1393 research outputs found
Sort by
Detection of Malicious Office Document Macros Using Large Language Models
Microsoft office document malwares are prevalent today even though some of the macros were developed 30 years ago. The office macros are used as droppers or downloaders for emerging malwares. Though various models have been developed to detect the office document macros, the interpretability and attribution of the model results are not gained attention. Also, even though the models provide high accuracy, the probabilistic uncertainty the models are not addressed either.
This research provides a novel method to classify malicious office document macros measuring interpretability, attribution and probabilistic uncertainty. Our approach combines the function semantics and keyword contexts to leverage the self attention functionality of transformers. We compare three variants of the Bidirectional Encoder Representations from Transformers (BERT) model namely BERT, DistilBERT and CodeBERT and compare the accuracy, interpretability and uncertainty of transformer models in detecting office document macros. The model is evaluated on dataset collected using Common Crawl. The tokens that attribute positively and negatively to the classification result are visualized with color codes. The probabilistic uncertainty is computed using Bayesian approximation using Monte Carlo (MC) Dropout, which provides a computationally efficient solution to measure uncertainty.
We introduce a new term Confidence Adjusted Accuracy (CAA), as a measure of accuracy and probabilistic uncertainty together. We propose CAA as a novel technique to measure and compare the accuracy normalized with uncertainty. Results demonstrate that Confidence Adjusted Accuracy can accurately measure the impact of uncertainty arises from inferring unseen/out of domain samples. This technique helps cyber analysts to gain transparency in the model behaviors. It will also help reduce false positives and mitigate bias
Toward extracting scattering phase shift from integrated correlation functions on quantum computers
Based on an established relation that relates the integrated correlation functions for a trapped system to the infinite volume scattering phase shifts through a weighted integral, we propose to extract the infinite volume scattering phase shifts through quantum simulation of the integrated correlation functions of trapped two-particle systems on quantum computers. The integrated correlation function can be computed by an ancilla-based algorithm. The proposal is demonstrated with a simple contact interaction fermion model
Experiential Learning Through Simulations in Fully Online Asynchronous Courses: Exploring the role of self-debriefing
Online preparation of professionals is increasing in higher education, which in educational leadership prepa ration programs raises the need for a means to provide authentic simulations of leadership experiences and help aspirants learn from them. This study presents a content analysis of 826 responses from 59 different school leadership students who, following each of the 14 simulations they experienced, wrote one response in an asynchronous format as a form of self-debriefing. The five themes identified map to the four phases of the experiential learning cycle (Kolb, 1984), suggesting that virtual opportunities to practice leadership in tions may serve as grounding experiences after which developing professionals can reflect upon, integrate with new understandings, and try out alternate approaches. This study demonstrates the purpose of self-debriefing following online simulations of relevant professional experiences and how self-debriefing may propel students through the full experiential learning cycle, offering a valuable avenue for professional development in higher education
Unveiling AI Maturity Dimensions for Strategic Transformation in Supply Chain Management
Artificial Intelligence (AI) is emerging as a cornerstone technology in reshaping how supply chains operate, compete, and evolve in the digital era. As supply chains grow more interconnected and data-driven, the strategic integration of AI offers significant potential to optimize logistics, enhance forecasting accuracy, drive sustainable practices, and elevate resilience against global disruptions. However, a critical challenge persists: despite widespread enthusiasm for AI, organizations often lack a robust, standardized Capability Maturity Model (CMM) that can diagnose their readiness, benchmark progress, and guide incremental adoption within the unique and multifaceted contexts of Supply Chain Management (SCM). This TREO Talk addresses this pressing issue by introducing the results of an exhaustive Systematic Literature Review (SLR), designed to identify, compare, and synthesize existing AI maturity models with explicit focus on their applicability to SCM. Our research systematically surveyed 955 articles across nine academic databases, including IEEE, Scopus, and Web of Science - applying PRISMA 2021 protocols and rigorous inclusion/exclusion criteria. Sixty-six qualified studies were synthesized to reveal not only the recurring maturity dimensions but also the critical gaps in model coverage, validation, and scalability. Key maturity dimensions distilled include Data Processing, Analytics & Insight Generation, Automation & Decision Support, System Integration, Innovation & Learning, and Operational Resilience. These dimensions form the basis for a proposed SCM-centric AI CMM that accommodates dynamic business needs, real-time data flows, and cross-functional stakeholder interactions. What sets this contribution apart is its comprehensive treatment of organizational readiness as a multi-level construct spanning strategy, ethics, infrastructure, talent, and governance. Our proposed model introduces 12 strategic enablers of maturity, including ethical AI