Quantitative Vulnerability Assessment of Systems Software
|
|
- Beatrix Stevenson
- 5 years ago
- Views:
Transcription
1 Quantitative Vulnerability Assessment of Systems Software Omar H. Alhazmi Yashwant K. Malaiya Colorado State University
2 Motivation Vulnerabilities: defect which enables an attacker to bypass security measures [Schultz et al: 7] For defects: Reliability modeling and SRGMs have been around for decades. Assuming that vulnerabilities are a special faults will lead us to this question: To what degree reliability terms and models are applicable to vulnerabilities and security? [Littlewood et al.:14]. The need for quantitative measurements and estimation is becoming more crucial.
3 Outline of Our Goals Developing a quantitative model to estimate vulnerability discovery. Using calendar time. Using equivalent effort. Validate these measurements and models. Testing the models using available data Identify security Assessment metrics Vulnerability density Vulnerability to Total defect ratio
4 Time vulnerability discovery model What factors impact the discovery process? The changing environment The share of installed base. Global internet users. Discovery effort Discoverers: Developer, White hats or black hats. Discovery effort is proportional to the installed base over time. Vulnerability finders reward: greater rewards, higher motivation. Security level desired for the system Server or client
5 Vulnerabilities Time vulnerability discovery model Each vulnerability is recorded. Available [ICAT, Microsoft]. Needs compilation and filtering. Data show three phases for an OS. Assumptions: The discovery is driven by the rewards factor. Influenced by the change of market share. Phase 1 Phase 2 Phase 3 Time
6 Vulnerabilities Time vulnerability Discovery model 3 phase model S-shaped model. Phase 1: Knowledge low. Installed base low. Phase 2: Knowledge high. Installed base high and growing. Phase 3: Knowledge-high. Installed base dropping. dy dt y Ay( B y) BCe Vulnerability time growth model Time B ABt 1
7 Vulnerabilities Time based model: Windows Fitted curve Windows 98 Total vulnerabilites Windows 98 A B C χ χ 2 critial Jan-99 Mar-99 May-99 Jul-99 Sep-99 Nov-99 Jan-00 Mar-00 May-00 Juḻ 00 Sep-00 Nov-00 Jan-01 Mar-01 May-01 Jul-01 Sep-01 Nov-01 Jan-02 Mar-02 May-02 Juḻ 02 Sep-02 P-value 1-7.6x10-11
8 Vulnerabilities Time based model: Windows NT Total vulnerabilities Windows NT 4.0 Fitted curve Windows NT Aug-96 Dec-96 Apr-97 Aug-97 Dec-97 Apr-98 Aug-98 Dec-98 Apr-99 Aug-99 Dec-99 Apr-00 Aug-00 Dec-00 Apr-01 Aug-01 Dec-01 Apr-02 Aug-02 Dec-02 Apr-03 A B 136 C χ χ 2 critial P-value
9 Installed Base Percentage Millions of users Usage vulnerability Discovery model The data: The global internet population. The market share of the system during a period of time. Equivalent effort The real environment performs an intensive testing. Malicious activities is relevant to overall activities. n Defined as E ( U ) i 0 i Pi Dec., 1995 Dec., Dec., 1997 Dec., Internet Growth Dec., 1999 Mar Jul., 2000 Dec., 2000 Mar., 2001 Jun., The percentage of the market share of O.S Aug., 2001 Apr Jul., 2002 Sep., 2002 Mar., 2003 Sep., 2003 Oct., 2003 Dec., 2003 Feb., 2004 May, 2004 Windows 95 Windows 98 Windows XP Windows NT Windows 2000 Others May-99 Aug-99 Nov-99 Feb-00 May-00 Aug-00 Nov-00 Feb-01 May-01 Aug-01 Nov-01 Feb-02 May-02 Aug-02 Nov-02 Feb-03 May-03 Aug-03 Nov-03 Feb-04 May-04
10 Vulnerabilities Usage vulnerability Discovery model The model: y B( 1 e E vu ) Exponential growth with effort. The basic reliability model [Musa:21] Time is eliminated Usage (Million user's months)
11 Vulnerabilities Effort-based model: Windows Windows 98 Actual Vulnerabilities Fitted curve Windows B 37 λ vu χ χ 2 critial P-value 1-3.3x10-11 Usage (Million user's months)
12 Vulnerabilities Effort-based model: Windows NT 4.0 Windows NT 4.0 Actual Vulnerability Fitted Win NT B 108 λ vu ` χ χ 2 critial P-value Usage (Millions users months)
13 Vulnerabilities Discussion Windows Fitted curve Total vulnerabilites Excellent fit for Windows 98 and NT 4.0. Model fits data for all OSs examined. Deviation from the model caused by overlap: Windows 98 and Windows XP Windows NT 4.0 and Windows 2000 Vulnerabilities in shared code may be detected in the newer OS. Need: approach for handling such overlap Jan-99 Mar-99 May-99 Jul-99 Sep-99 Nov-99 Jan-00 Mar-00 May-00 Juḻ 00 Sep-00 Nov-00 Jan-01 Mar-01 May-01 Jul-01 Sep-01 Nov-01 Jan-02 Mar-02 May-02 Juḻ 02 Sep-02
14 Vulnerability density and defect density Defect density Valuable metric for planning test effort Used for setting release quality target Limited defect density data is available Vulnerabilities are a class of defects Vulnerability data is in the public domain. Is vulnerability density a useful measure? Is it related to defect density? Vulnerabilities = 5% of defects [Longstaff: 20]? Vulnerabilities = 1% of defects [Anderson]? Can be a major step in measuring security.
