algorithm proved to be the fastest pattern matching algorithm. In technical terms, a virus has three parts which are trigger, infection mechanism and payload. The main mechanism which is infection mechanism part actually looks for fatalities and frequently avoids multiple infections. After looking for fatalities it might overwrite the fatalities or can attach itself at the beginning of the file or at the end of the fle. Trigger is actually a event which specifies when the payload has to be executed. The payload is the foundation of malicious behavior which actually can be corruption of boot sector or manipulating files. To detect a virus and to disinfect the infected file are two most important tasks of algorithms used by antivirus software. So defense system code of the algorithm must have a part that is able to detect any type of virus code. There are four types of basic detection techniques. Integrity Checking Signature Scanning Activity Monitoring Heuristic Method. Integrity checking technique: This program gives checker codes that can be checksums, CRCs or hashes of files that are used to check viruses. Regularly the checksum are re-computed and is compared against the previous checksums. In case the two checksums does not match it is indicated that the file is infected since the file is modified. This technique detects the virus presence by detecting the change in files and also is capable to detect new or unknown viruses. But this technique has several drawbacks. Firstly, the primary checksum calculation has to be performed on a virus less clean system so the technique can never detect viruses if system is infected. Secondly there are lots of false positives if the system is modified during execution. (Sunitha Kanaujiya, et., al 2010) Signature scanning technique: This technique is used on large scale to detect virus. This reads data from a system and to that it applies pattern matching algorithm to list of existing virus patterns in case it matches with the existing patterns it is a virus. This scanning technique is effective but the pattern database needs frequent updating which is very easy. There are several advantages of this scanner one of it is the scanning speed for this technique can be increased, it can also be used to detect other types of malicious programs like Trojan horses, worms, logic bombs, etc. So mainly for the virus it is only signature of the virus which is needed and update it to the database. This technique is used on many viruses due to this reason. Activity monitoring technique: This technique is used to monitor the behavior of programs executed by some other programs these monitoring programs are known as behavior monitor and they stay in main memory. The behavior monitors alarms or do some action to prevent the program when it tries to do some unusual activities like interrupting tables, partition tables or boot sectors. The database maintains every virus behavior that is supposed to be. The main disadvantage is when the new virus uses another infecting method that is not in the database and in this scenario finding virus is helpless. Secondly viruses avoid defense by activating earlier in the boot sequence prior to the behavior monitors. And also viruses modify the monitors

Friday, October 25, 2019

North and South by Elizabeth Gaskell Essay -- nineteenth century Engla

The nineteenth century was a time of economic, technologic, and population growth. These changes created problems in everyoneÃ¢â‚¬â„¢s daily lives. Two examples of things that affected the lives of many were disease and sanitation. Disease and sanitation led to high mortality rates in Nineteenth- Century England. This relates to North and South by Elizabeth Gaskell as it takes place during nineteenth century England and multiple characters died presumably due to disease. In North and South by the Victorian Novelist, Elizabeth Gaskel, the towns in the book were given different names than they were in England during the nineteenth century. The population growth, diseases, and sanitation was similar throughout all of England, however most research focuses on London, England due to London being one of the largest cities in England. The nineteenth century was definitely a time of population growth and England was no exception to population growth. According to Professor of Economics, Nicola Tynan, in 1801, the metropolis in London had a population of 959,000. By 1851, the population had grown to 2.3 million residents and then in 1900, the population was up to 4.5 million (Tynan, 76). People in the area just wanted to move into the cities for the news jobs that were available in industry and to change their lives. These statistics are for the London metropolis, but the same population growth was occurring in many of the cities in northern England. In North and South, Elizabeth Gaskell examines the Hale family as they moved from Helstone to Milton. The family moved because Mr. Hale felt like he could no longer faithfully fulfill his position in the village, so the family went to the city for a change and to start over. (Gaskell... ...SouthÃ¢â‚¬ . Penguin Books. England. 2003. Print. Jenson, Jane. Ã¢â‚¬Å"Getting to Sewers and Sanitation: Doing Public Health within Nineteenth Century BritainÃ¢â‚¬â„¢s Citizenship Regimes.Ã¢â‚¬ Politics and Society. Volume 36. No. 4 532-556. December 2008. Web. Pooley, Marilyn E., and Pooley, ColinG. . Ã¢â‚¬Å"Urban Disease and Mortality in Nineteenth Century England.Ã¢â‚¬ 1984. Great Britain. Print. Pages 158-159. Thorsheim, Peter. Ã¢â‚¬Å"The Corpse in the Garden: Burial, Health, and the Environment in Nineteenth-Century London.Ã¢â‚¬ Environmental History 16.1 (2011):38-68. Proquest. Web. 30 Oct. 2013. Tynan, Nicole. Ã¢â‚¬Å"Nineteenth Century London Water supply: Processes of innovation and improvement. Ã¢â‚¬Å"Review of Austrian Economics. Volume 26. Issue 1. 2013. Pages 73-91. Web. Woods, Robert. Woodward, John. Ã¢â‚¬Å"Urban Disease and Mortality in Nineteenth Century England.Ã¢â‚¬ 1984. Great Britain. Print.