compliance, collaboration ecosystems, talent development pathways, and advanced performance measurement capabilities. Moreover, it offers practical mechanisms for mapping current capabilities, identifying gaps, and prioritizing AI investment through well-defined Key Performance Indicators (KPIs) and maturity benchmarks. This TREO session seeks to create a forum for interdisciplinary engagement, drawing on perspectives from information systems, operations, and digital innovation scholars. Attendees will engage in critical reflection on the model’s structure, its adaptability across sectors, and its potential integration with digital twins, blockchain, and IoT frameworks. Emphasis will be placed on the path toward empirical validation, cross-industry benchmarking, and AI governance frameworks that ensure accountability and trust. Ultimately, this TREO Talk aims to stimulate scholarly discourse and practical momentum around a transformative maturity model that empowers organizations to unlock AI\u27s strategic value and align it with the demands of next-generation supply chain ecosystems
Non-functional Requirementsand Key PropositionsElicitation for an HDSS:A Grounded Theory Approach
Deciding humanitarian actions during relief distribution is a crucial and challengingtask.Humanitarian decision-makers (HDM) make manycritical decisions during disaster responses,but they sufferfrom incomplete, irrelevant, and sometimes excessive humanitarian operations-related disaster datain many situations.Hence, for constructive and meaningful support in decision-making, HDMs oftenappreciate computer-basedinformation systems(IS) (i.e. humanitarian decision support systems) that require non-functional requirements (NFRs) for their development. To identify those necessary NFRs, we applied the grounded theory approach to analyze 61 literature-and field-based decision-making parameters reported in the primary author\u27s previous research (Rahman and Majchrzak (2020)). Our analysis resulted in 13 essentialNFRs and four key propositions to guide relief distribution decision-making in the initial stage and system development in the later stage. HDMs can benefit from such findings for practical decision-making, whereas the system development team can get help to plan and execute the system-building process accordingly
Rural Native American Student Digital Divide Perceptions
Despite advances in digital technologies, Native American students continue to face significant barriers to broadband access, digital literacy, and technological adoption, exacerbating educational inequities. With less than 50% of Native American households having stable internet access, students face significant barriers in education, employment, and community engagement. This study explores Native American students\u27 perceptions of the digital divide through qualitative interviews and thematic analysis. Findings highlight key challenges: cost, geographic isolation, infrastructure limitations, and digital literacy gaps. Beyond economic and technical barriers, students emphasize the need for culturally relevant technology guidance. This research contributes to Information Systems (IS) literature by offering firsthand insights into digital inequalities, underscoring the urgency for future investment and continued study to investigate and promote equitable technology access in underserved Indigenous communities
An integrated approach using social support theory and technology acceptance model to investigate the sustainable use of digital learning technologies
The present study explored the determinants influencing students’ intentions towards utilizing digital learning technologies (DLTs). It proposes a holistic view model for students’ utilization of digital learning technologies by integrating social support theory and the “Technology Acceptance Model” (TAM). Data were gathered from 262 students of the University of Ha’il through utilizing a questionnaire. Two steps in SEM were applied for data analysis: CFA was employed to develop the model measurement, and SEM was conducted to analyze the relationships between constructs. The results revealed that “Educational Support” (EDS) significantly affected students’ “behavior intention” (BI) to utilize digital learning technologies through perceived usefulness (PU) (EDS→PU: β = 0.338, p \u3c 0.05). Furthermore, “Emotional support” (EMS) significantly affected behavioral intention through both “perceived ease of use” (PEU) and PU (EMS→PEU: β = 0.635, p \u3c 0.05; EMS→PU: β = 0.310, p \u3c 0.05). Surprisingly, students’ “perceived ease of use” (PEU) did not affect digital learning technologies’ “perceived usefulness” (PU) (PEU→PU: β = 0.195, p \u3e 0.05). The present study contributes to a refined understanding of how educational and emotional support influence students’ receptivity towards and engagement with learning technologies. Thus, institutions and universities should enhance their students’ educational and emotional support to facilitate the successful utilization of digital learning technologies. Furthermore, the study revealed that PU and PEU affected students’ intentions to utilize DLTs. Thus, PU and PEU can enhance the utilization of digital learning technologies. This study provides practical implications that educational institutions and universities could apply to achieve successful usage of these digital learning technologies. © The Author(s) 2024
A Deep Learning Approach to Vulnerability Detection in Lifted Code Using Transformer-Based Embeddings