15 Vulnerability density and defect density Vulnerability densities: 95/98: NT/2000: V KD /D KD : % less than 5% System MSLOC Known Defects (1000s) D KD (/Kloc) Known Vulner - abilies V KD (/Kloc) Ratio V KD /D KD Win % NT % Win % Win % Win XP * 2.66* %* * The number of defects for Windows XP is for the beta version.
16 Vulnerability / KLOC Defect/KLOC Vulnerability density and defect density Vulnerability densities: 95/98: NT/2000: V KD /D KD : % Vulnerability Density Defect Density Win 95 NT 4.0 Win 98 Win2000 Win XP 0 Win 95 NT 4.0 Win 98 Win2000 Win XP
17 Vulnerability / KLOC Defect/KLOC Vulnerability density and defect density Vulnerability densities: 95/98: NT/2000: V KD /D KD : % Vulnerability Density Defect Density Win 95 NT 4.0 Win 98 Win2000 Win XP 0 Win 95 NT 4.0 Win 98 Win2000 Win XP
18 Results and conclusions Vulnerability Discovery models Time-based model Effort-based model Data fits the models Vulnerability density evaluation Expected ranges of values Future work: Modeling impact of shared code Validation. Reward analysis Other risk factors: patches, vulnerability exploitation
19 Summary and conclusions We have introduced: Models: Time vulnerability model. Usage vulnerability model. Both models shown acceptable goodness of fit. Chi-square test. Measurements: vulnerability density. Vulnerability density vs. defect density.
20 Vulnerability Discovery in Multi-Version Software Systems Jinyoo Kim, Yashwant K. Malaiya, Indrakshi Ray {jyk6457, malaiya, iray
21 Outline Motivation for this study Related Work & Data Sources Vulnerability Discovery Models (VDMs) Software Evolution Multi-version Software Discovery Model Apache, Mysql and Win XP data Conclusions and Future Work 21
22 Vulnerability Discovery Models Describe vulnerability discovery against time Security Maintenance Management Estimating the number of vulnerabilities Patch development planning Guiding Test Effort Applicable to categories (causes and severity levels) Software Risk evaluation Combine with vulnerability exploitation and attack surface 22
23 Motivation for Multi-version VDMs Superposition effect on vulnerability discovery process due to shared code in successive versions. Examination of software evolution: impact on vulnerability introduction and discovery Other factors impacting vulnerability discovery process not considered before 23
24 Related Work Software reliability growth models Logarithmic-Poisson Reliability Model (Musa 84) Vulnerability Discovery Process Quadratic and Linear Models (Rescorla 05) Thermodynamic Model (Anderson 01) Logistic (AML) and Effort-based models (Alhazmi ) Software Evolution Trend of software Evolution (Eick 01) Application of Reliability Growth Model Reliability growth using OpenBSD (Ozment 06) 24
25 Software Evolution The modification of software during maintenance or development: fixes and feature additions. Influenced by competition Code decay and code addition introduce new vulnerabilities Successive version of a software can share a significant fraction of code. 25
26 LOC (Lines of Code) LOC (Lines of Code) Software Evolution: Apache & Mysql Version Number a a a Version Number Initial Code Added Code Initial Code Added Code Modification: Apache 43%, Mysql 31% 26
27 Jun-98 Jun-99 Jun-00 Jun-01 Jun-02 Jun-03 Jun-04 Jun-05 Jun-06 Oct-01 Feb-02 Jun-02 Oct-02 Feb-03 Jun-03 Oct-03 Feb-04 Jun-04 Oct-04 Feb-05 Jun-05 Oct-05 Feb-06 Jun-06 Oct-06 Percentage Vulnerabilities Vulnerability Discovery & Evolution: Apache & Mysql Apache Mysql DBMS 120% 120% 100% 100% 80% 80% 60% 60% 40% 20% c 40% 20% 0% 0% Release Date Release Date Added Code in Next Version Reliability Growth Code increasing Vulnerability Discovery Some vulnerabilities are in added code, many are inherited from precious versions. 27
28 Vulnerability Discovery rate Code Sharing & Vulnerabilities Observation Vulnerability increases after saturation in AML modeling Multiple Software Vulnerability Discovery Trend Accounting for Superposition Effect Shared components between several versions of software Calendar Time 1st Version 2nd Version Shared part Total Version Trend Total Version Trend 28
29 Vulnerability Discovery rate Multi-version Vulnerability Discovery Model Multiple Software Vulnerability Discovery Trend 1st Version Shared part Total Version Trend Calendar Time 2nd Version Total Version Trend B B' ( t) ABt A' B'( t ) BCe 1 B' C' e 1 Cumulative MVDM : fraction of code used in next Previous version Version Apache Mysql ( ) ( ) Next Version ( ) ( ) Shared Code Ratio α 20.16% 83.52% 29
30 Number of Vulnerability Cumulative Vulnerability One vs Two Humps One-humped Vulnerability Discovery Model Calendar Time Calendar Time Superposition affect 30
31 Vulnerability Rate Vulnerability Number Multi-version Vulnerability Discovery Model One-humped Vulnerability Discovery One-humped Vulnerability Discovery Trend Calendar Time 1st Version 2nd Version Shared Total Calendar Time 1st version Shared Total May result in a single hump with prolonged linear period 31
32 Seasonality in Vulnerability Discovery in Major Software Systems HyunChul Joh Yashwant K. Malaiya Dean2026 Department of Computer Science Colorado State University
33 Background Vulnerability: a defect which enables an attacker to bypass security measures [1] Vulnerability Discovery Model (VDM): a probabilistic methods for modeling the discovery of software vulnerabilities [2] Spans a few years: introduction to replacement Seasonality: periodic variation well known statistical approach quite common in economic time series Biological systems, stock markets etc. Halloween indicator: Low returns in May-Oct. [1]Schultz, Brown, and Longstaff, Responding to Computer Security Incidents [2]Ozment Improving vulnerability discovery models, 2007
34 Number of Vulnerabilities (Cumulative) Motivation (Visual Observation) Windows NT cumulative AML each month 0 Calendar Time 34
35 Examining Seasonality Is the seasonal pattern statistically significant? Periodicity of the pattern Analysis: Seasonal index analysis with test Autocorrelation Function analysis Significance Enhance VDMs predicting ability 35
36 Data Sets Data Sets to be analyzed here Windows NT Internet Information Services (IIS) server Internet Explorer (IE) National Vulnerability Database (NVD) [3] U.S. government repository of vulnerability management data collected and organized using specific standards 36 [3] National Institute of Standards and Technology. National Vulnerability Database.
