-
Gender of Recruiter Makes a Difference: A study into Cybersecurity Graduate Recruitment
Authors:
Joanne L. Hall,
Asha Rao
Abstract:
An ever-widening workforce gap exists in the global cybersecurity industry but diverse talent is underutilized. The global cybersecurity workforce is only 25% female. Much research exists on the effect of gender bias on the hiring of women into the technical workforce, but little on how the gender of the recruiter (gender difference) affects recruitment decisions. This research reveals differences…
▽ More
An ever-widening workforce gap exists in the global cybersecurity industry but diverse talent is underutilized. The global cybersecurity workforce is only 25% female. Much research exists on the effect of gender bias on the hiring of women into the technical workforce, but little on how the gender of the recruiter (gender difference) affects recruitment decisions. This research reveals differences between the non-technical skills sought by female vs non-female cybersecurity recruiters. The former look for recruits with people-focused skills while the latter look for task-focused skills, highlighting the need for gender diversity in recruitment panels.
Recruiters are increasingly seeking non-technical (soft) skills in technical graduate recruits. This requires STEM curriculum in Universities to adapt to match. Designing an industry-ready cybersecurity curriculum requires knowledge of these non-technical skills. An online survey of cybersecurity professionals was used to determine the most sought after non-technical skills in the field. Analysis of the data reveals distinct gender differences in the non-technical skills most valued in a recruit, based on the gender of the recruiter (not the recruited). The gender differences discovered do not correspond to the higher proportion of women employed in non-technical cybersecurity roles.
△ Less
Submitted 11 August, 2024;
originally announced August 2024.
-
A Preliminary Study on Using Large Language Models in Software Pentesting
Authors:
Kumar Shashwat,
Francis Hahn,
Xinming Ou,
Dmitry Goldgof,
Lawrence Hall,
Jay Ligatti,
S. Raj Rajgopalan,
Armin Ziaie Tabari
Abstract:
Large language models (LLM) are perceived to offer promising potentials for automating security tasks, such as those found in security operation centers (SOCs). As a first step towards evaluating this perceived potential, we investigate the use of LLMs in software pentesting, where the main task is to automatically identify software security vulnerabilities in source code. We hypothesize that an L…
▽ More
Large language models (LLM) are perceived to offer promising potentials for automating security tasks, such as those found in security operation centers (SOCs). As a first step towards evaluating this perceived potential, we investigate the use of LLMs in software pentesting, where the main task is to automatically identify software security vulnerabilities in source code. We hypothesize that an LLM-based AI agent can be improved over time for a specific security task as human operators interact with it. Such improvement can be made, as a first step, by engineering prompts fed to the LLM based on the responses produced, to include relevant contexts and structures so that the model provides more accurate results. Such engineering efforts become sustainable if the prompts that are engineered to produce better results on current tasks, also produce better results on future unknown tasks. To examine this hypothesis, we utilize the OWASP Benchmark Project 1.2 which contains 2,740 hand-crafted source code test cases containing various types of vulnerabilities. We divide the test cases into training and testing data, where we engineer the prompts based on the training data (only), and evaluate the final system on the testing data. We compare the AI agent's performance on the testing data against the performance of the agent without the prompt engineering. We also compare the AI agent's results against those from SonarQube, a widely used static code analyzer for security testing. We built and tested multiple versions of the AI agent using different off-the-shelf LLMs -- Google's Gemini-pro, as well as OpenAI's GPT-3.5-Turbo and GPT-4-Turbo (with both chat completion and assistant APIs). The results show that using LLMs is a viable approach to build an AI agent for software pentesting that can improve through repeated use and prompt engineering.
△ Less
Submitted 30 January, 2024;
originally announced January 2024.
