Allgemein
Computer Vision in the Infrared Spectrum
HUMAN VISUAL PERCEPTION IS LIMITED TO THE VISUAL-OPTICAL SPECTRUM. MACHINE VISION IS NOT. Cameras sensitive to the different infrared spectra can enhance the abilities of autonomous systems and visually perceive the environment in a holistic way. Relevant scene content can be made visible especially in situations, where sensors of other modalities face issues like a visual-optical camera that needs a source of illumination. As a consequence, not only human mistakes can be avoided by increasing the level of automation, but also machine-induced errors can be reduced that, for example, could make a self-driving car crash into a pedestrian under difficult illumination conditions. Furthermore, multi-spectral sensor systems with infrared imagery as one modality are a rich source of information and can provably increase the robustness of many autonomous systems. Applications that can benefit from utilizing infrared imagery range from robotics to automotive and from biometrics to surveillance. In this book, we provide a brief yet concise introduction to the current state-of-the-art of computer vision and machine learning in the infrared spectrum. Based on various popular computer vision tasks such as image enhancement, object detection, or object tracking, we first motivate each task starting from established literature in the visual-optical spectrum. Then, we discuss the differences between processing images and videos in the visual-optical spectrum and the various infrared spectra. An overview of the current literature is provided together with an outlook for each task. Furthermore, available and annotated public datasets and common evaluation methods and metrics are presented. In a separate chapter, popular applications that can greatly benefit from the use of infrared imagery as a data source are presented and discussed. Among them are automatic target recognition, video surveillance, or biometrics including face recognition. Finally, we conclude with recommendations for well-fitting sensor setups and data processing algorithms for certain computer vision tasks. We address this book to prospective researchers and engineers new to the field but also to anyone who wants to get introduced to the challenges and the approaches of computer vision using infrared images or videos. Readers will be able to start their work directly after reading the book supported by a highly comprehensive backlog of recent and relevant literature as well as related infrared datasets including existing evaluation frameworks. Together with consistently decreasing costs for infrared cameras, new fields of application appear and make computer vision in the infrared spectrum a great opportunity to face nowadays scientific and engineering challenges.* Introduction* Cross-Spectral Image Processing* Detection, Classification, and Tracking* Applications* Summary and Outlook* Bibliography* Authors' Biographies
Econometrics and Data Science
Get up to speed on the application of machine learning approaches in macroeconomic research. This book brings together economics and data science.Author Tshepo Chris Nokeri begins by introducing you to covariance analysis, correlation analysis, cross-validation, hyperparameter optimization, regression analysis, and residual analysis. In addition, he presents an approach to contend with multi-collinearity. He then debunks a time series model recognized as the additive model. He reveals a technique for binarizing an economic feature to perform classification analysis using logistic regression. He brings in the Hidden Markov Model, used to discover hidden patterns and growth in the world economy. The author demonstrates unsupervised machine learning techniques such as principal component analysis and cluster analysis. Key deep learning concepts and ways of structuring artificial neural networks are explored along with training them and assessing their performance. The Monte Carlo simulation technique is applied to stimulate the purchasing power of money in an economy. Lastly, the Structural Equation Model (SEM) is considered to integrate correlation analysis, factor analysis, multivariate analysis, causal analysis, and path analysis.After reading this book, you should be able to recognize the connection between econometrics and data science. You will know how to apply a machine learning approach to modeling complex economic problems and others beyond this book. You will know how to circumvent and enhance model performance, together with the practical implications of a machine learning approach in econometrics, and you will be able to deal with pressing economic problems.WHAT YOU WILL LEARN* Examine complex, multivariate, linear-causal structures through the path and structural analysis technique, including non-linearity and hidden states* Be familiar with practical applications of machine learning and deep learning in econometrics* Understand theoretical framework and hypothesis development, and techniques for selecting appropriate models* Develop, test, validate, and improve key supervised (i.e., regression and classification) and unsupervised (i.e., dimension reduction and cluster analysis) machine learning models, alongside neural networks, Markov, and SEM models* Represent and interpret data and modelsWHO THIS BOOK IS FORBeginning and intermediate data scientists, economists, machine learning engineers, statisticians, and business executivesTSHEPO CHRIS NOKERI harnesses big data, advanced analytics, and artificial intelligence to foster innovation and optimize business performance. In his functional work, he has delivered complex solutions to companies in the mining, petroleum, and manufacturing industries. He initially completed a bachelor’s degree in information management. He then graduated with an honors degree in business science at the University of the Witwatersrand on a TATA Prestigious Scholarship and a Wits Postgraduate Merit Award. He was unanimously awarded the Oxford University Press Prize. He has authored two Apress books: Data Science Revealed: With Feature Engineering, Data Visualization, Pipeline Development, and Hyperparameter Tuning, and Implementing Machine Learning for Finance: A Systematic Approach to Predictive Risk and Performance Analysis for Investment Portfolios. Chapter 1 Introduction to Econometrics.- Chapter 2 Univariate Consumption Study Applying Regression.- Chapter 3 Multivariate Consumption Study Applying Regression.- Chapter 4 Forecasting Growth.- Chapter 5 Classifying Economic Data Applying Logistic Regression.- Chapter 6 Finding Hidden Patterns in World Economy and Growth.- Chapter 7 Clustering GNI Per Capita on a Continental Level.- Chapter 8 Solving Economic Problems Applying Artificial Neural Networks.- Chapter 9 Inflation Simulation.- Chapter 10 Economic Causal Analysis Applying Structural Equation Modelling.