37 Percentage Prevalence in Month Vulnerabilities Disclosed WinNT 95~ 07 IIS 96~ 07 IE 97~ 07 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Total Mean s.d Percentage of Vuln. for Month Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Month Win NT I I S Internet Explorer 37
38 Seasonal Index Seasonal Index Values WinNT IIS IE Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec p-value 3.04e e e-6 Seasonal index: measures how much the average for a particular period tends to be above (or below) the expected value H 0 : no seasonality is present. We will evaluate it using the monthly seasonal index values given by [4]: where, s i is the seasonal index for i th month, d i is the mean value of i th month, d is a grand average 38 [4] Hossein Arsham. Time-Critical Decision Making for Business Administration. Available: edu/ntsbarsh/business-stat/stat-data/forecast.htm#rseasonindx
39 Autocorrelation function (ACF) Plot of autocorrelations function values With time series values of z b, z b+1,, z n, the ACF at lag k, denoted by r k, is [5]:, where 39 Measures the linear relationship between time series observations separated by a lag of time units Hence, when an ACF value is located outside of confidence intervals at a lag t, it can be thought that every lag t, there is a relationships along with the time line [5] B. L. Bowerman and R. T. O'connell, Time Series Forecsting: Unified concepts and computer implementation. 2nd Ed., Boston: Duxbury Press, 1987
40 Autocorrelation (ACF):Results Expected lags corresponding to 6 months or its multiple would have their ACF values outside confidence interval Upper/lower dotted lines: 95% confidence intervals. An event occurring at time t + k (k > 0) lags behind an event occurring at time t. Lags are in month. 40
41 Conclusion / Future Work The results show strong seasonality in systems examined, with higher discovery rates in some months. This needs to be taken into account for making accurate projections. Study of diverse software products, commercial and open-source, to identify causes of seasonality and possible variation across software systems. 41
42 Return Halloween Indicator Also known as Sell in May and go away Global ( ): Nov.-April: 12.47% ann., st dev 12.58% 12-months:10.92%, st. dev % 36 of 37 developing/developed nations Data going back to 1694 No convincing explanation January February March April May June July August September October November December Jacobsen, Ben and Bouman, Sven,The Halloween Indicator, 'Sell in May and Go Away': Another Puzzle(July 2001). Available at SSRN:
43 References O. H. Alhazmi, Y. K. Malaiya, I. Ray, " Measuring, Analyzing and Predicting Security Vulnerabilities in Software Systems," Computers and Security Journal, Volume 26, Issue 3, May 2007, Pages J. Kim, Y. K. Malaiya and I. Ray, "Vulnerability Discovery in Multi-Version Software Systems," Proc. 10th IEEE Int. Symp. on High Assurance System Engineering (HASE), Dallas, Nov. 2007, pp H. Joh and Y. K. Malaiya, "Seasonal Variation in the Vulnerability Discovery Process, " Proc. 2nd IEEE Int. Conf. Software Testing, Verification, and Validation, April 2009, pp Guido Schryen, Is open source security a myth? What do vulnerability and patch data say?, Communications of the ACM, May 2011, vol. 54, no. 5, pp
Vulnerability Discovery in Multi-Version Software Systems
Vulnerability Discovery in Multi-Version Software Systems Jinyoo Kim, Yashwant K. Malaiya, Indrakshi Ray Computer Science Department Colorado State University, Fort Collins, CO 8052 [jyk6457, malaiya,
More informationAssessing Vulnerabilities in Apache and IIS HTTP Servers
Assessing in Apache and IIS HTTP Servers Sung-Whan Woo Colorado State University Fort Collins, CO 8523 woo@cs.colostate.edu Omar H. Alhazmi Colorado State University Fort Collins, CO 8523 omar@cs.colostate.edu
More informationNMOSE GPCD CALCULATOR
NMOSE CALCULATOR It should be noted that all the recorded data should be from actual metered results and should not include any estimates. Gallons per Capita - v2.4 Beta Release Date: Mar, 16, 29 This
More informationAIMMS Function Reference - Date Time Related Identifiers
AIMMS Function Reference - Date Time Related Identifiers This file contains only one chapter of the book. For a free download of the complete book in pdf format, please visit www.aimms.com Aimms 3.13 Date-Time
More informationCIMA Asia. Interactive Timetable Live Online
CIMA Asia Interactive Timetable 2017 2018 Live Online Version 1 Information last updated 09 October 2017 Please note: Information and dates in this timetable are subject to change. CIMA Cert BA Course
More informationAirside Congestion. Airside Congestion
Airside Congestion Amedeo R. Odoni T. Wilson Professor Aeronautics and Astronautics Civil and Environmental Engineering Massachusetts Institute of Technology Objectives Airside Congestion _ Introduce fundamental
More informationIAB Internet Advertising Revenue Report