-
Automating question generation from educational text
Authors:
Ayan Kumar Bhowmick,
Ashish Jagmohan,
Aditya Vempaty,
Prasenjit Dey,
Leigh Hall,
Jeremy Hartman,
Ravi Kokku,
Hema Maheshwari
Abstract:
The use of question-based activities (QBAs) is wide-spread in education, traditionally forming an integral part of the learning and assessment process. In this paper, we design and evaluate an automated question generation tool for formative and summative assessment in schools. We present an expert survey of one hundred and four teachers, demonstrating the need for automated generation of QBAs, as…
▽ More
The use of question-based activities (QBAs) is wide-spread in education, traditionally forming an integral part of the learning and assessment process. In this paper, we design and evaluate an automated question generation tool for formative and summative assessment in schools. We present an expert survey of one hundred and four teachers, demonstrating the need for automated generation of QBAs, as a tool that can significantly reduce the workload of teachers and facilitate personalized learning experiences. Leveraging the recent advancements in generative AI, we then present a modular framework employing transformer based language models for automatic generation of multiple-choice questions (MCQs) from textual content. The presented solution, with distinct modules for question generation, correct answer prediction, and distractor formulation, enables us to evaluate different language models and generation techniques. Finally, we perform an extensive quantitative and qualitative evaluation, demonstrating trade-offs in the use of different techniques and models.
△ Less
Submitted 26 September, 2023;
originally announced September 2023.
-
Manifesting Unobtainable Secrets: Threshold Elliptic Curve Key Generation using Nested Shamir Secret Sharing
Authors:
J. L. Hall,
Y. Hertzog,
M. Loewy,
M. P. Skerritt,
D. Valladolid,
G. Verma
Abstract:
We present a mechanism to manifest unobtainable secrets using a nested Shamir secret sharing scheme to create public/private key pairs for elliptic curves. A threshold secret sharing scheme can be used as a decentralised trust mechanism with applications in identity validation, message decryption, and agreement empowerment. Decentralising trust means that there is no single point vulnerability whi…
▽ More
We present a mechanism to manifest unobtainable secrets using a nested Shamir secret sharing scheme to create public/private key pairs for elliptic curves. A threshold secret sharing scheme can be used as a decentralised trust mechanism with applications in identity validation, message decryption, and agreement empowerment. Decentralising trust means that there is no single point vulnerability which could enable compromise of a system. Our primary interest is in twisted Edwards curves as used in EdDSA, and the related Diffie-Hellman key-exchange algorithms. The key generation is also decentralised, so can be used as a decentralised secret RNG suitable for use in other algorithms. The algorithms presented could be used to fill a ``[TBS]'' in the draft IETF specification ``Threshold modes in elliptic curves'' published in 2020 and updated in 2022.
△ Less
Submitted 2 September, 2023;
originally announced September 2023.
-
Experimental Evaluation of Baselines for Forecasting Social Media Timeseries
Authors:
Kin Wai Ng,
Frederick Mubang,
Lawrence O. Hall,
John Skvoretz,
Adriana Iamnitchi
Abstract:
Forecasting social media activity can be of practical use in many scenarios, from understanding trends, such as which topics are likely to engage more users in the coming week, to identifying unusual behavior, such as coordinated information operations or PumpNDump efforts. To evaluate a new approach to forecasting, it is important to have baselines against which to assess performance gains. We ex…
▽ More
Forecasting social media activity can be of practical use in many scenarios, from understanding trends, such as which topics are likely to engage more users in the coming week, to identifying unusual behavior, such as coordinated information operations or PumpNDump efforts. To evaluate a new approach to forecasting, it is important to have baselines against which to assess performance gains. We experimentally evaluate the performance of four baselines for forecasting activity in several social media datasets that record discussions related to three different geo-political contexts synchronously taking place on two different platforms, Twitter and YouTube. Experiments are done over hourly time periods. Our evaluation identifies the baselines which are most accurate for particular metrics and thus provide guidance for future work in social media modeling.
△ Less
Submitted 11 October, 2022;
originally announced October 2022.