PHP 8 Solutions
Make your websites more dynamic by adding a feedback form, creating a private area where members can upload images that are automatically resized, or storing all your content in a database. DAVID POWERS has updated his definitive book to incorporate the latest techniques and changes to PHP with the arrival of PHP 8. New features include named attributes, constructor property promotion, the stricter and more concise match expression, union types, and more.The problem is, you're not a programmer and the thought of writing code sends a chill up your spine. Or maybe you've dabbled a bit in PHP and MySQL, but you can't get past baby steps. If this describes you, then you've just found the right book. PHP powers four out of every five websites that use a server-side language. In combination with the MySQL database it’s ideal for creating dynamic websites. PHP and MySQL are free, easy to use, and provided by many web hosting companies in their standard packages. This book also covers MariaDB, a seamless replacement for MySQL that has been adopted on many web servers.Unfortunately, most PHP books either expect you to be an expert already or force you to go through endless exercises of little practical value. In contrast, this book gives you real value right away through a series of practical examples that you can incorporate directly into your sites, optimizing performance and adding functionality such as file uploading, email feedback forms, image galleries, content management systems, and much more. Each solution is created with not only functionality in mind, but also visual design.But this book doesn't just provide a collection of ready-made scripts: each PHP solution builds on what's gone before, teaching you the basics of PHP and database design quickly and painlessly. You’ll learn how to optimize your code using object-oriented programming (OOP) techniques. By the end of the book, you'll have the confidence to start writing your own scripts or—if you prefer to leave that task to others—to adapt existing scripts to your own requirements. Right from the start, you're shown how easy it is to protect your sites by adopting secure coding practices.WHAT YOU WILL LEARN* Design and build dynamic PHP-based web sites and applications * Get started right away through practical examples that you can reuse* Incorporate PHP 8 elements including named attributes, constructor property promotion, and union types* Understand the subtle, but important differences between switch and match* Work with the latest PHP 8 techniques, innovations, and best practicesWHO THIS BOOK IS FORReaders should ideally have some prior exposure to web development using PHP.DAVID POWERS is the author of more than 30 highly successful video training courses and books on PHP. He began his professional career as a radio and TV journalist for the BBC, spending a large part of it in Japan reporting on the rise and collapse of the bubble economy. His background of reporting on complex issues in plain, jargon-free language reveals itself in his writing about PHP and web development.David first became involved with web development in the early 1990s as Editor of BBC Japanese TV. With no marketing budget, he developed a bilingual web site to promote the channel. After leaving the BBC, he went on to develop a bilingual online database for an international consultancy, as well as teaching web development courses at two universities in the UK. In addition to writing and creating video training courses, he’s a Trustee of a charity in North London that provides educational facilities for retired people and those no longer in full-time employment.1. What is PHP 8?2. Getting Ready to Work with PHP3. How to Write PHP Scripts—The Basics4. PHP 8: A Quick Reference5. Lightening Your Workload with Includes6. Bringing Forms to Life7. Uploading Files8. Using PHP to Manage Files9. Arrays9. Generating Thumbnail Images10. Pages that Remember: Simple Login and Multipage Forms11. Getting Started with a Database12. Connecting to a Database with PHP and SQL13. Creating a Dynamic Photo Gallery14. Managing Content15. Formatting Text and Dates16. Pulling Data from Multiple Tables17. Managing Multiple Database Tables18. Authenticating Users with a Database
Data Science Solutions with Python
Apply supervised and unsupervised learning to solve practical and real-world big data problems. This book teaches you how to engineer features, optimize hyperparameters, train and test models, develop pipelines, and automate the machine learning (ML) process.The book covers an in-memory, distributed cluster computing framework known as PySpark, machine learning framework platforms known as scikit-learn, PySpark MLlib, H2O, and XGBoost, and a deep learning (DL) framework known as Keras.The book starts off presenting supervised and unsupervised ML and DL models, and then it examines big data frameworks along with ML and DL frameworks. Author Tshepo Chris Nokeri considers a parametric model known as the Generalized Linear Model and a survival regression model known as the Cox Proportional Hazards model along with Accelerated Failure Time (AFT). Also presented is a binary classification model (logistic regression) and an ensemble model (Gradient Boosted Trees). The book introduces DL and an artificial neural network known as the Multilayer Perceptron (MLP) classifier. A way of performing cluster analysis using the K-Means model is covered. Dimension reduction techniques such as Principal Components Analysis and Linear Discriminant Analysis are explored. And automated machine learning is unpacked.This book is for intermediate-level data scientists and machine learning engineers who want to learn how to apply key big data frameworks and ML and DL frameworks. You will need prior knowledge of the basics of statistics, Python programming, probability theories, and predictive analytics.WHAT YOU WILL LEARN* Understand widespread supervised and unsupervised learning, including key dimension reduction techniques* Know the big data analytics layers such as data visualization, advanced statistics, predictive analytics, machine learning, and deep learning* Integrate big data frameworks with a hybrid of machine learning frameworks and deep learning frameworks* Design, build, test, and validate skilled machine models and deep learning models* Optimize model performance using data transformation, regularization, outlier remedying, hyperparameter optimization, and data split ratio alterationWHO THIS BOOK IS FORData scientists and machine learning engineers with basic knowledge and understanding of Python programming, probability theories, and predictive analyticsTSHEPO CHRIS NOKERI harnesses advanced analytics and artificial intelligence to foster innovation and optimize business performance. In his functional work, he has delivered complex solutions to companies in the mining, petroleum, and manufacturing industries. He initially completed a bachelor’s degree in information management. Afterward, he graduated with an Honours degree in business science at the University of the Witwatersrand on a TATA Prestigious Scholarship and a Wits Postgraduate Merit Award. They unanimously awarded him the Oxford University Press Prize.Chapter 1: Understanding Machine Learning and Deep Learning.- Chapter 2: Big Data Frameworks and ML and DL Frameworks.- Chapter 3: The Parametric Method – Linear Regression.- Chapter 4: Survival Regression Analysis.-Chapter 5:The Non-Parametric Method - Classification.- Chapter 6:Tree-based Modelling and Gradient Boosting.- Chapter 7: Artificial Neural Networks.- Chapter 8: Cluster Analysis using K-Means.- Chapter 9: Dimension Reduction – Principal Components Analysis.- Chapter 10: Automated Machine Learning.