IAB Internet Advertising Revenue Report Full Year 2017 and Q4 2017 May 10, 2018 IAB Internet Ad Revenue Report: Full Year 2017 and Q4 2017 Agenda Welcome Kristina Sruoginis, Research Director, IAB Full
More informationCIMA Asia. Interactive Timetable Live Online
CIMA Asia Interactive Timetable 2018 Live Online Information version 8 last updated 04/05/18 Please note information and dates are subject to change. Premium Learning Partner 2018 CIMA Cert BA Course Overview
More informationGrade 4 Mathematics Pacing Guide
Jul 2014 ~ August 2014 ~ Sep 2014 1 2 3 4 5 6 7 8 9 10 11 12 14 15 16 17 Routines 19 Routines 20 Routines BOY 22 BOY 23 24 11 12 14 29 15 30 31 Notes: Found Online @ wwweverydaymathonlinecom 1 More Calendars
More informationUndergraduate Admission File
Undergraduate Admission File June 13, 2007 Information Resources and Communications Office of the President University of California Overview Population The Undergraduate Admission File contains data on
More informationNigerian Telecommunications Sector
Nigerian Telecommunications Sector SUMMARY REPORT: Q4 and full year 2015 NATIONAL BUREAU OF STATISTICS 26th April 2016 Telecommunications Data The telecommunications data used in this report were obtained
More informationINTRODUCING CISCO SECURITY FOR AWS
SESSION ID: SPO1-T08 INTRODUCING CISCO SECURITY FOR AWS Patrick Crowley CTO Cisco, Stealthwatch Cloud @p_crowley Three Main Points Use VPC Flow logs to make sure nothing is happening behind your back Use
More informationPushing the Limits. ADSM Symposium Sheelagh Treweek September 1999 Oxford University Computing Services 1
Pushing the Limits ADSM Symposium Sheelagh Treweek sheelagh.treweek@oucs.ox.ac.uk September 1999 Oxford University Computing Services 1 Overview History of ADSM services at Oxford October 1995 - started
More informationCharacterization and Modeling of Deleted Questions on Stack Overflow
Characterization and Modeling of Deleted Questions on Stack Overflow Denzil Correa, Ashish Sureka http://correa.in/ February 16, 2014 Denzil Correa, Ashish Sureka (http://correa.in/) ACM WWW-2014 February
More informationIAB Internet Advertising Revenue Report
IAB Internet Advertising Revenue Report Half Year 2018 and Q2 2018 November 2018 IAB Internet Ad Revenue Report: Half Year 2018 and Q2 2018 Agenda Welcome Intro Sue Hogan, SVP Research and Measurement,
More informationFreedom of Information Act 2000 reference number RFI
P. Norris By email to: xxxxxxxxxxxxxxxxxxxxxx@xxxxxxxxxxxxxx.xxm 02 November 2011 Dear P. Norris Freedom of Information Act 2000 reference number RFI20111218 Thank you for your request under the Freedom
More informationMONITORING REPORT ON THE WEBSITE OF THE STATISTICAL SERVICE OF CYPRUS DECEMBER The report is issued by the.
REPUBLIC OF CYPRUS STATISTICAL SERVICE OF CYPRUS MONITORING REPORT ON THE WEBSITE OF THE STATISTICAL SERVICE OF CYPRUS DECEMBER The report is issued by the Monitoring Report STATISTICAL DISSEMINATION AND
More informationDATE OF BIRTH SORTING (DBSORT)
DATE OF BIRTH SORTING (DBSORT) Release 3.1 December 1997 - ii - DBSORT Table of Contents 1 Changes Since Last Release... 1 2 Purpose... 3 3 Limitations... 5 3.1 Command Line Parameters... 5 4 Input...
More informationContents:
Contents: Conventional/REO/Short Sale Single Family Sold Sold Properties by Cities - Properties Sold Supply Inventory Median Price Comparison by Year www.swflrealtors.com Page #. Single Family & Condo
More informationWeb Gateway Security Appliances for the Enterprise: Comparison of Malware Blocking Rates
Web Gateway Security Appliances for the Enterprise: Comparison of Malware Blocking Rates A test commissioned by McAfee, Inc. and performed by AV-Test GmbH Date of the report: December 7 th, 2010 (last
More informationAll King County Summary Report
September, 2016 MTD MARKET UPDATE Data Current Through: September, 2016 18,000 16,000 14,000 12,000 10,000 8,000 6,000 4,000 2,000 0 Active, Pending, & Months Supply of Inventory 15,438 14,537 6.6 6.7
More informationSan Joaquin County Emergency Medical Services Agency
San Joaquin County Emergency Medical Services Agency http://www.sjgov.org/ems Memorandum TO: All Interested Parties FROM: Rick Jones, EMS Analyst DATE: January, 19 Mailing Address PO Box French Camp, CA
More informationREPORT ON TELECOMMUNICATIONS SERVICE QUALITY WINDSTREAM FLORIDA, INC.
REPORT ON TELECOMMUNICATIONS SERVICE QUALITY For WINDSTREAM FLORIDA, INC. Alachua, Brooker, High Springs, Melrose, and Waldo s February 4 March 14, 2008 Division of Service, Safety & Consumer Assistance
More informationCRIME ANALYSIS SACRAMENTO COUNTY SHERIFF S DEPARTMENT
27 February 2018 Five Year Uniform Crime Reporting (UCR) Analysis 2013-2017 Page 1 16 SACRAMENTO COUNTY UNIFORM CRIME REPORT 2013-2017 This report provides a five-year analysis of crime trends within the
More informationCpk: What is its Capability? By: Rick Haynes, Master Black Belt Smarter Solutions, Inc.