-
Simulating User-Level Twitter Activity with XGBoost and Probabilistic Hybrid Models
Authors:
Fred Mubang,
Lawrence Hall
Abstract:
The Volume-Audience-Match simulator, or VAM was applied to predict future activity on Twitter related to international economic affairs. VAM was applied to do timeseries forecasting to predict the: (1) number of total activities, (2) number of active old users, and (3) number of newly active users over the span of 24 hours from the start time of prediction. VAM then used these volume predictions t…
▽ More
The Volume-Audience-Match simulator, or VAM was applied to predict future activity on Twitter related to international economic affairs. VAM was applied to do timeseries forecasting to predict the: (1) number of total activities, (2) number of active old users, and (3) number of newly active users over the span of 24 hours from the start time of prediction. VAM then used these volume predictions to perform user link predictions. A user-user edge was assigned to each of the activities in the 24 future timesteps. VAM considerably outperformed a set of baseline models in both the time series and user-assignment tasks
△ Less
Submitted 17 February, 2022;
originally announced February 2022.
-
Analysis of MRI Biomarkers for Brain Cancer Survival Prediction
Authors:
Subhashis Banerjee,
Sushmita Mitra,
Lawrence O. Hall
Abstract:
Prediction of Overall Survival (OS) of brain cancer patients from multi-modal MRI is a challenging field of research. Most of the existing literature on survival prediction is based on Radiomic features, which does not consider either non-biological factors or the functional neurological status of the patient(s). Besides, the selection of an appropriate cut-off for survival and the presence of cen…
▽ More
Prediction of Overall Survival (OS) of brain cancer patients from multi-modal MRI is a challenging field of research. Most of the existing literature on survival prediction is based on Radiomic features, which does not consider either non-biological factors or the functional neurological status of the patient(s). Besides, the selection of an appropriate cut-off for survival and the presence of censored data create further problems. Application of deep learning models for OS prediction is also limited due to the lack of large annotated publicly available datasets. In this scenario we analyse the potential of two novel neuroimaging feature families, extracted from brain parcellation atlases and spatial habitats, along with classical radiomic and geometric features; to study their combined predictive power for analysing overall survival. A cross validation strategy with grid search is proposed to simultaneously select and evaluate the most predictive feature subset based on its predictive power. A Cox Proportional Hazard (CoxPH) model is employed for univariate feature selection, followed by the prediction of patient-specific survival functions by three multivariate parsimonious models viz. Coxnet, Random survival forests (RSF) and Survival SVM (SSVM). The brain cancer MRI data used for this research was taken from two open-access collections TCGA-GBM and TCGA-LGG available from The Cancer Imaging Archive (TCIA). Corresponding survival data for each patient was downloaded from The Cancer Genome Atlas (TCGA). A high cross validation $C-index$ score of $0.82\pm.10$ was achieved using RSF with the best $24$ selected features. Age was found to be the most important biological predictor. There were $9$, $6$, $6$ and $2$ features selected from the parcellation, habitat, radiomic and region-based feature groups respectively.
△ Less
Submitted 3 September, 2021;
originally announced September 2021.
-
Deep Learning Models May Spuriously Classify Covid-19 from X-ray Images Based on Confounders
Authors:
Kaoutar Ben Ahmed,
Lawrence O. Hall,
Dmitry B. Goldgof,
Gregory M. Goldgof,
Rahul Paul
Abstract:
Identifying who is infected with the Covid-19 virus is critical for controlling its spread. X-ray machines are widely available worldwide and can quickly provide images that can be used for diagnosis. A number of recent studies claim it may be possible to build highly accurate models, using deep learning, to detect Covid-19 from chest X-ray images. This paper explores the robustness and generaliza…
▽ More
Identifying who is infected with the Covid-19 virus is critical for controlling its spread. X-ray machines are widely available worldwide and can quickly provide images that can be used for diagnosis. A number of recent studies claim it may be possible to build highly accurate models, using deep learning, to detect Covid-19 from chest X-ray images. This paper explores the robustness and generalization ability of convolutional neural network models in diagnosing Covid-19 disease from frontal-view (AP/PA), raw chest X-ray images that were lung field cropped. Some concerning observations are made about high performing models that have learned to rely on confounding features related to the data source, rather than the patient's lung pathology, when differentiating between Covid-19 positive and negative labels. Specifically, these models likely made diagnoses based on confounding factors such as patient age or image processing artifacts, rather than medically relevant information.