Game Development with MonoGame
Create a polished game that includes many levels and fights using MonoGame. This book will show you how to add AI agents and 2D physics into your game, while improving the performance of the game engine. By the end of Game Development with MonoGame, you will have created a game worthy of being published.Over the course of this book, you will be exposed to advanced game development concepts such as scripting and AI as you improve the performance of the game engine with better memory management. You will learn how to create a level editor that you will use to build game levels. You will also pick up tips and tricks for adding polish to your game project by adding a camera system, layers, menus, and improving the game’s graphics using pixel shaders and better particle effects.Upon completing this book, you will have a clear understanding of the steps required to build a game from start to finish and what it takes to create a 2D game that could ultimately be published.WHAT YOU WILL LEARN* Write a performant 2D game engine* Script the behavior of game objects* Build and use a level editor for your game* Add a UI to your gameWHO IS THIS BOOK FORIntermediate to advanced C# developers with knowledge of MonoGame. Basic knowledge of how to install and use the 2D capabilities of MonoGame is required, along with knowledge on how to use the content pipeline tool.Louis Salin has been a developer for more than 15 years in a wide variety of fields, developing on Windows in the early days in C, C++, and eventually C#. He’s also worked as a developer on Linux-based web applications using different scripting languages such as Ruby and Python. His early love for coding comes from all the time he spent as a kid copying video games written in Basic from books borrowed from the library. He wrote his first game in high school and took many classes in computer graphics.Rami Morrar is a self-taught Game Developer with several years of development experience under his belt. Morrar spent his days as a young kid hacking his Nintendo Consoles with homebrew software. In his early adult years, he has delved into languages mostly found in the family of C Programming, such as C# and C++. He is a freelance technical writer who reviews games and writes tutorials on MonoGame. He is currently working on his own independent project in the framework as well.CHAPTER 1: PERFORMANCE IMPROVEMENTSSub -Topics• Memory management and Game Object pools• Avoiding stutter and frame rates deep diveCHAPTER 2: EXTENDING THE CONTENT PIPELINE TOOLSub – Topics• Adding our level definitions to the content pipeline tool• Adding animations to the content pipeline tool• Text translationsCHAPTER 3: IMPROVING GRAPHICS QUALITYSub - Topics:• Pixel shaders• Adding a camera to the game• Layering our game objectsCHAPTER 4: LEVEL EDITORSub - Topics:• Creating a level editor• Importing levels into the game• Adding boss levels• Making game levels flow seamlesslyCHAPTER 5: SCRIPTINGSub - Topics:• What is scripting and why is it useful?• What programming language to use for scripting?• Defining game object behavior outside of the code baseCHAPTER 6: AISub - Topics:• AI techniques in video games• Algorithms• Smart boss fightsCHAPTER 7: MENUS AND OVERLAYSSub - Topics:• Using overlays in the game to display menus• Pausing the game• Add gamepad supportCHAPTER 8: IMPROVING THE GAME WITH CURVESSub - Topics:• Morphing particles as they age• Curves and tweens• Aging particles in a non-linear way, along a curve• Adding non-linear acceleration/deceleration to game objectsCHAPTER 9: TYING IT ALL TOGETHERSub-Topics:• What we’ve done so far• Getting help• Collaborating with artists, composers, and level designers• Packaging the game
Artificial Intelligence For Dummies
FORGET FAR-AWAY DREAMS OF THE FUTURE. ARTIFICIAL INTELLIGENCE IS HERE NOW!Every time you use a smart device or some sort of slick technology—be it a smartwatch, smart speaker, security alarm, or even customer service chat box—you’re engaging with artificial intelligence (AI). If you’re curious about how AI is developed—or question whether AI is real—Artificial Intelligence For Dummies holds the answers you’re looking for. Starting with a basic definition of AI and explanations of data use, algorithms, special hardware, and more, this reference simplifies this complex topic for anyone who wants to understand what operates the devices we can’t live without.This book will help you:* Separate the reality of artificial intelligence from the hype * Know what artificial intelligence can accomplish and what its limits are * Understand how AI speeds up data gathering and analysis to help you make informed decisions more quickly * See how AI is being used in hardware applications like drones, robots, and vehicles * Know where AI could be used in space, medicine, and communication fields sooner than you think Almost 80 percent of the devices you interact with every day depend on some sort of AI. And although you don’t need to understand AI to operate your smart speaker or interact with a bot, you’ll feel a little smarter—dare we say more intelligent—when you know what’s going on behind the scenes. So don’t wait. Pick up this popular guide to unlock the secrets of AI today!JOHN MUELLER has produced hundreds of books and articles on topics ranging from networking to home security and from database management to heads-down programming. If he had a nickel for every time he is asked the question, “Is the terminator real?” (No!), he could have retired years ago.LUCA MASSARON is a data scientist who specializes in organizing and interpreting big data and turning it into smart data. He has over 20 years??? experience delivering data solutions to clients in a variety of industries. Introduction 1About This Book 2Icons Used in This Book 3Beyond the Book 4Where to Go from Here 5PART 1: INTRODUCING AI 7CHAPTER 1: INTRODUCING AI 9Defining the Term AI 10Discerning intelligence 10Discovering four ways to define AI 11Understanding the History of AI 17Starting with symbolic logic at Dartmouth 17Continuing with expert systems 18Overcoming the AI winters 19Considering AI Uses 20Avoiding AI Hype and Overestimation 21Defining the five tribes and the master algorithm 21Considering sources of hype 22Understanding user overestimation 23Connecting AI to the Underlying Computer 23CHAPTER 2: DEFINING THE ROLE OF DATA 25Finding Data Ubiquitous in This Age 26Understanding Moore’s implications 27Using data everywhere 28Putting algorithms into action 30Using Data Successfully 32Considering the data sources 32Obtaining reliable data 33Making human input more reliable 33Using automated data collection 35Collecting personal data ethically 35Manicuring the Data 37Dealing with missing data 37Considering data misalignments 38Separating useful data from other data 39Considering the Five Mistruths in Data 39Commission 40Omission 40Perspective 41Bias 42Frame of reference 43Defining the Limits of Data Acquisition 43Considering Data Security Issues 45Understanding purposefully biased data 45Dealing with data-source corruption 47Cancelling botnets with sinkholing 48CHAPTER 3: CONSIDERING THE USE OF ALGORITHMS 49Understanding the Role of Algorithms 50Understanding what algorithm means 50Planning and branching: Trees and nodes 52Extending the tree using graph nodes 53Traversing the graph 54Playing adversarial games 56Using local search and heuristics 57Discovering the Learning Machine 60Leveraging expert systems 