C: What is its Capability? By: Rick Haynes, Master Black Belt Smarter Solutions, Inc. C is one of many capability metrics that are available. When capability metrics are used, organizations typically provide
More informationSeattle (NWMLS Areas: 140, 380, 385, 390, 700, 701, 705, 710) Summary
September, 2016 MTD MARKET UPDATE Data Current Through: September, 2016 (NWMLS Areas: 140, 380, 385, 390,, 701, 705, 710) Summary Active, Pending, & Months Supply of Inventory 5,000 4,500 4,000 3,500 4,091
More informationDenver, Colorado November 16, 2004 D. R. Corpron Senior Manager & Master Black Belt
Using Process Simulation in Quantitative Management Denver, Colorado November 16, 2004 D. R. Corpron Senior Manager & Master Black Belt 1 Preview What is the problem? Why process simulation? Steps to perform
More informationSeattle (NWMLS Areas: 140, 380, 385, 390, 700, 701, 705, 710) Summary
October, 2016 MTD MARKET UPDATE Data Current Through: October, 2016 (NWMLS Areas: 140, 380, 385, 390,, 701, 705, 710) Summary Active, Pending, & Months Supply of Inventory 4,500 4,000 3,500 4,197 4,128
More informationSeattle (NWMLS Areas: 140, 380, 385, 390, 700, 701, 705, 710) Summary
November, 2016 MTD MARKET UPDATE Data Current Through: November, 2016 (NWMLS Areas: 140, 380, 385, 390,, 701, 705, 710) Summary 4,000 3,500 3,000 2,500 2,000 1,500 1,000 500 0 Active, Pending, & Months
More informationNigerian Telecommunications (Services) Sector Report Q3 2016
Nigerian Telecommunications (Services) Sector Report Q3 2016 24 NOVEMBER 2016 Telecommunications Data The telecommunications data used in this report were obtained from the National Bureau of Statistics
More informationApp Economy Market analysis for Economic Development
App Economy Market analysis for Economic Development Mustapha Hamza, ISET Com Director mustapha.hamza@isetcom.tn ITU Arab Forum on Future Networks: "Broadband Networks in the Era of App Economy", Tunis
More informationCybersecurity is a Team Sport
Cybersecurity is a Team Sport Cyber Security Summit at Loyola Marymount University - October 22 2016 Dr. Robert Pittman, CISM Chief Information Security Officer National Cyber Security Awareness Month
More informationRLMYPRINT.COM 30-DAY FREE NO-OBLIGATION TRIAL OF RANDOM LENGTHS MY PRINT.
My Print ON-DEMAND GRAPHS AND PRICE REPORTS TRY IT FREE FOR 30 DAYS! RLMYPRINT.COM 30-DAY FREE NO-OBLIGATION TRIAL OF RANDOM LENGTHS MY PRINT. Register and immediately begin using the new Web site to create
More informationDAS LRS Monthly Service Report
DAS LRS Monthly Service Report Customer Service Manager : Diploma Aggregation Service : Daniel Ward Project/document reference : DAS LRS 2010-12 Issue : 1.0 Issue date : 17 th January 2011 Reporting Period
More informationTraining of BRs/NCs reviewers and experts for Biennial Update Reports technical analysis. 5 th BRs and NCs lead reviewers meeting
Training of BRs/NCs reviewers and experts for Biennial Update Reports technical analysis 5 th BRs and NCs lead reviewers meeting Kyoko Miwa, Haike Stephen Mitigation Data Analysis programme, UNFCCC secretariat
More informationMeasuring Large-Scale Distributed Systems: Case of BitTorrent Mainline DHT
Measuring Large-Scale Distributed Systems: Case of BitTorrent Mainline DHT Liang Wang Jussi Kangasharju Department of Computer Science, University of Helsinki, Finland 1 Why do people measure? System measurement
More informationISE Cyber Security UCITS Index (HUR)
ISE Cyber Security UCITS Index (HUR) Why Cybersecurity is important Data breaches have become almost commonplace in the last few years Cybersecurity focuses on protecting computers, networks, programs,
More information(S)LOC Count Evolution for Selected OSS Projects. Tik Report 315
(S)LOC Count Evolution for Selected OSS Projects Tik Report 315 Arno Wagner arno@wagner.name December 11, 009 Abstract We measure the dynamics in project code size for several large open source projects,
More informationWhat future changes are planned to improve the performance and reliability of the Wairarapa Connection?
By email 27 February 2017 File Ref: OIAP-7-3039 Shed 39, 2 Fryatt Quay Pipitea, Wellington 6011 PO Box 11646 Manners Street Wellington 6142 T 04 384 5708 F 04 385 6960 www.gw.govt.nz Iain Palmer fyi-request-5300-1f924c94@requests.fyi.org.nz
More informationMetrixND Newsletters Contents List By Topic
Workshops 2012 Workshops, Meetings and Free Brown Bag Seminars Vol 38, Feb 2012 2011 Workshops, Meetings and Free Brown Bag Seminars Vol 37, May 2011 2010 Workshops, Meetings and Free Brown Bag Seminars
More informationTOSHIBA. Semiconductor company Ref. : H Asia Pacific Satelite Industries TO : APPROVAL SHEET FOR TC7SH04FU(T5L,JF,T.
