Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump Using CUDA-enabled GPU Hardware

This paper focuses on the anticipatory enhancement of methods of detecting stealth software. Cyber security detection tools are insufficiently powerful to reveal the most recent cyber-attacks which use malware. In this paper, we will present first an idea of the highest stealth malware, as this is the most complicated scenario for detection because it combines both existing anti-forensic techniques together with their potential improvements. Second, we will present new detection methods which are resilient to this hidden prototype. To help solve this detection challenge, we have analyzed Windows’ memory content using a new method of Shannon Entropy calculation; methods of digital photogrammetry; the Zipf–Mandelbrot law, as well as by disassembling the memory content and analyzing the output. Finally, we present an idea and architecture of the software tool, which uses CUDA-enabled GPU hardware, to speed-up memory forensics. All three ideas are currently a work in progress. Keywords: rootkit detection, anti-forensics, memory analysis, scattered fragments, anticipatory enhancement, CUDA

Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump Using CUDA-enabled GPU Hardware

This paper focuses on the anticipatory enhancement of methods of detecting stealth software. Cyber security detection tools are insufficiently powerful to reveal the most recent cyber-attacks which use malware. In this paper, we will present first an idea of the highest stealth malware, as this is the most complicated scenario for detection because it combines both existing anti-forensic techniques together with their potential improvements. Second, we present new detection methods, which are resilient to this hidden prototype. To help solve this detection challenge, we have analyzed Windows memory content using a new method of Shannon Entropy calculation; methods of digital photogrammetry; the Zipf Mandelbrot law, as well as by disassembling the memory content and analyzing the output. Finally, we present an idea and architecture of the software tool, which uses CUDA enabled GPU hardware to speed-up memory forensics. All three ideas are currently a work in progress

Streamlining intersectoral provision of real-world health data: a service platform for improved clinical research and patient care

IntroductionObtaining real-world data from routine clinical care is of growing interest for scientific research and personalized medicine. Despite the abundance of medical data across various facilities — including hospitals, outpatient clinics, and physician practices — the intersectoral exchange of information remains largely hindered due to differences in data structure, content, and adherence to data protection regulations. In response to this challenge, the Medical Informatics Initiative (MII) was launched in Germany, focusing initially on university hospitals to foster the exchange and utilization of real-world data through the development of standardized methods and tools, including the creation of a common core dataset. Our aim, as part of the Medical Informatics Research Hub in Saxony (MiHUBx), is to extend the MII concepts to non-university healthcare providers in a more seamless manner to enable the exchange of real-world data among intersectoral medical sites.MethodsWe investigated what services are needed to facilitate the provision of harmonized real-world data for cross-site research. On this basis, we designed a Service Platform Prototype that hosts services for data harmonization, adhering to the globally recognized Health Level 7 (HL7) Fast Healthcare Interoperability Resources (FHIR) international standard communication format and the Observational Medical Outcomes Partnership (OMOP) common data model (CDM). Leveraging these standards, we implemented additional services facilitating data utilization, exchange and analysis. Throughout the development phase, we collaborated with an interdisciplinary team of experts from the fields of system administration, software engineering and technology acceptance to ensure that the solution is sustainable and reusable in the long term.ResultsWe have developed the pre-built packages “ResearchData-to-FHIR,” “FHIR-to-OMOP,” and “Addons,” which provide the services for data harmonization and provision of project-related real-world data in both the FHIR MII Core dataset format (CDS) and the OMOP CDM format as well as utilization and a Service Platform Prototype to streamline data management and use.ConclusionOur development shows a possible approach to extend the MII concepts to non-university healthcare providers to enable cross-site research on real-world data. Our Service Platform Prototype can thus pave the way for intersectoral data sharing, federated analysis, and provision of SMART-on-FHIR applications to support clinical decision making

New Moodle plugin for IMS Question and Test Interoperability specification (QTI)

In the ESF project "StudiPortal Brandenburg", eight Brandenburg universities, colleges and the Brandenburg Study Orientation Network are working together on the development of a portal for study orientation, preparation and support. An important part of the project is to store questions from different systems in a question exchange database and make it accessible for all project partners. Since there is currently no well-functioning option for this, we decided to develop an extension for integration into our question exchange platform. For this purpose, a new Moodle plugin was developed at BTU Cottbus - Senftenberg that converts questions from the QTI 2.1 standard into Moodle XML and vice versa. The aim was to convert as many question types as possible free of loss. For this purpose, questions from various systems that work with the QTI standard were made available and tested for the possibility of lossless conversion. The result is the prototype of a plugin that can convert eight different question types. In this article we present the first prototype of the plugin.162157

Concept of a cross-university question exchange platform with Moodle LMS

In the European Social Fund (ESF) project "Profilgebundene-Wissenschecks 2.0", seven Brandenburg Universities and Colleges are working together on the implementation and further development of online tools for study orientation, study preparation and support. The work packages include the development of online subject quizzes (online self-assessments), in order to support prospective students to compare their individual knowledge levels with the knowledge required at the beginning of their studies. Depending on the results achieved, e-learning units are provided with the necessary subjectrelated knowledge. These units can be refreshed independently and the attendance of preliminary courses is recommended. The basis for the online assessments is a cross-university question exchange platform on which the affiliated universities share the developed questions and thereby establish a nationwide quality standard for selfassessments. The project partners at Brandenburg University of Technology Cottbus - Senftenberg (BTU) are responsible for developing the question exchange platform and for making the platform available to all partner universities. For this purpose, a concept was developed, wherein Moodle Learning Management Systems (LMS) is used as a basis and expanded to include functions for storing questions with associated metadata and search functions to search for questions with specific metadata. The concept of the cross-university question exchange platform is presented in this paper.33432