△ Less
Submitted 8 January, 2021;
originally announced February 2021.
-
Unsupervised Cyberbullying Detection via Time-Informed Gaussian Mixture Model
Authors:
Lu Cheng,
Kai Shu,
Siqi Wu,
Yasin N. Silva,
Deborah L. Hall,
Huan Liu
Abstract:
Social media is a vital means for information-sharing due to its easy access, low cost, and fast dissemination characteristics. However, increases in social media usage have corresponded with a rise in the prevalence of cyberbullying. Most existing cyberbullying detection methods are supervised and, thus, have two key drawbacks: (1) The data labeling process is often time-consuming and labor-inten…
▽ More
Social media is a vital means for information-sharing due to its easy access, low cost, and fast dissemination characteristics. However, increases in social media usage have corresponded with a rise in the prevalence of cyberbullying. Most existing cyberbullying detection methods are supervised and, thus, have two key drawbacks: (1) The data labeling process is often time-consuming and labor-intensive; (2) Current labeling guidelines may not be generalized to future instances because of different language usage and evolving social networks. To address these limitations, this work introduces a principled approach for unsupervised cyberbullying detection. The proposed model consists of two main components: (1) A representation learning network that encodes the social media session by exploiting multi-modal features, e.g., text, network, and time. (2) A multi-task learning network that simultaneously fits the comment inter-arrival times and estimates the bullying likelihood based on a Gaussian Mixture Model. The proposed model jointly optimizes the parameters of both components to overcome the shortcomings of decoupled training. Our core contribution is an unsupervised cyberbullying detection model that not only experimentally outperforms the state-of-the-art unsupervised models, but also achieves competitive performance compared to supervised models.
△ Less
Submitted 6 August, 2020;
originally announced August 2020.
-
Finding Covid-19 from Chest X-rays using Deep Learning on a Small Dataset
Authors:
Lawrence O. Hall,
Rahul Paul,
Dmitry B. Goldgof,
Gregory M. Goldgof
Abstract:
Testing for COVID-19 has been unable to keep up with the demand. Further, the false negative rate is projected to be as high as 30% and test results can take some time to obtain. X-ray machines are widely available and provide images for diagnosis quickly. This paper explores how useful chest X-ray images can be in diagnosing COVID-19 disease. We have obtained 122 chest X-rays of COVID-19 and over…
▽ More
Testing for COVID-19 has been unable to keep up with the demand. Further, the false negative rate is projected to be as high as 30% and test results can take some time to obtain. X-ray machines are widely available and provide images for diagnosis quickly. This paper explores how useful chest X-ray images can be in diagnosing COVID-19 disease. We have obtained 122 chest X-rays of COVID-19 and over 4,000 chest X-rays of viral and bacterial pneumonia. A pretrained deep convolutional neural network has been tuned on 102 COVID-19 cases and 102 other pneumonia cases in a 10-fold cross validation. The results were all 102 COVID-19 cases were correctly classified and there were 8 false positives resulting in an AUC of 0.997. On a test set of 20 unseen COVID-19 cases all were correctly classified and more than 95% of 4171 other pneumonia examples were correctly classified. This study has flaws, most critically a lack of information about where in the disease process the COVID-19 cases were and the small data set size. More COVID-19 case images will enable a better answer to the question of how useful chest X-rays can be for diagnosing COVID-19 (so please send them).
