Search Results (25)

Java Management Extensions (JMX) are indispensable for managing and administrating Java software solutions, yet when exposed through HTTP bridges such as Jolokia they can radically enlarge an application’s attack surface. This paper presents the first in-depth analysis of CVE-2022-41678, a vulnerability discovered by the authors in Apache ActiveMQ that combines Jolokia’s remote JMX access with Log4J2 management beans to achieve full remote code execution. Using a default installation testbed, we enumerate the Log4J MBeans surfaced by Jolokia, demonstrate arbitrary file read, file write, and server-side request–forgery primitives, and finally to leverage the file write capabilities to obtain a shell, all via authenticated HTTP(S) requests only. The end-to-end exploit chain requires no deserialization gadgets and is unaffected by prior Log4Shell mitigations. We have also automated the entire exploit process via proof-of-concept scripts on a stock ActiveMQ 5.17.1 instance. We discuss the broader security implications for any software exposing JMX-managed or Jolokia-managed Log4J contexts, provide concrete hardening guidelines, and outline design directions for safer remote-management stacks. The findings underscore that even “benign” management beans can become critical when surfaced through ubiquitous HTTP management gateways. Full article

The core driver of enterprise operations is data, making data lineage crucial for data management. It not only tracks data flow but also links data sources, workflows, applications, and decision-making, improving efficiency and governance. However, current data lineage parsing methods face challenges like high costs, long development cycles, and poor generalization, especially for non-SQL scripts. In this paper, we introduce an innovative approach leveraging pre-trained large language models (LLMs) to overcome these bottlenecks in data lineage parsing. LLMs are employed across the entire parsing pipeline, encompassing prompt construction, lineage extraction, and result standardization. Specifically, this study developed a few-shot prompting method incorporating error cases to optimize parsing performance across various types of scripts. Additionally, a collaborative Chain of Thought (CoT) and multi-expert prompting framework was designed to further enhance parsing accuracy at the operator level. The proposed approach was empirically validated using LLMs of different parameter scales on datasets comprising multiple script types (SQL, Python, Shell, Flume, etc.). The experimental results show that LLMs with 10 billion and 100 billion parameters achieved over 95% accuracy in table-level lineage parsing when utilizing the newly designed prompts. Furthermore, 100-billion-parameter LLMs exhibited substantial accuracy improvements at the operator level. Our method reinforces the feasibility and practicality in advancing data lineage parsing methodologies. Full article

Building information modeling (BIM) has proven to be a valuable technology in the fields of architecture, construction management, and maintenance management. However, its full implementation in structural engineering remains unfulfilled due to the persistent use of outdated design methods. Insufficient automation in the design process could lead to structural defects, construction rework, and structural clashes, each of which can have significant financial implications. Given the inherent complexity of large-scale construction projects, manual structural design and detailing are challenging tasks and are prone to human errors. This paper presents a novel BIM framework that leverages BIM, Industry Foundation Classes (IFC), Python scripting, the IfcOpenShell library, and Octave programming to automate the design of reinforced concrete (RC) slabs, benefiting design professionals and contractors by integrating automated processes into project workflows. The framework achieved a 40% reduction in design time and a 25% decrease in human errors, as demonstrated through case studies. In this study, a 3D structural model in BIM software is firstly created, extracting slab geometrical data that are linked to Microsoft (MS) Excel/.csv and Octave spreadsheets via Python and IfcOpenShell. Midspan and end span moment coefficients and floor perimeter data following Indian standards are then gathered in Octave, and this information is further processed with Python scripts. Octave programming is used to determine the most accurate, reliable, and economical design for the slab and its detailing. This design information is then pushed back to BIM software via FreeCAD using Python coding, which can be used to develop bar bending scheduling and 2D drawings of the reinforcement details. The proposed framework is validated through case studies, demonstrating its effectiveness in reducing design time, minimizing human errors, and improving overall project efficiency. The core finding of this research is an automated approach that offers a cost-effective and accurate solution to the limitations of traditional RC slab design, addressing structural errors and reducing rework through seamless BIM integration. This research presents a novel contribution to the integration of structural design, construction processes, and operational aspects within BIM. The findings highlight the potential for further advancements in BIM adoption, particularly in addressing the lag in structural engineering applications compared to architecture. Full article