61Introducing machine learning 64Touching new heights 64CHAPTER 4: PIONEERING SPECIALIZED HARDWARE 67Relying on Standard Hardware 68Understanding the standard hardware 68Describing standard hardware deficiencies 69Relying on new computational techniques 71Using GPUs 73Considering the von Neumann bottleneck 73Defining the GPU 74Considering why GPUs work well 75Working with Deep Learning Processors (DLPs) 76Defining the DLP 76Using the mobile Neural Processing Unit (NPU) 77Accessing the cloud-based Tenser Processing Unit (TPU) 78Creating a Specialized Processing Environment 78Increasing Hardware Capabilities 79Adding Specialized Sensors 80Devising Methods to Interact with the Environment 81PART 2: CONSIDERING THE USES OF AI IN SOCIETY 83CHAPTER 5: SEEING AI USES IN COMPUTER APPLICATIONS 85Introducing Common Application Types 86Using AI in typical applications 86Realizing AI’s wide range of fields 88Considering the Chinese Room argument 88Seeing How AI Makes Applications Friendlier 89Performing Corrections Automatically 91Considering the kinds of corrections 91Seeing the benefits of automatic corrections 92Understanding why automated corrections don’t work 92Making Suggestions 93Getting suggestions based on past actions 93Getting suggestions based on groups 93Obtaining the wrong suggestions 94Considering AI-based Errors 95CHAPTER 6: AUTOMATING COMMON PROCESSES 97Developing Solutions for Boredom 98Making tasks more interesting 98Helping humans work more efficiently 99Understanding how AI reduces boredom 100Considering how AI can’t reduce boredom 101Working in Industrial Settings 101Developing various levels of automation 102Using more than just robots 103Relying on automation alone 104Creating a Safe Environment 104Considering the role of boredom in accidents 104Using AI to avoid safety issues 105Understanding that AI can’t eliminate safety issues 105CHAPTER 7: USING AI TO ADDRESS MEDICAL NEEDS 107Implementing Portable Patient Monitoring 108Wearing helpful monitors 109Relying on critical wearable monitors 109Using movable monitors 110Making Humans More Capable 111Using games for therapy 111Considering the use of exoskeletons 113Addressing a Range of Physical Abilities 114Considering the software-based solutions 115Relying on hardware augmentation 116Seeing AI in prosthetics 116Completing Analysis in New Ways 117Relying on Telepresence 118Defining telepresence 118Considering examples of telepresence 118Understanding telepresence limitations 119Devising New Surgical Techniques 120Making surgical suggestions 120Assisting a surgeon 121Replacing the surgeon with monitoring 122Performing Tasks Using Automation 122Working with medical records 123Predicting the future 123Making procedures safer 124Creating better medications 124Combining Robots and Medical Professionals 125CHAPTER 8: RELYING ON AI TO IMPROVE HUMAN INTERACTION 127Developing New Ways to Communicate 128Creating new alphabets 129Working with emoji and other meaningful graphics 129Automating language translation 130Incorporating body language .131Exchanging Ideas 133Creating connections 133Augmenting communication 133Defining trends 134Using Multimedia 134Embellishing Human Sensory Perception 135Shifting data spectrum 135Augmenting human senses 136PART 3: WORKING WITH SOFTWARE-BASED AI APPLICATIONS 139CHAPTER 9: PERFORMING DATA ANALYSIS FOR AI 141Defining Data Analysis 142Understanding why analysis is important 144Reconsidering the value of data 145Defining Machine Learning 147Understanding how machine learning works 148Understanding the benefits of machine learning 149Being useful; being mundane 150Specifying the limits of machine learning 150Considering How to Learn from Data 152Supervised learning 153Unsupervised learning 154Reinforcement learning 154CHAPTER 10: EMPLOYING MACHINE LEARNING IN AI 155Taking Many Different Roads to Learning 156Discovering five main approaches to AI learning 156Delving into the three most promising AI learning approaches 159Awaiting the next breakthrough 160Exploring the Truth in Probabilities 160Determining what probabilities can do 162Considering prior knowledge 163Envisioning the world as a graph 166Growing Trees that Can Classify 170Predicting outcomes by splitting data 170Making decisions based on trees 172Pruning overgrown trees 174CHAPTER 11: IMPROVING AI WITH DEEP LEARNING 175Shaping Neural Networks Similar to the Human Brain 176Introducing the neuron 176Starting with the miraculous perceptron 176Mimicking the Learning Brain 179Considering simple neural networks 179Figuring out the secret is in the weights 180Understanding the role of backpropagation 182Introducing Deep Learning 182Explaining the differences between deep learning and other forms of neural networks 185Finding even smarter solutions 186Detecting Edges and Shapes from Images 188Starting with character recognition 189Explaining how convolutions work 190Advancing using image challenges 191Learning to Imitate Art and Life .193Memorizing sequences that matter 193Discovering the magic of AI conversations 194Going for the state of the pretrained art 196Making one AI compete against another AI 198Pondering reinforcement learning 201PART 4: WORKING WITH AI IN HARDWARE APPLICATIONS 207CHAPTER 12: DEVELOPING ROBOTS 209Defining Robot Roles 210Overcoming the sci-fi view of robots 211Being humanoid can be hard 214Working with robots 217Assembling a Basic Robot 220Considering the components 220Sensing the world 221Controlling a robot 222CHAPTER 13: FLYING WITH DRONES 223Acknowledging the State of the Art 224Flying unmanned to missions 224Meeting the quadcopter 226Defining Uses for Drones 227Seeing drones in nonmilitary roles 229Powering up drones using AI 233Understanding regulatory issues 234CHAPTER 14: UTILIZING THE AI-DRIVEN CAR 237Getting a Short History 238Understanding the Future of Mobility 239Climbing the six levels of autonomy 239Rethinking the role of cars in our lives 241Taking a step back from unmet expectations 244Getting into a Self-Driving Car 246Putting all the tech together 247Letting AI into the scene 249Understanding that it’s not just AI 249Overcoming Uncertainty of Perceptions 251Introducing the car’s senses 252Putting together what you perceive 254PART 5: CONSIDERING THE FUTURE OF AI 257CHAPTER 15: UNDERSTANDING THE NONSTARTER APPLICATION 259Using AI Where It Won’t Work 260Defining the limits of AI 260Applying AI incorrectly 263Entering a world of unrealistic expectations 264Considering the Effects of AI Winters 265Understanding the AI winter 265Defining the causes of the AI winter 265Rebuilding expectations with new goals 267Creating Solutions in Search of a Problem 269Defining a gizmo 269Avoiding the infomercial 270Understanding when humans do it better 271Looking for the simple solution 272CHAPTER 16: SEEING AI IN SPACE 273Observing the Universe 274Seeing clearly for the first time 274Finding new places to go 275Considering the evolution of the universe 276Creating new scientific principles 276Performing Space Mining 277Harvesting water 277Obtaining rare earths and other metals 278Finding new elements 279Enhancing communication 280Exploring New Places 280Starting with the probe 281Relying on robotic missions 282Adding the human element 283Building Structures in Space 284Taking your first space vacation 285Performing scientific investigation 285Industrializing space 286Using space for storage 286CHAPTER 17: ENGAGING IN HUMAN ENDEAVORS 287Keeping Human Beings Popular 288Living and Working in Space 289Creating Cities in Hostile Environments 290Building cities in the ocean 290Creating space-based habitats 291Constructing moon-based resources 