Date : 18 July'06 Semiconductor company Ref. : H06183007 TO : Asia Pacific Satelite Industries APPROVAL SHEET FOR TC7SH04FU(T5L,JF,T Contents : 1. Specification Data 2. General Specification 3. Marking
More informationMulti-part functionality in PINES
Monographic parts in PINES In order to allow holds on specific volumes in Evergreen, PINES will implement Monographic parts functionality for print titles. This functionality links volumes in a multi-volume
More informationSpiegel Research 3.0 The Mobile App Story
Spiegel Research 3.0 The Mobile App Story The effects of adopting and using a brand s mobile application on purchase behaviors SU JUNG KIM THE PROJECT Smartphone penetration in the U.S. has reached 68
More informationKevin James. MTHSC 102 Section 1.5 Polynomial Functions and Models
MTHSC 102 Section 1.5 Polynomial Functions and Models Definition A quadratic function is a function whose second differences are constant. It achieves either a local max or a local min and has no inflection
More informationGoogle Analytics: A Worm's-Eye View & DigitalCommons Usage Reports
University of Nebraska - Lincoln DigitalCommons@University of Nebraska - Lincoln Library Conference Presentations and Speeches Libraries at University of Nebraska-Lincoln 4-1-2010 Google Analytics: A Worm's-Eye
More informationWin32/Msblast: A Case Study from Microsoft s Perspective. Matthew Braverman Program Manager Microsoft Corporation
Win32/Msblast: A Case Study from Microsoft s Perspective Matthew Braverman Program Manager Microsoft Corporation mattbrav@microsoft.com Win32/Msblast & Win32/Sasser: Overview Msblast Sasser Advantage Vulnerability
More informationCS Programming I: Arrays
CS 200 - Programming I: Arrays Marc Renault Department of Computer Sciences University of Wisconsin Madison Fall 2017 TopHat Sec 3 (PM) Join Code: 719946 TopHat Sec 4 (AM) Join Code: 891624 Array Basics
More informationMonthly SEO Report. Example Client 16 November 2012 Scott Lawson. Date. Prepared by
Date Monthly SEO Report Prepared by Example Client 16 November 212 Scott Lawson Contents Thanks for using TrackPal s automated SEO and Analytics reporting template. Below is a brief explanation of the
More informationTCA metric #3. TCA and fair execution. The metrics that the FX industry must use.
LMAX Exchange: TCA white paper V1. - May 17 TCA metric #3 TCA and fair execution. The metrics that the FX industry must use. An analysis and comparison of common FX execution quality metrics between last
More informationUser guide for MODIS derived vegetation fractional cover metrics
User guide for MODIS derived vegetation fractional cover metrics Introduction The MODIS derived vegetation fractional cover metrics is a collection of image files which statistically summarise the time
More informationINFORMATION TECHNOLOGY SPREADSHEETS. Part 1
INFORMATION TECHNOLOGY SPREADSHEETS Part 1 Page: 1 Created by John Martin Exercise Built-In Lists 1. Start Excel Spreadsheet 2. In cell B1 enter Mon 3. In cell C1 enter Tue 4. Select cell C1 5. At the
More informationTroop calendar
Troop 546 2013-2014 calendar For questions and information please visit www.troop546peoriaaz.com or email troop546info@googlegroups.com August Court of honor Tue Aug 27, 2013 6pm - 7:30pm Award scouts
More informationInvincea Endpoint Protection Test
Invincea Endpoint Protection Test A test commissioned by Invincea and performed by AV-TEST GmbH. Date of the report: May 2 nd, 2016 Executive Summary In April 2016, AV-TEST performed a review of the Invincea
More informationCIMA Certificate BA Interactive Timetable
CIMA Certificate BA Interactive Timetable 2018 Nottingham & Leicester Version 3.2 Information last updated 09/03/18 Please note: Information and dates in this timetable are subject to change. Introduction
More informationThe State of the Raven. Jon Warbrick University of Cambridge Computing Service
The State of the Raven Jon Warbrick University of Cambridge Computing Service jw35@cam.ac.uk Corvus corax Raven photo used under the terms of the GNU Free Documentation License. Author Pcb21. Raven Web
More informationSan Francisco Housing Authority (SFHA) Leased Housing Programs October 2015
San Francisco Housing Authority (SFHA) Leased Housing Programs October 2015 Table of Contents Program Utilization Summary 3 PIC Reporting Rate 4-5 Operational Updates Recertifications and Inspections 6-7
More informationNew Concept for Article 36 Networking and Management of the List
New Concept for Article 36 Networking and Management of the List Kerstin Gross-Helmert, AFSCO 28 th Meeting of the Focal Point Network EFSA, MTG SEAT 00/M08-09 THE PRESENTATION Why a new concept? What
More informationHPE Security Data Security. HPE SecureData. Product Lifecycle Status. End of Support Dates. Date: April 20, 2017 Version:
HPE Security Data Security HPE SecureData Product Lifecycle Status End of Support Dates Date: April 20, 2017 Version: 1704-1 Table of Contents Table of Contents... 2 Introduction... 3 HPE SecureData Appliance...