This manuscript introduces MPSD (Malicious PowerShell Script Detector), an advanced tool to protect Windows systems from malicious PowerShell commands and scripts commonly used in fileless malware attacks. These scripts are often hidden in Office document macros or downloaded remotely via PowerShell, posing significant threats to corporate networks. A 2018 report revealed that 77% of successful cyberattacks involved fileless malware, with PowerShell being the primary attack method, as highlighted in Red Canary’s 2022 report. To counter these threats, MPSD leverages the Antimalware Scan Interface (AMSI) to intercept and analyze real-time PowerShell scripts, preventing their execution. It further utilizes VirusTotal to filter out malicious scripts. Unlike traditional methods that rely on direct access to scripts, MPSD detects them before execution, addressing the challenge of hidden or obfuscated scripts. Experimental results show that MPSD outperforms well-known antivirus engines, with a low false-negative rate of 1.83%. MPSD is highly effective against evasion techniques like concatenation, encoding, and reordering, making it a robust tool in the cybersecurity landscape. Full article

This study investigates bidirectionally sinusoidal corrugated steel shells using finite element analysis (FEA) software, primarily ABAQUS 2017, supplemented by RFEM 6.05 for an initial result comparison. The research aims to establish a robust numerical solution to understand the structural behaviour of these shells under static and dynamic loading. Starting with meticulous calculations for a selected structural element, the paper emphasises a comparative analysis between ABAQUS and RFEM, offering valuable insights into simulating the responses of corrugated steel shells. A distinctive contribution of this research lies in its novel and comprehensive parametric analysis of these shells under static and dynamic loading, an area that has not been explored in previous studies. The study systematically explores various model parameters, including geometrical and mechanical properties, with detailed analyses revealing their influences on deformation, stress distribution, dynamic properties, and behaviour. Another key feature is the development of a coded script that systematically generates diverse numerical models, allowing for a thorough exploration of the structural system’s response. This study advances our understanding of the structural behaviour of bidirectionally sinusoidal corrugated steel shells. These findings are set to enhance structural analysis and design practices by optimising parameters for improved performances in various engineering applications. Full article

The Tor browser is widely used for anonymity, providing layered encryption for enhanced privacy. Besides its positive uses, it is also popular among cybercriminals for illegal activities such as trafficking, smuggling, betting, and illicit trade. There is a need for Tor Browser forensics to identify its use in unlawful activities and explore its consequences. This research analyzes artifacts generated by Tor on Windows-based systems. The methodology integrates forensic techniques into incident responses per NIST SP (800-86), exploring areas such as registry, storage, network, and memory using tools like bulk-extractor, autopsy, and regshot. We propose an automated PowerShell script that detects Tor usage and retrieves artifacts with minimal user interaction. Finally, this research performs timeline analysis and artifact correlation for a contextual understanding of event sequences in memory and network domains, ultimately contributing to improved incident response and accountability. Full article

Ancient Chinese characters known as oracle bone inscriptions (OBIs) were inscribed on turtle shells and animal bones, and they boast a rich history dating back over 3600 years. The detection of OBIs is one of the most basic tasks in OBI research. The current research aimed to determine the precise location of OBIs with rubbing images. Given the low clarity, severe noise, and cracks in oracle bone inscriptions, the mainstream networks within the realm of deep learning possess low detection accuracy on the OBI detection dataset. To address this issue, this study analyzed the significant research progress in oracle bone script detection both domestically and internationally. Then, based on the YOLOv8 algorithm, according to the characteristics of OBI rubbing images, the algorithm was improved accordingly. The proposed algorithm added a small target detection head, modified the loss function, and embedded a CBAM. The results show that the improved model achieves an F-measure of 84.3%, surpassing the baseline model by approximately 1.8%. Full article

The Antimalware Scan Interface (AMSI) plays a crucial role in detecting malware within Windows operating systems. This paper presents ScriptBlock Smuggling, a novel evasion and log spoofing technique exploiting PowerShell and .NET environments to circumvent the AMSI. By focusing on the manipulation of ScriptBlocks within the Abstract Syntax Tree (AST), this method creates dual AST representations, one for compiler execution and another for antivirus and log analysis, enabling the evasion of AMSI detection and challenging traditional memory patching bypass methods. This research provides a detailed analysis of PowerShell’s ScriptBlock creation and its inherent security features and pinpoints critical limitations in the AMSI’s capabilities to scrutinize ScriptBlocks and the implications of log spoofing as part of this evasion method. The findings highlight potential avenues for attackers to exploit these vulnerabilities, suggesting the possibility of a new class of AMSI bypasses and their use for log spoofing. In response, this paper proposes a synchronization strategy for ASTs, intended to unify the compilation and malware scanning processes to reduce the threat surfaces in PowerShell and .NET environments. Full article