293Making Humans More Efficient 294Fixing Problems on a Planetary Scale 296Contemplating how the world works 296Locating potential sources of problems 297Defining potential solutions 298Seeing the effects of the solutions 299Trying again 299PART 6: THE PART OF TENS 301CHAPTER 18: TEN OCCUPATIONAL CATEGORIES THAT AI CAN’T REPLACE 303Performing Human Interaction 304Teaching children 304Nursing 304Addressing personal needs 305Solving developmental issues 305Creating New Things 306Inventing 306Being artistic 307Imagining the unreal 307Making Intuitive Decisions 308Investigating crime 308Monitoring situations in real time 308Separating fact from fiction 309CHAPTER 19: TEN SUBSTANTIAL CONTRIBUTIONS OF AI TO SOCIETY 311Considering Human-Specific Interactions 312Devising the active human foot 312Performing constant monitoring 313Administering medications 313Developing Industrial Solutions 314Using AI with 3-D printing 314Advancing robot technologies 314Creating New Technology Environments 315Developing rare new resources 315Seeing what can’t be seen 316Working with AI in Space 316Delivering goods to space stations 316Mining extraplanetary resources 317Exploring other planets 318CHAPTER 20: TEN WAYS IN WHICH AI HAS FAILED 319Understanding 320Interpreting, not analyzing 321Going beyond pure numbers 321Considering consequences 322Discovering 322Devising new data from old 323Seeing beyond the patterns 323Implementing new senses 324Empathizing 324Walking in someone’s shoes 325Developing true relationships 325Changing perspective 326Making leaps of faith 326Index 327
Trust in Computer Systems and the Cloud
LEARN TO ANALYZE AND MEASURE RISK BY EXPLORING THE NATURE OF TRUST AND ITS APPLICATION TO CYBERSECURITYTrust in Computer Systems and the Cloud delivers an insightful and practical new take on what it means to trust in the context of computer and network security and the impact on the emerging field of Confidential Computing. Author Mike Bursell’s experience, ranging from Chief Security Architect at Red Hat to CEO at a Confidential Computing start-up grounds the reader in fundamental concepts of trust and related ideas before discussing the more sophisticated applications of these concepts to various areas in computing.The book demonstrates in the importance of understanding and quantifying risk and draws on the social and computer sciences to explain hardware and software security, complex systems, and open source communities. It takes a detailed look at the impact of Confidential Computing on security, trust and risk and also describes the emerging concept of trust domains, which provide an alternative to standard layered security.* Foundational definitions of trust from sociology and other social sciences, how they evolved, and what modern concepts of trust mean to computer professionals * A comprehensive examination of the importance of systems, from open-source communities to HSMs, TPMs, and Confidential Computing with TEEs. * A thorough exploration of trust domains, including explorations of communities of practice, the centralization of control and policies, and monitoring Perfect for security architects at the CISSP level or higher, Trust in Computer Systems and the Cloud is also an indispensable addition to the libraries of system architects, security system engineers, and master’s students in software architecture and security.MIKE BURSELL is CEO and co-founder of Profian, a Confidential Computing company. He holds multiple security patents, is a sought-after speaker at global technology conferences, and has contributed to major reports and security specifications for the European Telecommunications Standards Institute.Introduction xvCHAPTER 1 WHY TRUST? 1Analysing Our Trust Statements 4What Is Trust? 5What Is Agency? 8Trust and Security 10Trust as a Way for Humans to Manage Risk 13Risk, Trust, and Computing 15Defining Trust in Systems 15Defining Correctness in System Behaviour 17CHAPTER 2 HUMANS AND TRUST 19The Role of Monitoring and Reporting in Creating Trust 21Game Theory 24The Prisoner’s Dilemma 24Reputation and Generalised Trust 27Institutional Trust 28Theories of Institutional Trust 29Who Is Actually Being Trusted? 31Trust Based on Authority 33Trusting Individuals 37Trusting Ourselves 37Trusting Others 41Trust, But Verify 43Attacks from Within 43The Dangers of Anthropomorphism 45Identifying the Real Trustee 47CHAPTER 3 TRUST OPERATIONS AND ALTERNATIVES 53Trust Actors, Operations, and Components 53Reputation, Transitive Trust, and Distributed Trust 59Agency and Intentionality 62Alternatives to Trust 65Legal Contracts 65Enforcement 66Verification 67Assurance and Accountability 67Trust of Non-Human or Non-Adult Actors 68Expressions of Trust 69Relating Trust and Security 75Misplaced Trust 75CHAPTER 4 DEFINING TRUST IN COMPUTING 79A Survey of Trust Definitions in Computer Systems 79Other Definitions of Trust within Computing 84Applying Socio-Philosophical Definitions of Trust to Systems 86Mathematics and Trust 87Mathematics and Cryptography 87Mathematics and Formal Verification 89CHAPTER 5 THE IMPORTANCE OF SYSTEMS 93System Design 93The Network Stack 94Linux Layers 96Virtualisation and Containers: Cloud Stacks 97Other Axes of System Design 99“Trusted” Systems 99Trust Within the Network Stack 101Trust in Linux Layers 102Trust in Cloud Stacks 103Hardware Root of Trust 106Cryptographic Hash Functions 110Measured Boot and Trusted Boot 112Certificate Authorities 114Internet Certificate Authorities 115Local Certificate Authorities 116Root Certificates as Trust Pivots 119The Temptations of “Zero Trust” 122The Importance of Systems 125Isolation 125Contexts 127Worked Example: Purchasing Whisky 128Actors, Organisations, and Systems 129Stepping Through the Transaction 130Attacks and Vulnerabilities 134Trust Relationships and Agency 136Agency 136Trust Relationships 137The Importance of Being Explicit 145Explicit Actions 145Explicit Actors 149CHAPTER 6 BLOCKCHAIN AND TRUST 151Bitcoin and Other Blockchains 151Permissioned Blockchains 152Trust without Blockchains 153Blockchain Promoting Trust 154Permissionless Blockchains and Cryptocurrencies 156CHAPTER 7 THE IMPORTANCE OF TIME 161Decay of Trust 161Decay of Trust and Lifecycle 163Software Lifecycle 168Trust Anchors, Trust Pivots, and the Supply Chain 169Types of Trust Anchors 170Monitoring and Time 171Attestation 173The Problem of Measurement 174The Problem of Run Time 176Trusted Computing Base 177Component Choice and Trust 178Reputation Systems and Trust 181CHAPTER 8 SYSTEMS AND TRUST 185System Components 185Explicit Behaviour 188Defining Explicit Trust 189Dangers of Automated Trust Relationships 192Time and Systems 194Defining System Boundaries 198Trust and a Complex System 199Isolation and Virtualisation 202The Stack and Time 205Beyond Virtual Machines 205Hardware-BasedType 3 Isolation 207CHAPTER 9 OPEN SOURCE AND TRUST 211Distributed Trust 211How Open Source Relates to Trust 214Community and Projects 215Projects and the Personal 217Open Source Process 219Trusting the Project 220Trusting the Software 222CONTENTS XIIIXIV CONTENTSSupply Chain and Products 226Open Source and Security 229CHAPTER 10 TRUST, THE CLOUD, AND THE EDGE 233Deployment Model Differences 235What Host Systems Offer 237What Tenants Need 237Mutually Adversarial Computing 240Mitigations and Their Efficacy 243Commercial Mitigations 243Architectural Mitigations 244Technical Mitigations 246CHAPTER 11 HARDWARE, TRUST, AND CONFIDENTIAL COMPUTING 247Properties of Hardware and Trust 248Isolation 248Roots of Trust 249Physical Compromise 253Confidential Computing 256TEE TCBs in detail 261Trust Relationships and TEEs 266How Execution Can Go Wrong—and Mitigations 269Minimum Numbers of Trustees 276Explicit Trust Models for TEE Deployments 278CHAPTER 12 TRUST DOMAINS 281The Composition of Trust Domains 284Trust Domains in a Bank 284Trust Domains in a Distributed Architecture 288Trust Domain Primitives and Boundaries 292Trust Domain Primitives 292Trust Domains and Policy 293Other Trust Domain Primitives 296Boundaries 297Centralisation of Control and Policies 298CHAPTER 13 A WORLD OF EXPLICIT TRUST 301Tools for Trust 301The Role of the Architect 303Architecting the System 304The Architect and the Trustee 305Coda 307References 309Index 321