Thursday, October 24, 2019

Is India Safe for Its Residents? Essay

In fact I think INDIA is the safest place to live in on earth for Indians.Yes I do agree that there is terror of terrorism; but then u need to firmly fight againstit. U can run off ur responsibilities by saying that India is not a safe place. TohÃ¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. do u think that settling down in foreign can make u feel secure If u think so ur definitely wrong!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Are Indians safe in a country like AUSTRALIA,infact Indians are insultedthere and where ever we go and what ever we doÃ¢â‚¬ ¦..there is nothing that equals our mother and mother land. violence and problems maybe a trouble for us ..but i think there will be no placewith out problems Ã¢â‚¬ ¦. what we need to do is justto manage ourselvesÃ¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ any ways to sum it up..INDIA IS THE SUPERIOR,THE SUPREME AND THE HEAVEN FOR INDIANS. right ______________________________________Ã¢â‚¬ ¦ In India there has been lack of political will and assertive decision making to bring such fugitives to justice. Barely a month later, with the Delhi blasts this weekend, the NSA might have to revise his earlier estimate; his claimssound meaningless. Jammu and Kashmir is facing unrest. The Northeast is unsettled.West Bengal andTelangana are simmering, over 160 districts in 13 states are in the grip of left wing extremism. While the crime rate is growing, abductions and extortions have almost become an industry. The rangdari and supari culture is now a new brandof threat to the Indian citizen.Money laundering, hawala, small arms proliferation and human trafficking are on the rise. The debate on countering these internal threats, however,has been overwhelmed by politics, rather than deterrent action.While India seems tobe safe are Indians secure? Or are we on course to a functional anarchy? IndiaÃ¢â‚¬â„¢s current crisis of internal security has been a concern particularly since Decembe r 2001. When terrorists assaulted Parliament, they struck at IndiaÃ¢â‚¬â„¢s nerve centre; a qualitatively different target; and at variance with IndiaÃ¢â‚¬â„¢s previous experience with multiple threats of insurgencies, terrorism, left wing extremism, narcotic trafficking, religious fundamentalism and subnationalism. The Indian security apparatus and elite are largely indifferent, or have shied away from formulating an internal security doctrine. There has been no serious attempt to institutionalise a mechanism, direction or assertive policy to deal with Ã¢â‚¬Å"internal threatsÃ¢â‚¬ ; interim, ad hoc and incremental means have been the favoured methods adopted by successive governments. There is virtually no means to define coherentlythe enemy within. The continuous assault on Indian citizens and their psyche has shown clearly that the security apparatus has failed to plug the reocurrence of terrorist attacks. The intelligence fraternity gropes in the dark about the actual strength, source, capacity and logistics of the enemyÃ¢â‚¬â„¢s next attack.With our domestic security apparatus going so horribly awry we can take it for granted that we will almost never apprehend the killers. Worse, these terror attacks and militancy are seen as merely a Ã¢â‚¬Å"law andorderÃ¢â‚¬ concern and treated as subject of state, whenever, political violence on a massive scale breaks out in a state, the police become the first responders. The police in India are trained, equipped and mentally conditioned to deal only with civil disorders.When confronted with serious threats to internal securitylike terrorism, insurgency and other proxy war situations, they find it difficult to respond effectively. In such a situation, the state seeks the expertise of paramilitary forces. Creation of fast track courts to avoid judicial delay and enactment of a deterrent anti-terror law would constitute an essential step forward. The need of the hour is toinstitutionalise, develop procedures and processesthat would boost inter institutional co-ordination, facilitate professional conduct of operations on athorough, professional policy analysis. Lack of professional mindset for informed debate, fierce expression of spite, bitterness and mutual political acrimony take place instead of constructive policy discussions