Insects utilize seven transmembrane (7TM) odorant receptor (iOR) proteins, with an inverted topology compared to G-protein coupled receptors (GPCRs), to detect chemical cues in the environment. For pest biocontrol, chemical attractants are used to trap insect pests. However, with the influx of invasive insect pests, novel odorants are urgently needed, specifically designed to match 3D iOR structures. Experimental structural determination of these membrane receptors remains challenging and only four experimental iOR structures from two evolutionarily distant organisms have been solved. Template-based modelling (TBM) is a complementary approach, to generate model structures, selecting templates based on sequence identity. As the iOR family is highly divergent, a different template selection approach than sequence identity is needed. Bio-GATS template selection for GPCRs, based on hydrophobicity correspondence, has been morphed into iBio-GATS, for template selection from available experimental iOR structures. This easy-to-use semi-automated workflow has been extended to generate high-quality models from any iOR sequence from the selected template, using Python and shell scripting. This workflow was successfully validated on Apocrypta bakeri Orco and Machilis hrabei OR5 structures. iBio-GATS models generated for the fruit fly iOR, OR59b and Orco, yielded functional ligand binding results concordant with experimental mutagenesis findings, compared to AlphaFold2 models. Full article

The rapid evolution of 5G technology, while offering substantial benefits, concurrently presents complex cybersecurity challenges. Current cybersecurity systems often fall short in addressing challenges such as the lack of realism of the 5G network, the limited scope of attack scenarios, the absence of countermeasures, the lack of reproducible, and open-sourced cybersecurity training environments. Addressing these challenges necessitates innovative cybersecurity training systems, referred to as “cyber ranges”. In response to filling these gaps, we propose the Cyber5Gym, an integrated cyber range that enhances the automation of virtualized cybersecurity training in 5G networks with cloud-based deployment. Our framework leverages open-source tools (i) Open5GS and UERANSIM for realistic emulation of 5G networks, (ii) Docker for efficient virtualization of the training infrastructure, (iii) 5Greply for emulating attack scenarios, and (iv) Shell scripts for automating complex training operations. This integration facilitates a dynamic learning environment where cybersecurity professionals can engage in real-time attack and countermeasure exercises, thus significantly improving their readiness against 5G-specific cyber threats. We evaluated it by deploying our framework on Naver Cloud with 20 trainees, each accessing an emulated 5G network and managing 100 user equipments (UEs), emulating three distinct attack scenarios (SMC-Reply, DoS, and DDoS attacks), and exercising countermeasures, to demonstrate the cybersecurity training. We assessed the effectiveness of our framework through specific metrics such as successfully establishing the 5G network for all trainees, accurate execution of attack scenarios, and their countermeasure implementation via centralized control of the master using automated shell scripts. The open-source foundation of our framework ensures replicability and adaptability, addressing a critical gap in current cybersecurity training methodologies and contributing significantly to the resilience and security of 5G infrastructures. Full article

This study introduces a systematic methodology whereby different technologies were utilized to download, pre-process, and interactively compare the rainfall datasets from the Integrated Multi-Satellite Retrievals for Global Precipitation Mission (IMERG) satellite and rain gauges. To efficiently handle the large volume of data, we developed automated shell scripts for downloading IMERG data and storing it, along with rain gauge data, in a relational database system. Hypertext pre-processor (pHp) programs were built to visualize the result for better analysis. In this study, the performance of IMERG estimations over the east coast of Peninsular Malaysia for the duration of 10 years (2011–2020) against rain gauge observation data is evaluated. Moreover, this study aimed to improve the daily IMERG estimations with long short-term memory (LSTM) developed with Python. Findings show that the LSTM with Adaptive Moment Estimation (ADAM) optimizer trained against the mean square error ($MSE$) loss enhances the accuracy of satellite estimations. At the point-to-pixel scale, the correlation between satellite estimations and ground observations was increased by about 15%. The bias was reduced by 81–118%, $MAE$ was reduced by 18–59%, the root-mean-square error ($RMSE$) was reduced by 1–66%, and the Kling–Gupta efficiency ($KGE$) was increased by approximately 200%. The approach developed in this study establishes a comprehensive and scalable data processing and analysis pipeline that can be applied to diverse datasets and regions encountering similar domain-specific challenges. Full article