Java 17 Quick Syntax Reference
Quickly gain the insight necessary to address a multitude of Java coding challenges using this succinct reference guide, Java 17 Quick Syntax Reference, Third Edition. Short, focused code examples will help you learn and master various existing and new Java source code elements.This edition includes the following additions to Java SE and OpenJDK, through Java 17: Pattern matching for switch and instanceof, Sealed classes and interfaces, Switch expressions, Text block multiline strings, Java module system, Private methods in interfaces, and Type inference for local variables.You won’t find any technical jargon, bloated samples, drawn out history lessons or witty stories in this book. What you will find is a language reference that is concise, to the point and highly accessible. The book is packed with useful information and is a must-have for any Java programmer.WHAT YOU WILL LEARN* Run a Java file with a single command* * Learn what a switch expression is and how to use it* Use pattern matching* Code with Java modules* Create text blocks to handle multiline strings* Learn what sealed classes are and how to use these and moreWHO THIS BOOK IS FORThose with prior experience with Java who want a quick and handy reference. Mikael Olsson is a professional web entrepreneur, programmer, and author. He works for an R&D company in Finland where he specializes in software development. In his spare time he writes books and creates websites that summarize various fields of interest. The books he writes are focused on teaching their subject in the most efficient way possible, by explaining only what is relevant and practical without any unnecessary repetition or theory. 1. HelloWorld2. Compile and Run3. Variables4. Operators5. String6. Arrays7. Conditionals8. Loops9. Methods10. Class11. Stack12. Inheritance13. Overriding14. Packages15. Access Levels16. Constants17. Interface18. Abstract19. Enum20. Exception Handling21. Boxing and Unboxing22. Generics23. Modules
Go for Java Programmers
Get an in-depth introduction to the Go programming language and its associated standard runtime libraries. This book is targeted towards programmers that already know the Java programming language and uses that Java knowledge to direct the learning of Go. You will get a deep understanding of the Go language and obtain a good introduction to the extensive Go standard libraries.This book teaches Go through clear descriptions of Go features, contrasting them with similar Java features and via providing extensive code examples. After reading this book you will be knowledgeable enough about Go and its libraries to begin doing effective programming using the Go language.Go for Java Programmers is structured more like a tutorial than a reference document. It covers key features of Go, but not every little detail as a reference might. Its goal is to get you competent enough in Go and its runtime that you can begin to effectively write Go programs.WHAT YOU WILL LEARN* Examine the key Go Runtime libraries and how they compare to Java libraries* See when it is appropriate to use the Go language instead of the Java language* Read and understand programs written in Go* Write many programs in Go* Determine when Go is an appropriate language to develop applications in* Discover how the Go and Java languages and development experience compare and contrastWHO THIS BOOK IS FORPrimarily existing professional Java programmers or students that already know something about Java. A basic understanding of Java is expected. Some basic programming experience with imperative languages is expected.BARRY FEIGENBAUM has decades of software engineering experience. Over his career, he has worked for major industry-leading companies such as IBM and Amazon, and is currently at Dell where he is a Senior Principal Software Engineer. He has worked on mainframe and midrange servers and many applications for personal computers. He has developed software products in many key industry languages, such as assemblers for multiple hardware architectures, C/C++/C#, Python, JavaScript, Java and now Go. He has extensive experience in the full software development lifecycle. Most recently, he has committed himself to leading teams developing mission-critical microservices, most often written in Go, that operate in large clustered environments.He led the early development of the LAN support inside Microsoft Windows (he defined the SMB protocol that is the basis for both the CIFS and the SAMBA technologies). He has served as a software tester, developer and designer as well as a development team lead, architect and manger on multiple occasions. He was a key contributor as a developer, architect and manager to several releases of PC-DOS and OS/2. In these roles, he worked extensively with Microsoft on joint requirements, design, and implementation.Dr. Feigenbaum has a Ph. D. in Computer Engineering with a concentration in OO software design and other degrees in Electrical Engineering. He has published multiple articles in technical magazines and juried journals. He coauthored several books on IBM PC-DOS. He has spoken at numerous technical conferences, such as JavaOne. He has served on industry standard bodies. He taught multiple college level courses on data structures, software engineering and distributed software as an adjunct professor at several universities. He has over twenty issued US patents.He is married, has one son, and lives in Austin, TX.Part I: First look at GoChapter 1: A Brief Look at Go vs. JavaChapter 2: What Java has that Go does notChapter 3: A Deeper Comparison of Go and JavaPart 2: The Go LanguageChapter 4: Key Go AspectsChapter 5: Go Basic FeaturesChapter 6: Go TypesChapter 7: Errors and PanicsChapter 8: Go StatementsChapter 9: Applications for interfacesChapter 10: Go Unit Tests and BenchmarksChapter 11: Going into the FuturePart 3: Go Library SurveyChapter 12: Key Packages ComparisonChapter 13: Key Method/Function ComparisonChapter 14: Go Package SurveyChapter 15: SQL Database AccessChapter 16: Client and Server SupportChapter 17: Go RuntimeAppendix A. Installing GoAppendix B: Some Go FAQsAppendix C: Go Gotchas to look out forAppendix D: Mark-Sweep Pseudo-codeAppendix E: ASCII vs. UTF-8
Beginning Apache Spark 3