More informationSYS 6021 Linear Statistical Models
SYS 6021 Linear Statistical Models Project 2 Spam Filters Jinghe Zhang Summary The spambase data and time indexed counts of spams and hams are studied to develop accurate spam filters. Static models are
More informationExample. Section: PS 709 Examples of Calculations of Reduced Hours of Work Last Revised: February 2017 Last Reviewed: February 2017 Next Review:
Following are three examples of calculations for MCP employees (undefined hours of work) and three examples for MCP office employees. Examples use the data from the table below. For your calculations use
More informationStat 428 Autumn 2006 Homework 2 Solutions
Section 6.3 (5, 8) 6.3.5 Here is the Minitab output for the service time data set. Descriptive Statistics: Service Times Service Times 0 69.35 1.24 67.88 17.59 28.00 61.00 66.00 Variable Q3 Maximum Service
More informationInternet Threat Detection System Using Bayesian Estimation
Internet Threat Detection System Using Bayesian Estimation Masaki Ishiguro 1 Hironobu Suzuki 2 Ichiro Murase 1 Hiroyuki Ohno 3 Abstract. We present an Internet security threat detection system 4 using
More informationTesting Contact and Response Strategies to Improve Response in the 2012 Economic Census
Testing Contact and Response Strategies to Improve Response in the 2012 Economic Census Erica Marquette Michael Kornbau U.S. Census Bureau* Prepared for FCSM November 4-6, 2013 *The views expressed in
More informationTravellers reviews impact on destination brands. Jonathan Howlett VP Global Destination Marketing
Travellers reviews impact on destination brands Jonathan Howlett VP Global Destination Marketing Evolution Of Travel The Users Take Control Advanced Discovery Plan & Have The Perfect Trip Source: Oyster.com
More informationNigerian Telecommunications (Services) Sector Report Q2 2016
Nigerian Telecommunications (Services) Sector Report Q2 2016 01 SEPTEMBER 2016 Telecommunications Data The telecommunications data used in this report were obtained from the National Bureau of Statistics
More informationCoaching emerit Certified Event Find out what level you are ready for and what you need to JHB
For more information on these courses, please visit www.exsaacademy.co.za/courses or contact 011 467 6771 or e-mail: info@exsaacademy.co.za DATE NAME OF COURSE COURSE OUTLINE WHERE DURATION MARCH 07-Mar
More informationTracking the Internet s BGP Table
Tracking the Internet s BGP Table Geoff Huston Telstra December 2000 Methodology! The BGP table monitor uses a router at the boundary of AS1221 which has a default-free ebgp routing table 1. Capture the
More information2018 CERTIFICATION TRAINING SCHEDULE COURSE TARGET AUDIENCE FEE JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC
CERTIFICATION TRAINING SCHEDULE COURSE TARGET AUDIENCE FEE JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC PECB ISO 9001: Quality PECB ISO 14001: Environmental PECB OHSA 18001: Occupational Health and
More informationINTERTANKO Vetting seminar 24 th October 2017
INTERTANKO Vetting seminar 24 th October 2017 SIRE Developments VIQ 7 New VIQ being developed Structure will remain the same with 13 chapters. Reduction in the number of questions, net approx. 70 decrease.
More informationWithdrawn Equity Offerings: Event Study and Cross-Sectional Regression Analysis Using Eventus Software
Withdrawn Equity Offerings: Event Study and Cross-Sectional Regression Analysis Using Eventus Software Copyright 1998-2001 Cowan Research, L.C. This note demonstrates the use of Eventus software to conduct
More information2018 CERTIFICATION TRAINING SCHEDULE COURSE TARGET AUDIENCE FEE JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC
CERTIFICATION TRAINING SCHEDULE COURSE TARGET AUDIENCE FEE JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC PECB ISO 90: Quality PECB ISO 140: Environmental PECB OHSA 180: Occupational Health and Safety
More informationExcel Functions & Tables
Excel Functions & Tables SPRING 2016 Spring 2016 CS130 - EXCEL FUNCTIONS & TABLES 1 Review of Functions Quick Mathematics Review As it turns out, some of the most important mathematics for this course
More informationRouting the Internet in Geoff Huston APNIC March 2007
Routing the Internet in 2006 Geoff Huston APNIC March 2007 IPv4 in 2006 Total Advertised BGP Prefixes BGP Table Growth 210000 200000 190000 BGP FIB Entries 180000 2006 170000 2005 160000 150000 Jan Feb
More informationCalendar PPF Production Cycles Non-Production Activities and Events
20-207 Calendar PPF Production Cycles Non-Production Activities and Events Four Productions For non-holiday productions 7 Week Stage Cycles 36 Uses plus strike (as in prior years and per agreement with
More information2018 CALENDAR OF ACTIVITIES
2018 CALENDAR OF ACTIVITIES WHO WE ARE AND WHAT WE OFFER Ý Public Trainings Technical Sessions Reviews GMM Other Chapter Activities Conferences Professionals Night ISACA was incorporated by individuals
More informationSME License Order Working Group Update - Webinar #3 Call in number:
SME License Order Working Group Update - Webinar #3 Call in number: Canada Local: +1-416-915-8942 Canada Toll Free: +1-855-244-8680 Event Number: 662 298 966 Attendee ID: check your WebEx session under
More informationC Structures, Unions, Bit Manipulations, and Enumerations
C Structures, Unions, Bit Manipulations, and Enumerations Chih-Wei Tang ( 唐之瑋 ) Department of Communication Engineering National Central University JhongLi, Taiwan Outline 10.2 Structure Definitions 10.4
More informationDigital Test. Coverage Index
Digital Test Coverage Index Edition 3 December 2015 Table of Contents Introduction How We Built the Index and How to Read It... Pg. 4 Key Takeaways... Pg. 5 Mobile and Web Indexes by Country U.S... Pg.