Wednesday, October 23, 2019

AMD Case Final

Finally, MAD needs to switch the consumer's fixation from specifications such as GHz and KGB, to visual experience. Although Llano is already delayed, it will be ready by mid-201 1 . The next selling cycle, right after mid-2011 , is the Back Ã¢â‚¬â€œ to Ã¢â‚¬â€œ School season. This means that waiting until mid-2011 is not necessarily a bad thing. Intel already rushed out a CHIP+SPIN processor called Sandbagging in order to be the first to market, and in doing so produced a mediocre product. According to analysts, Ã¢â‚¬Å"Intel GAP technology is a generation behind its CPU technology and cannot Offer a outing-edge graphics experience. Unlike Intel, Mad's strength is in dedicated Spies, due to the acquisition of AT I. Therefore, MAD can release a more complete CHIP+SPLIT processor, aka APP, in time for the Back-to-School season. Usually incentives are negotiated prior to each selling cycle: Back-to- School, Holiday season, and Spring. MAD can offer incentives to retail stores such as Be st Buy, H. H. Gregg and Office Depot prior to the Back-to-School season. The incentives would benefit the retailers because they would be paid an extra 5-10 dollars per PC sold, that contains one of Mad's chips.MAD would also benefit from giving retail incentives by getting more exposure on prominent displays, promotional merchandise available at the retail stores, PC's with MAD chips featured in ad circulars, and MAD would have access to sales associates for training purposes in return for the incentive. MAD specifically should have a combination of merchandising and training because studies show that when merchandising and training are combined, the VISION brand is better communicated and recommended to customers via retail sales associates.For example, when comparing VISION awareness, Merchandising Alone scored 88%, whereas Merchandising + Training scored 97%. For VISION recommendation, Merchandising Alone scored 46%, whereas Merchandising + Training scored 69%. The Fusion produc t line consists of one high end product called Llano that was suitable for high-performance desktops and laptops, one mid-tier product called Acetate suitable for low-end notebooks, and one low-end product called Ontario mainly used for notebooks. Acetate and Ontario were also referred to as Bravos.The reason why we choose to launch Llano first, and not Bravos, is because the VISION rand needs to be associated with quality processors and reasonable prices in comparison to Intel. We assume that if MAD launches Bravos first, the VISION brand will run the risk of being miscommunication as a low-end, weak processor and thus MIS-positioned in consumers' minds, due to a negative first impression. In the past, MAD lacked the ability to court high-end markets, and VISION's Llano is an attempt to break into high-end markets which will give MAD an opportunity for larger profit margins and market share gains in PC's.Odessa said, Ã¢â‚¬Å"Internal projections forecasted that Llano, which would co ver all mainstream and high-end products, would account for 70% of Fusion APP sales and that Acetate and Ontario would account for 30%Ã¢â‚¬ . Looking back at Mad's history with Intel, the companies seem to always have a response to one another, or a way to get back at each other. Whether it is by launching a better product, price-cutting, acquisitions, or rushing products to the market, they usually respond within a year or two.For instance, when Intel's Titanium failed because it could not service 32-bit software, MAD developed the Petrol, which could service both 64-bit and 32-bit software hush creating success for MAD. Part of its success was due to the fact that users did not have to buy new software packages for the processor, unlike Titanium which required new software and proved to be costly. We would rather have the Llano be like a repeat of the Petrol in comparison to Intel's Sandbagging.This means that even though Intel went to market first with a CPU+SPIN processor, MAD can release a better APP about six months later, which is a relatively quick retaliation to Intel when compared to their history. In order to not make the same mistake that Titanium did, we recommend MAD ark with