Take a journey toward discovering, learning, and using Apache Spark 3.0. In this book, you will gain expertise on the powerful and efficient distributed data processing engine inside of Apache Spark; its user-friendly, comprehensive, and flexible programming model for processing data in batch and streaming; and the scalable machine learning algorithms and practical utilities to build machine learning applications.Beginning Apache Spark 3 begins by explaining different ways of interacting with Apache Spark, such as Spark Concepts and Architecture, and Spark Unified Stack. Next, it offers an overview of Spark SQL before moving on to its advanced features. It covers tips and techniques for dealing with performance issues, followed by an overview of the structured streaming processing engine. It concludes with a demonstration of how to develop machine learning applications using Spark MLlib and how to manage the machine learning development lifecycle. This book is packed with practical examples and code snippets to help you master concepts and features immediately after they are covered in each section.After reading this book, you will have the knowledge required to build your own big data pipelines, applications, and machine learning applications.WHAT YOU WILL LEARN* Master the Spark unified data analytics engine and its various components* Work in tandem to provide a scalable, fault tolerant and performant data processing engine* Leverage the user-friendly and flexible programming model to perform simple to complex data analytics using dataframe and Spark SQL* Develop machine learning applications using Spark MLlib* Manage the machine learning development lifecycle using MLflowWHO THIS BOOK IS FORData scientists, data engineers and software developers.HIEN LUU has extensive experience in designing and building big data applications and machine learning infrastructure. He is particularly passionate about the intersection between big data and machine learning. Hien enjoys working with open source software and has contributed to Apache Pig and Azkaban. Teaching is also one of his passions, and he serves as an instructor at the UCSC Silicon Valley Extension school teaching Apache Spark. He has given presentations at various conferences such as Data+AI Summit, MLOps World, QCon SF, QCon London, Hadoop Summit, and JavaOne.Chapter 1: Introduction to Apache SparkChapter Goal: Provide an overview of Apache SparkNo of pages 15Sub -Topics1. Overview & history2. Spark concepts & architecture3. Spark Unified Stack4. Apache Spark applicationsChapter 2: Working with Apache SparkChapter Goal: Provide details about different ways of interacting with Apache SparkNo of pages: 35Sub - Topics1. Downloading and Installing Apache Spark2. Exploring Apache Spark using Spark shells3. Exploring Apache Spark using Databricks4. Exploring Apache Spark source codeChapter 3: Spark SQL - FoundationChapter Goal: Provide an overview to Spark SQL componentNo of pages: 60Sub - Topics1. Overview & architecture2. Introduction to DataFrames Structured APIs3. Reading & writing data with Spark SQL data sources4. Introduction to datasetsChapter 4: Spark SQL - AdvanceChapter Goal: Go over the advanced features in Spark SQLNo of pages : 50Sub - Topics:1. Working with aggregations2. Joining data3. Working with analytics functions4. Explore Spark SQL catalyst optimizerChapter 5: Optimizing Apache Spark ApplicationsChapter Goal: Go over tips and techniques for dealing with performance issuesNo of pages: 30Sub - Topics:1. Common performance issues2. Speed up performance by leveraging in-memory computation3. Understand the different support joins in Spark4. Leverage Spark UI to diagnose performance issueChapter 6: Structured Streaming - FoundationChapter Goal: Overview of Structured Streaming processing engineNo of pages: 50Sub - Topics:1. General streaming processing concepts2. Structured Streaming programming model3. Working with streaming data sources and sinks4. Understanding output modes and triggersChapter 7: Structured Streaming - AdvancedChapter Goal: Cover complex issues in streaming processingNo of pages: 40Sub - Topics:1. Streaming processing with event time2. Stateful streaming processing3. Handling duplicate data4. Monitoring streaming processing applicationsChapter 8: Machine Learning with Apache SparkChapter Goal: How to developing Machine Learning applications using Spark MLlibNo of pages: 60Sub - Topics:1. Machine learning overview2. Taking a tour of supported machine learning algorithms3. Building machine learning pipelines4. Machine learning tasks in action5. Parameters tuningChapter 9: Machine Learning Application Development w/ MLflowChapter Goal: Using MLflow to manage the Machine Learning development lifecycleNo of pages: 25Sub - Topics:1. Overview of MLflow2. Tracking machine learning development experiments3. Managing & deploying machine learning models4. Leveraging Spark for batch modeling predictions
Corporate Cybersecurity
CORPORATE CYBERSECURITYAN INSIDER’S GUIDE SHOWING COMPANIES HOW TO SPOT AND REMEDY VULNERABILITIES IN THEIR SECURITY PROGRAMSA bug bounty program is offered by organizations for people to receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities. Corporate Cybersecurity gives cyber and application security engineers (who may have little or no experience with a bounty program) a hands-on guide for creating or managing an effective bug bounty program. Written by a cyber security expert, the book is filled with the information, guidelines, and tools that engineers can adopt to sharpen their skills and become knowledgeable in researching, configuring, and managing bug bounty programs. This book addresses the technical aspect of tooling and managing a bug bounty program and discusses common issues that engineers may run into on a daily basis. The author includes information on the often-overlooked communication and follow-through approaches of effective management. Corporate Cybersecurity provides a much-needed resource on how companies identify and solve weaknesses in their security program. This important book:* Contains a much-needed guide aimed at cyber and application security engineers * Presents a unique defensive guide for understanding and resolving security vulnerabilities * Encourages research, configuring, and managing programs from the corporate perspective * Topics covered include bug bounty overview; program set-up; vulnerability reports and disclosure; development and application Security Collaboration; understanding safe harbor and SLAWritten for professionals working in the application and cyber security arena, Corporate Cybersecurity offers a comprehensive resource for building and maintaining an effective bug bounty program. JOHN JACKSON is a Cyber Security Professional, Hacker, and the founder of the Hacking Group: Sakura Samurai. He is skilled in the art of configuring, managing, and utilizing Application Security Tools and programs, and an effective leader in the Cyber Security space. His unique perspective as both an Engineer and a Security Researcher provides hands-on experience towards configuring programs in a way that both organizations and researchers can benefit.Foreword xiiiAcknowledgments xvPART 1 BUG BOUNTY OVERVIEW 11 THE EVOLUTION OF BUG BOUNTY PROGRAMS 31.1 Making History 31.2 Conservative Blockers 41.3 Increased Threat Actor Activity 41.4 Security Researcher Scams 51.5 Applications Are a Small Consideration 51.6 Enormous Budgetary Requirements 51.7 Other Security Tooling as a Priority 61.8 Vulnerability Disclosure Programs vs Bug Bounty Programs 61.8.1 Vulnerability Disclosure Programs 61.8.2 Bug Bounty Programs 71.9 Program Managers 71.10 The Law 71.11 Redefining Security Research 81.12 Taking Action 81.12.1 Get to Know Security Researchers 91.12.2 Fair and Just Resolution 91.12.3 Managing Disclosure 91.12.4 Corrections 91.12.5 Specific Community Involvement 9PART 2 EVALUATING PROGRAMS 112 ASSESSING CURRENT VULNERABILITY MANAGEMENT PROCESSES 132.1 Who Runs a Bug Bounty Program? 