More informationAdMob Mobile Metrics Report
AdMob Mobile Metrics Report AdMob serves ads for more than 15,000 mobile Web sites and applications around the world. AdMob stores and analyzes the data from every ad request, impression, and click and
More informationInterim Report Technical Support for Integrated Library Systems Comparison of Open Source and Proprietary Software
Interim Report Technical Support for Integrated Library Systems Comparison of Open Source and Proprietary Software Vandana Singh Assistant Professor, School of Information Science, University of Tennessee,
More informationThe Threat Landscape and Security Trends. Jeremy Ward
The Threat Landscape and Security Trends Jeremy Ward DTI Survey 2004 - Incidence of breaches What proportion of UK businesses had a security incident last year? Trends since 2002 What proportion of UK
More informationService Excellence by Design. Tom Floodeen Vice President & General Manager Customer Support Division Mentor Graphics Corporation
Service Excellence by Design Tom Floodeen Vice President & General Manager Customer Support Division Mentor Graphics Corporation A Culture of Service A A business absolutely devoted to service will have
More informationFor personal use only. Update Event & nearmap Solar
Update Event & nearmap Solar Update Event and nearmap Solar Paul Peterson Senior VP Product & Engineering 2 Current Clear Change Current What s on the ground now Clear Unrivalled clarity Change Monitor
More informationScheduled Base Rental Revenue 919, , , ,027 1,013,613 1,038,875 1,064,831 1,091, ,637 1,099,323 1,132,302 1,166,272
Time : 10:30 am Page : 1 Schedule Of Prospective Cash Flow In Inflated Dollars for the Fiscal Year Beginning 9/1/2010 Potential Gross Revenue Base Rental Revenue $919,148 $941,812 $965,099 $989,027 $1,013,613
More informationEffects of PROC EXPAND Data Interpolation on Time Series Modeling When the Data are Volatile or Complex
Effects of PROC EXPAND Data Interpolation on Time Series Modeling When the Data are Volatile or Complex Keiko I. Powers, Ph.D., J. D. Power and Associates, Westlake Village, CA ABSTRACT Discrete time series
More informationSoftware Reliability Models: Failure rate estimation
Software Reliability Models: Failure rate estimation Animesh Kumar Rai M.Tech Student, Department of information Technology Amity School of Engineering and Technology Amity University, Noida, Uttar Pradesh
More informationMobile Broadband and benefits with harmonized UHF spectrum
Mobile Broadband and benefits with harmonized UHF spectrum Hans Höglund Director, Government & Industry Relations Business Unit Networks, Ericsson Ericsson AB 2009 1 Broadband access is a government priority..the
More informationImputation for missing observation through Artificial Intelligence. A Heuristic & Machine Learning approach
Imputation for missing observation through Artificial Intelligence A Heuristic & Machine Learning approach (Test case with macroeconomic time series from the BIS Data Bank) Byeungchun Kwon Bank for International
More informationLOADS, CUSTOMERS AND REVENUE
EB04-06 Corrected: 0 Jan Page of LOADS, CUSTOMERS AND REVENUE 4 Toronto Hydro s total load, customer and distribution revenue forecast is summarized in Table. The revenue forecast is calculated based on
More informationI.A.C. - Italian Activity Contest.
I.A.C. - Italian Activity Contest. RULES FOR 2017 I.A.C. EDITION. Scope: Main goal of the I.A.C. - Italian Activity Contest is to promote, encourage and support the use of the HAM bands from 50 MHz to
More informationThe New England Approach to HIPAA. John D. Halamka MD Chairman, New England Health EDI Network CIO, CareGroup Healthcare System
The New England Approach to HIPAA John D. Halamka MD Chairman, New England Health EDI Network CIO, CareGroup Healthcare System Three part approach Administrative Simplification Security/Confidentiality
More informationsoftware.sci.utah.edu (Select Visitors)
software.sci.utah.edu (Select Visitors) Web Log Analysis Yearly Report 2002 Report Range: 02/01/2002 00:00:0-12/31/2002 23:59:59 www.webtrends.com Table of Contents Top Visitors...3 Top Visitors Over Time...5
More informationImputation for missing data through artificial intelligence 1
Ninth IFC Conference on Are post-crisis statistical initiatives completed? Basel, 30-31 August 2018 Imputation for missing data through artificial intelligence 1 Byeungchun Kwon, Bank for International
More informationIntegration new Apriori algorithm MDNC and Six Sigma to Improve Array yield in the TFT-LCD Industry
Integration new Apriori algorithm MDNC and Six Sigma to Improve Array yield in the TFT-LCD Industry Chiung-Fen Huang *, Ruey-Shun Chen** * Institute of Information Management, Chiao Tung University Management
More informationTOWN MANAGER S WEEKLY REPORT
TOWN MANAGER S WEEKLY REPORT UPCOMING MEETINGS & EVENTS Town Council Meeting: Wednesday, May 10, 7:00 PM, Regular Meeting, Town Hall Planning Commission: Wednesday, May 17, 6:00 PM, Town Hall 1. Public
More informationProduct Versioning and Back Support Policy
Effective March 18, 2016 to Feb 1, 2017 Product Versioning and Back Support Policy Definitions Semantic Versioning Date Based Versioning Standard Support Extended Support End of Life Support Critical Security
More informationMartin Purvis CEO. Presentation following the AGM. 26 April 2012
Martin Purvis CEO Presentation following the AGM 26 April 212 IMPORTANT NOTICE Nothing in this presentation constitutes an offer of securities for sale. This presentation contains certain forward-looking
More informationPrice Change Proposed. October 2018
Change 2019 Proposed October 2018 2019 Change Agenda Overview Market Dominant Promotions First-Class Mail USPS Marketing Mail Periodicals Package Services Extra Services Overview Competitive 2 Timeline
More informationAdMob Mobile Metrics. Metrics Highlights. May 2010
AdMob Mobile Metrics Metrics Highlights May 2010 Metrics Highlights Summary While mobile Internet requests are growing rapidly worldwide, there are regional differences in the devices used 92 countries
More informationInter-Domain Routing Trends
Inter-Domain Routing Trends Geoff Huston gih@apnic.net APNIC March 2007 Agenda 1. Some data about the network and BGP over 2006 2. Some observations about the distribution patterns of BGP updates 3. Pointers
More information