Ransomware and other malware inflict devastating financial and operational damage on organizations worldwide by exploiting deeply embedded, hard-to-detect vulnerabilities in their systems. Detecting these vulnerabilities in compiled code before malicious actors exploit them remains a critical challenge in cybersecurity. This research introduces TEDVIL (Transformer-based Embeddings for Discovering Vulnerabilities in Lifted Code), a novel framework which uses transformer-based embeddings to train neural networks to detect vulnerabilities in lifted code. The framework was implemented using bidirectional (BERT and RoBERTa) and unidirectional (GPT-1 and GPT-2) transformer-based models to generate embeddings for training Long Short-Term Memory (LSTM) neural networks to detect stack-based buffer overflows in LLVM intermediate representation code. For comparison, simpler word2vec models (Skip-Gram and Continuous Bag of Words) were also trained, and their embeddings were used to train LSTMs. The results show that the LSTMs using GPT-2 embeddings outperformed those using GPT-1, BERT, RoBERTa, and word2vec embeddings, achieving a top accuracy of 92.5% and an F1-score of 89.7%. Notably, these results are achieved when the embedding model is trained with a dataset of just 48,000 functions, demonstrating effectiveness in resource-constrained settings. The findings underscore the effectiveness of TEDVIL in identifying hard-to-detect vulnerabilities in compiled code, and lay the groundwork for future research in leveraging transformer-based models for vulnerability detection
How Technology Can Be Used to Reduce the Equity Gap in Healthcare for Underserved Communities
There is an ever-increasing gap in the equality in healthcare received by people. Specifically, those that fall into what is considered the underserved population. Historically, underserved communities have not received the same level of healthcare as those in more affluent areas. While the geographic location is one factor that contributes to this inequity, it is by no means the only one. These multifactorial disparities extend beyond location to encompass systemic issues such as attitudes, knowledge, and possible lack of trust.
Technological advancements have been used to great success in the healthcare field. Devices such as the Internet of Medical Things and others have become an integral part of healthcare, with various applications being used to enhance access, quality, and outcomes for community members.
This dissertation examines various strategies for using technology to enhance healthcare access and quality for marginalized community members, aiming to reduce healthcare disparities and promote healthcare equity. Overall, the dissertation proposal seeks to continue the development of innovative and practical solutions to reduce disparities
Measuring the Effectiveness of AppLocker Against Banking Trojans (A Multi-year Study)
The Microsoft Windows operating system dominates a majority market share in both business and consumer computing. Among the various types of threats that exist to the Windows operating system, banking trojans have been evolving and continue to be a significant threat. A plethora of detection and preventative technologies exist to combat the various threats that target the Windows operating system, including banking trojans. Application control mechanisms are an often-overlooked technology that can augment existing security tools. Built-in Windows application control security mechanisms exist that can have a significant impact on the outcome of banking trojan attacks.
Current academic research presents a knowledge gap in evaluating the use of application control mechanisms in preventing malicious code execution. The purpose of this study was to evaluate the effectiveness of utilizing a Microsoft Windows built-in application control mechanism, AppLocker, in preventing the successful code execution of banking trojans. This study provides technical knowledge into the functionality and statistical outcomes of code execution prevention via AppLocker against various banking trojan samples and their file-types.
This study used a design science methodology to create a laboratory environment for testing multiple single-case mechanism experiments. A real-world environment was built that consisted of a networking layer, physical testing machines and a virtualized Active Directory domain server with logging capabilities. Microsoft Windows based banking trojan sample files were obtained and classified by their banking trojan family category, originating year, file-type and payload staging type. Two separate AppLocker rulesets were configured and deployed alongside a baseline system without an AppLocker configuration. All three systems attempted execution of sample files and the outcomes were logged and analyzed.
The results of this study convey the statistical significance that a properly tuned application control mechanism has in preventing malicious code execution. This study evaluated two AppLocker configurations: a default ruleset (BAL) and a tuned ruleset (FAL). The findings show the BAL ruleset demonstrated an average efficacy of 97% prevention in Stage 1 aggregate banking trojan sample files and an average efficacy of 65% prevention in Stage 2 aggregate banking trojan sample files. Conversely, the FAL ruleset displayed perfect prevention efficacy of 100% prevention in both Stage 1 and Stage 2 banking trojan sample files. These findings highlight the effectiveness that an application control mechanism, such as AppLocker, can have by preventing malicious code execution.
This study concludes that AppLocker can be used as an effective mechanism for preventing the execution of banking trojans on Windows-based operating systems. This study and its framework can be used by future researchers to examine the impacts and effectiveness of utilizing AppLocker against other types of Windows based threats. Microsoft is actively developing other application control mechanisms, including App Control for Business for newer operating systems such as Windows 11 and Server 2025. Future research into application control should be explored as discerned from this study, it can be highly effective at preventing malicious code execution