content and software makers before launching Llano. Another important characteristic about Llano is that it needs to be able to function with both 64-bit and 32-bit programs. The plan is to release Llano with only a few major necessary software applications and programs optimized for 64- bit, so that the Llano APP can be fully experienced by users.As mentioned in the case, Ã¢â‚¬Å"the lead time for optimizing applications was typically a yea'. Releasing Llano with only a few optimized programs allows Llano to roll out in mid-2011. Also, the idea is that developers can create optimized software ever time, much like how Google Chromate was released with a few notable APS and has gained more over time. Some programs we would optimize are: Direct 1 1, Directorates, Photo and vid eo editing APS, Adobe Acrobat. A large number of optimized programs and applications will come after Llano's debut.MAD should be concerned with improving relationships with Memos by not forcing the Memos to exclusively use MAD processors and logos, unlike Intel, which according to management Ã¢â‚¬Å"used its dominant position to dictate terms to Memos or threaten not to work with them if they did not use Intel chips exclusivelyÃ¢â‚¬ . By not imposing on Memos, MAD opens itself to being used by companies such as Apple, which prefers not to put other brands on its devices. MAD should continue following its new branding strategy VISION, which focuses on how the computer is used and not on how fast the computer can calculate excel spreadsheets. If we make the experience matter most, the VISION campaign has done its job. Ã¢â‚¬ Currently the conversation between salespeople and consumers revolves around hardware specifications, but MAD wants the conversation to be about what the compute r can do. MAD should define its CPU and JPG in simple terms that re straightforward, unlike Intel which is very technical. Communicating the change from Intel style specifications to MAD visual experience will require in person demonstrations done by retail sales associates.Retail sales associates will carry out blind tests for consumers by showing shoppers two computers side by side, one with an Intel Sandbagging processor and the other with an MAD Fusion processor. Customers will then choose which computers they feel have the better graphics and visuals, from the demonstrations of the Intel vs.. MAD blind test. Another way to communicate to consumers that MAD APP processors are better, not only for use of Excel but also for visuals, is to show them an experience comparison with the competitor; in this case it is Intel.The VISION Experience Comparison would be signage that translates industry standard specification lingo; it would show that Intel's processor is equal to choppy, fix ated gamely, whereas Amid APP is equal to vivid, clean, smooth game play. The VISION Experience Comparisons would be displayed on the retailer's shelf, where the specifications are typically shown for each computer. The VISION Experience Comparisons would only be splayed for computers that contain MAD Pap's. Strategy #1 Add Apes for new form factors such as smoothness and tablets to the Fusion product line.Create relationships and incentive Memos to use the smartened and tablet APES. Rationale #1 The Fusion line currently consists of three different processors: Llano, Acetate, and Ontario. Each processor in the Fusion line is geared toward a certain type of PC. For example, Llano is for powerful desktops and laptops, whereas Acetate is for low-end notebooks. Ontario is for notebooks. The Fusion line up competes with Intel's Ã¢â‚¬ËœCore' product line nicely. One area of concern is new form factors, such as tablets and smoothness. Currently, Intel is selling the Atom for tablets and s moothness.MAD should include an APP that can service these tablets and smoothness, as well. Looking at the competitive landscape, one can see that tablets and smoothness are under great demand from consumers. Apple's phone has had major success since 2007 and pads, which were recently released in April 201 0, have shown strong sales. MAD has the ability and should position itself in the tablet and smartened markets as a graphically strong PAPAL maker. It is in Mad's best interest