△ Less
Submitted 20 May, 2020; v1 submitted 4 April, 2020;
originally announced April 2020.
-
The Nipple-Areola Complex for Criminal Identification
Authors:
Wojciech Michal Matkowski,
Krzysztof Matkowski,
Adams Wai-Kin Kong,
Cory Lloyd Hall
Abstract:
In digital and multimedia forensics, identification of child sexual offenders based on digital evidence images is highly challenging due to the fact that the offender's face or other obvious characteristics such as tattoos are occluded, covered, or not visible at all. Nevertheless, other naked body parts, e.g., chest are still visible. Some researchers proposed skin marks, skin texture, vein or an…
▽ More
In digital and multimedia forensics, identification of child sexual offenders based on digital evidence images is highly challenging due to the fact that the offender's face or other obvious characteristics such as tattoos are occluded, covered, or not visible at all. Nevertheless, other naked body parts, e.g., chest are still visible. Some researchers proposed skin marks, skin texture, vein or androgenic hair patterns for criminal and victim identification. There are no available studies of nipple-areola complex (NAC) for offender identification. In this paper, we present a study of offender identification based on the NAC, and we present NTU-Nipple-v1 dataset, which contains 2732 images of 428 different male nipple-areolae. Popular deep learning and hand-crafted recognition methods are evaluated on the provided dataset. The results indicate that the NAC can be a useful characteristic for offender identification.
△ Less
Submitted 28 May, 2019;
originally announced May 2019.
-
Iterative Deep Learning Based Unbiased Stereology With Human-in-the-Loop
Authors:
Saeed S. Alahmari,
Dmitry Goldgof,
Lawrence O. Hall,
Palak Dave,
Hady Ahmady Phoulady,
Peter R. Mouton
Abstract:
Lack of enough labeled data is a major problem in building machine learning based models when the manual annotation (labeling) is error-prone, expensive, tedious, and time-consuming. In this paper, we introduce an iterative deep learning based method to improve segmentation and counting of cells based on unbiased stereology applied to regions of interest of extended depth of field (EDF) images. Th…
▽ More
Lack of enough labeled data is a major problem in building machine learning based models when the manual annotation (labeling) is error-prone, expensive, tedious, and time-consuming. In this paper, we introduce an iterative deep learning based method to improve segmentation and counting of cells based on unbiased stereology applied to regions of interest of extended depth of field (EDF) images. This method uses an existing machine learning algorithm called the adaptive segmentation algorithm (ASA) to generate masks (verified by a user) for EDF images to train deep learning models. Then an iterative deep learning approach is used to feed newly predicted and accepted deep learning masks/images (verified by a user) to the training set of the deep learning model. The error rate in unbiased stereology count of cells on an unseen test set reduced from about 3 % to less than 1 % after 5 iterations of the iterative deep learning based unbiased stereology process.
△ Less
Submitted 14 January, 2019;
originally announced January 2019.
-
Mutually unbiased bases as submodules and subspaces
Authors:
Joanne L. Hall,
Jan Stovicek
Abstract:
Mutually unbiased bases (MUBs) have been used in several cryptographic and communications applications. There has been much speculation regarding connections between MUBs and finite geometries. Most of which has focused on a connection with projective and affine planes. We propose a connection with higher dimensional projective geometries and projective Hjelmslev geometries. We show that this prop…
▽ More
Mutually unbiased bases (MUBs) have been used in several cryptographic and communications applications. There has been much speculation regarding connections between MUBs and finite geometries. Most of which has focused on a connection with projective and affine planes. We propose a connection with higher dimensional projective geometries and projective Hjelmslev geometries. We show that this proposed geometric structure is present in several constructions of MUBs.
△ Less
Submitted 4 June, 2012;
originally announced June 2012.