Currently, we are developing the user-PC computing (UPC) system based on the master-worker model as a scalable, low-cost, and high-performance computing platform. To run various application programs on personal computers (PCs) with different environments for workers, it adopts Docker technology to bundle every necessary software as one image file. Unfortunately, the Docker file/image are manually generated through multiple steps by a user, which can be the bottleneck. In this paper, we present a web-based Docker image assistant generation (DIAG) tool in the UPC system to assist or reduce these process steps. It adopts Angular JavaScript for offering user interfaces, PHP Laravel for handling logic using RestAPI, MySQL database for storing data, and Shell scripting for speedily running the whole program. In addition, the worker-side code modification function is implemented so that a user can modify the source code of the running job and update the Docker image at a worker to speed up them. For evaluations, we collected 30 Docker files and 10 OpenFOAM jobs through reverse processing from Docker images in Github and generated the Docker images using the tool. Moreover, we modified source codes for network simulations and generated the Docker images in a worker five times. The results confirmed the validity of the proposal. Full article

Dealing with distributed and parallel computing in strong heterogeneous environments, e.g., distributed sensor networks, is still a challenge at the algorithmic, communication, and application levels. Heterogeneity is related to different computer and network (communication) architectures. Virtualization can hide and unify heterogeneity. In addition to interprocess communication and synchronization, the unified access and monitoring of computing nodes (devices, computers, processors) is required to handle distributed and parallel systems in a comfortable and easy-to-access manner. Especially in education, the access to and control of a large set of computing nodes are difficult, which lowers the learning curve significantly. In this work, a unified distributed and parallel framework and Web tools are introduced using virtual machines (VM) and Web browsers to control them. The framework enables the control, monitoring, and study of distributed-parallel systems, especially addressing sensor networks and IoT networks. Nodes can be arranged in a graphical drawing world or be script-based. Virtual network nodes are assigned to VM instances that can be created inside the browser using Web worker processes or can be attached to externally running VM instances via a Web control API. New VM instances or processes can be started and controlled instantly. The graphical UI provides access to the internal and external nodes, programming editors, and monitor shells. The VMs can be generic, but in this work, there is a focus on JavaScript and Lua. The framework provides augmented virtuality, i.e., a coupling of physical and virtual worlds. Full article

In this paper, a hybrid distributed-parallel cluster software framework for heterogeneous computer networks is introduced that supports simulation, data analysis, and machine learning (ML), using widely available JavaScript virtual machines (VM) and web browsers to accommodate the working load. This work addresses parallelism, primarily on a control-path level and partially on a data-path level, targeting different classes of numerical problems that can be either data-partitioned or replicated. These are composed of a set of interacting worker processes that can be easily parallelized or distributed, e.g., for large-scale multi-element simulation or ML. Their suitability and scalability for static and dynamic problems are experimentally investigated regarding the proposed multi-process and communication architecture, as well as data management using customized SQL databases with network access. The framework consists of a set of tools and libraries, mainly the WorkBook (processed by a web browser) and the WorkShell (processed by node.js). It can be seen that the proposed distributed-parallel multi-process approach, with a dedicated set of inter-process communication methods (message- and shared-memory-based), scales up efficiently according to problem size and the number of processes. Finally, it is demonstrated that this JavaScript-based approach for exploiting parallelism can be used easily by any typical numerical programmer or data analyst and does not require any special knowledge about parallel and distributed systems and their interaction. The study is also focused on VM processing. Full article

Understanding the function of a locus is an issue in molecular biology. Although numerous molecular data have been generated in the last decades, it remains difficult to grasp how these data are related at a locus. In this study, we describe an analytical workflow that can solve this problem using the knowledge available at the single-nucleotide polymorphism (SNP) level. The underlying algorithm uses SNPs as connectors to link biological entities and identify correlations between them through a joint bioinformatics/statistics approach. We demonstrate its application in finding the mechanism whereby a mutation causes a phenotype and in revealing the path whereby a gene is regulated and impacts a phenotype. We translate our workflow into publicly available shell scripts. Our approach provides a basic framework to solve the information overload problem in biology surrounding the annotation of a locus and is a step toward repurposing GWAS data for new applications. Full article