to become an industry standard for smoothness and tablets. MAD can do this by creating good relationships with manufacturers through flexible deals.For example, MAD will not require Apple to show MAD labels or logos on its products. Also, MAD will strive to have better prices than Intel. In addition, since some of the smartened Memos are also the same companies that create PC's, MAD can offer bundles. For example, if the same MEMO uses MAD processors in both desktops and smoothness, MAD could Offer a larger discount on advertising or products. Strategy #2 Keep Mad's VISION marketing strategy, but include a marketing campaign using various media to better portray the VISION marketing strategy.In addition, improve retail and Memos relationship with MAD, to further increase sales. Rationale #2 Mad's new branding strategy for the introduction of the integrated CHIP/ SPIN, VISION, focuses on consumers' experience, visuals, and graphics instead of concentrating on the specifications, speed, and numbers a computer may have. The MAD PC purchasing study showed, Ã¢â‚¬Å"consumers want a simple, straight forward way to compare and choose computersÃ¢â‚¬ , which indicates hat most consumers are more concerned with Ã¢â‚¬Å"what the computer does, over what is inside Of itÃ¢â‚¬ .An example Off circular ad featuring VISION is provided in the case; however, it only shows specifications on the MAD processor found inside the Notebooks, completely omitting the message of the VISION strategy. The idea is to provide customers with the most important specifications and also integrate the message, Ã¢â‚¬Ëœthe experience matters mostÃ¢â‚¬ . For the Fusion processor, customers would want to experience HAD quality video online gaming, enhanced video and photo viewing, high performance photo editing, and AD gaming. This would be a more social, recreational use for a computer or notebook.The new Vision marketing strategy would include a marketing campaign that involves an initiative to change the consumer message throughout various types of media. The campaign will communicate to consumers that MAD APP processors are better, not only for use of Excel, but also for visuals. The ads in the campaign will show consumers a direct comparison with the competitor, in this case Intel. The campaign will be called the VISION Experience Comparison. The VISION Experience Comparison itself would include ads hat show translations of industry standard specification lingo.For example, the ads will demonstra te that Intel's processor is equal to choppy, fixated gamely, whereas Mad's APP is equal to vivid, clean, smooth game play. The campaign will be in use two months before each Computer selling cycle. For instance, VISION Experience Comparison commercials will be displayed most heavily two months before the Back-to-School cycle, in order to generate demand. Marketing strategy is important, but relationships with retailers and Memos are also crucial in order for MAD to deliver its new APP processor to ND-users.Intel has the lead on MAD when it comes to MEMO relationships; Intel goes as far as using threats as one of its partnership strategies by making Memos deal exclusively with them. MAD needs to use a non- threatening strategic partnership; make deals with Memos by not forcing them to place Mad's VISION logo on its devices. For example, Ã¢â‚¬Å"Apple hasn't allowed Intel to place a logo on its computers and the company has the most market share for notebooks over $1000Ã¢â‚¬ . This m eans that MAD has the opportunity to make a business deal with a top tier computer brand like Apple.This is cause MAD will not threaten to not cooperate with Apple, in case Apple does not wish to display MAD logos on its devices. MAD should partner with leading Memos such as Hewlett-Packard and Dell Inc. , which have the lead in sales over Leno and Acre as seen on Exhibit 4 of the case. By introducing incentives, MAD could make itself more appealing to Memos. As mentioned in the case, Ã¢â‚¬Å"MAD can offer Memos 75% refund on full price of all print ads if Memos use the VISION brandÃ¢â‚¬ . Instead of reimbursing HP 3-5% of the purchase price of the chip, MAD could raise the percentage to 10%, making the deal appear more appealing to Memos.