-
Planar Difference Functions
Authors:
Joanne L. Hall,
Asha Rao,
Diane Donovan
Abstract:
In 1980 Alltop produced a family of cubic phase sequences that nearly meet the Welch bound for maximum non-peak correlation magnitude. This family of sequences were shown by Wooters and Fields to be useful for quantum state tomography. Alltop's construction used a function that is not planar, but whose difference function is planar. In this paper we show that Alltop type functions cannot exist in…
▽ More
In 1980 Alltop produced a family of cubic phase sequences that nearly meet the Welch bound for maximum non-peak correlation magnitude. This family of sequences were shown by Wooters and Fields to be useful for quantum state tomography. Alltop's construction used a function that is not planar, but whose difference function is planar. In this paper we show that Alltop type functions cannot exist in fields of characteristic 3 and that for a known class of planar functions, $x^3$ is the only Alltop type function.
△ Less
Submitted 30 July, 2012; v1 submitted 15 May, 2012;
originally announced May 2012.
-
SMOTE: Synthetic Minority Over-sampling Technique
Authors:
N. V. Chawla,
K. W. Bowyer,
L. O. Hall,
W. P. Kegelmeyer
Abstract:
An approach to the construction of classifiers from imbalanced datasets is described. A dataset is imbalanced if the classification categories are not approximately equally represented. Often real-world data sets are predominately composed of "normal" examples with only a small percentage of "abnormal" or "interesting" examples. It is also the case that the cost of misclassifying…
▽ More
An approach to the construction of classifiers from imbalanced datasets is described. A dataset is imbalanced if the classification categories are not approximately equally represented. Often real-world data sets are predominately composed of "normal" examples with only a small percentage of "abnormal" or "interesting" examples. It is also the case that the cost of misclassifying an abnormal (interesting) example as a normal example is often much higher than the cost of the reverse error. Under-sampling of the majority (normal) class has been proposed as a good means of increasing the sensitivity of a classifier to the minority class. This paper shows that a combination of our method of over-sampling the minority (abnormal) class and under-sampling the majority (normal) class can achieve better classifier performance (in ROC space) than only under-sampling the majority class. This paper also shows that a combination of our method of over-sampling the minority class and under-sampling the majority class can achieve better classifier performance (in ROC space) than varying the loss ratios in Ripper or class priors in Naive Bayes. Our method of over-sampling the minority class involves creating synthetic minority class examples. Experiments are performed using C4.5, Ripper and a Naive Bayes classifier. The method is evaluated using the area under the Receiver Operating Characteristic curve (AUC) and the ROC convex hull strategy.
△ Less
Submitted 9 June, 2011;
originally announced June 2011.
-
Learning Membership Functions in a Function-Based Object Recognition System
Authors:
K. Woods,
D. Cook,
L. Hall,
K. Bowyer,
L. Stark
Abstract:
Functionality-based recognition systems recognize objects at the category level by reasoning about how well the objects support the expected function. Such systems naturally associate a ``measure of goodness'' or ``membership value'' with a recognized object. This measure of goodness is the result of combining individual measures, or membership values, from potentially many primitive evaluations…
▽ More
Functionality-based recognition systems recognize objects at the category level by reasoning about how well the objects support the expected function. Such systems naturally associate a ``measure of goodness'' or ``membership value'' with a recognized object. This measure of goodness is the result of combining individual measures, or membership values, from potentially many primitive evaluations of different properties of the object's shape. A membership function is used to compute the membership value when evaluating a primitive of a particular physical property of an object. In previous versions of a recognition system known as Gruff, the membership function for each of the primitive evaluations was hand-crafted by the system designer. In this paper, we provide a learning component for the Gruff system, called Omlet, that automatically learns membership functions given a set of example objects labeled with their desired category measure. The learning algorithm is generally applicable to any problem in which low-level membership values are combined through an and-or tree structure to give a final overall membership value.
△ Less
Submitted 30 September, 1995;
originally announced October 1995.