132.2 Determining Security Posture 132.3 Management 142.3.1 Software Engineering Teams 142.3.2 Security Departments (Security Operations, Fraud Prevention, Governance/Risk/Compliance, Edge Controls, Vulnerability Management, Endpoint Detection, and Response) 142.3.3 Infrastructure Teams 142.3.4 Legal Department 142.3.5 Communications Team 142.4 Important Questions 152.5 Software Engineering 152.5.1 Which Processes Are in Place for Secure Coding? Do the Software Engineers Understand the Importance of Mitigating the Risks Associated with Vulnerable Code? 152.5.2 How Effective Are Current Communication Processes? Will Vulnerabilities Be Quickly Resolved If Brought to Their Attention? 152.5.3 Is the Breadth of Our Enterprise’s Web and Mobile Applications Immense? Which Processes Are Engineers Using for Development in the Software Development Lifecycle? 162.6 Security Departments 162.6.1 How Does Security Operations Manage Incidents? Will Employee Assistance Be Provided from the Security Operations Team If a Threat Actor Manages to Exploit an Application Vulnerability? Which Tools Do They Have in Place? 162.6.2 What Does the Fraud Prevention Team Do to Prevent Malicious Activities? How Many Occurrences Do They See of Issues such as Account Takeover, and Could They Potentially Create Application Vulnerabilities? 162.6.3 Are There Any Compliance Practices in Place and, If So, How Do They Affect the Vulnerability Management Process? What Does the Application Security Team Have to Do to Assist in Enterprise Compliance? 172.6.4 What Edge Tooling is in Place to Prevent Attacks? Are Any of the Enterprise Applications at Risk of Being Exploited due to an IoT (Internet of Things) Device? 172.6.5 How Often Does Our Vulnerability Management Team Push for Updates? How Does the Vulnerability Management Team Ensure Servers in which Enterprise Applications Reside Are Secure? 172.7 Infrastructure Teams 172.7.1 What Are Infrastructure Teams Doing to Ensure Best Security Practices Are Enabled? How Long Will It Take the Infrastructure Team to Resolve a Serious Issue When a Server-side Web Application is Exploited, or During a Subdomain Takeover Vulnerability? 172.7.2 Is There Effective Communication between Infrastructure, Vulnerability Management, Security Operations, and Endpoint Detection and Response? 182.8 Legal Department 182.8.1 How Well Refined is the Relationship between the Application Security Team and the Legal Department? 182.8.2 What Criteria Are/Will Be Set Out for the Escalation of Issues? 182.8.3 Does the Legal Department Understand the Necessity of Bug Bounty Program Management? 182.9 Communications Team 182.9.1 Has the Communications Team Dealt with Security Researchers Before? is the Importance Understood? 182.9.2 Was the Communications Team Informed of Bug Bounty Program Expectations? 192.10 Engineers 192.11 Program Readiness 193 EVALUATING PROGRAM OPERATIONS 213.1 One Size Does Not Fit All 213.2 Realistic Program Scenarios 213.3 Ad Hoc Program 223.4 Note 243.5 Applied Knowledge 243.5.1 Applied Knowledge #1 243.5.1.1 Private Programs 253.5.2 Applied Knowledge #2 253.5.2.1 Public Programs 253.5.3 Applied Knowledge #3 263.5.3.1 Hybrid Models 263.6 Crowdsourced Platforms 273.7 Platform Pricing and Services 283.8 Managed Services 283.9 Opting Out of Managed Services 293.10 On-demand Penetration Tests 29PART 3 PROGRAM SETUP 314 DEFINING PROGRAM SCOPE AND BOUNTIES 334.1 What is a Bounty? 334.2 Understanding Scope 334.3 How to Create Scope 344.3.1 Models 344.4 Understanding Wildcards 344.4.1 Subdomain 354.4.2 Domain 354.4.3 Specific Domain Path or Specific Subdomain Path 354.5 Determining Asset Allocation 364.6 Asset Risk 374.7 Understanding Out of Scope 374.8 Vulnerability Types 384.8.1 Denial of Service (DOS) or Distributed Denial of Service (DDoS) Attacks 384.8.2 Social Engineering Attacks 384.8.3 Brute Force or Rate Limiting 384.8.4 Account and Email Enumeration 384.8.5 Self-XSS 394.8.6 Clickjacking 394.8.7 Miscellaneous 394.9 When is an Asset Really Out of Scope? 394.10 The House Wins – Or Does It? 404.11 Fair Judgment on Bounties 424.12 Post-mortem 434.13 Awareness and Reputational Damage 434.14 Putting It All Together 444.15 Bug Bounty Payments 444.15.1 Determining Payments 454.15.2 Bonus Payments 464.15.3 Nonmonetary Rewards 465 UNDERSTANDING SAFE HARBOR AND SERVICE LEVEL AGREEMENTS 495.1 What is “Safe Harbor”? 495.1.1 The Reality of Safe Harbor 495.1.2 Fear and Reluctance 495.1.3 Writing Safe Harbor Agreements 505.1.4 Example Safe Harbor Agreement 505.2 Retaliation against a Rogue Researcher (Cybercriminal or Threat/Bad Actor) 515.3 Service Level Agreements (SLAs) 525.3.1 Resolution Times 535.3.2 Triage Times 536 PROGRAM CONFIGURATION 556.1 Understanding Options 556.2 Bugcrowd 556.2.1 Creating the Program 556.2.2 Program Overview 616.2.2.1 The Program Dashboard 616.2.2.2 The Crowd Control Navbar 63Summary 63Submissions 63Researchers 64Rewards 65Insights Dashboard 65Reports 666.2.3 Advanced Program Configuration and Modification 666.2.3.1 Program Brief 666.2.3.2 Scope and Rewards 676.2.3.3 Integrations 726.2.3.4 Announcements 736.2.3.5 Manage Team 746.2.3.6 Submissions 756.2.4 Profile Settings 766.2.4.1 The Profile and Account 786.2.4.2 Security 786.2.4.3 Notification Settings 796.2.4.4 API Credentials 806.2.5 Enterprise “Profile” Settings 816.2.5.1 Management and Configuration 816.2.5.2 Organization Details 816.2.5.3 Team Members 816.2.5.4 Targets 816.2.5.5 Authentication 816.2.5.6 Domains 826.2.5.7 Accounting 836.3 HackerOne 846.3.1 Program Settings 856.3.1.1 General 856.3.1.2 Information 866.3.1.3 Product Edition 866.3.1.4 Authentication 876.3.1.5 Verified Domains 886.3.1.6 Credential Management 896.3.1.7 Group Management 896.3.1.8 User Management 906.3.1.9 Audit Log 916.3.2 Billing 926.3.2.1 Overview 926.3.2.2 Credit Card 926.3.2.3 Prepayment 926.3.3 Program 936.3.3.1 Policy 936.3.3.2 Scope 936.3.3.3 Submit Report Form 956.3.3.4 Response Targets 966.3.3.5 Metrics Display 976.3.3.6 Email Notifications 976.3.3.7 Inbox Views 986.3.3.8 Disclosure 986.3.3.9 Custom Fields 986.3.3.10 Invitations 996.3.3.11 Submission 1006.3.3.12 Message Hackers 1016.3.3.13 Email Forwarding 1026.3.3.14 Embedded Submission Form 1026.3.3.15 Bounties 1036.3.3.16 Swag 1036.3.3.17 Common Responses 1046.3.3.18 Triggers 1066.3.3.19 Integrations 1076.3.3.20 API 1076.3.3.21 Hackbot 1076.3.3.22 Export Reports 1086.3.3.23 Profile Settings 1086.3.4 Inbox 1086.3.4.1 Report Details 1096.3.4.2 Timeline 1096.4 Summary 110PART 4 VULNERABILITY REPORTS AND DISCLOSURE 1117 TRIAGE AND BUG MANAGEMENT 1137.1 Understanding Triage 1137.1.1 Validation 1137.1.2 Lessons Learned 1157.1.3 Vulnerability Mishaps 1157.1.4 Managed Services 1157.1.5 Self-service 1167.2 Bug Management 1167.2.1 Vulnerability Priority 1167.2.2 Vulnerability Examples 1177.2.2.1 Reflected XSS on a login portal 117Report and Triage 117Validation 1177.2.2.2 Open redirect vulnerability 117Report and Triage 117Validation 1187.2.2.3 Leaked internal Structured Query Language (SQL) server credentials 118Report and Triage 118Validation 1187.3 Answers 1187.3.1 Vulnerability Rating-test Summary 1197.3.1.1 Reflected XSS in a login portal 1187.3.1.2 Open redirect vulnerability 1187.3.1.3 Leaked internal SQL server credentials 1187.3.2 Complexity vs Rating 1197.3.3 Projected Ratings 1207.3.4 Ticketing and Internal SLA 1207.3.4.1 Creating Tickets 1208 VULNERABILITY DISCLOSURE INFORMATION 1238.1 Understanding Public Disclosure 1238.1.1 Making the Decision 1238.1.1.1 Private Programs 123The Bottom Line 1248.1.1.2 Public Programs 125The Bottom Line 1268.2 CVE Responsibility 1268.2.1 What are CVEs? 1268.2.2 Program Manager Responsibilities 1268.2.3 Hardware CVEs 1268.2.4 Software and Product CVEs 1288.2.5 Third-party CVEs 1288.3 Submission Options 1308.3.1 In-house Submissions 1308.3.2 Program Managed Submissions and Hands-off Submissions 1308.3.2.1 Program Managed Submissions 1308.3.2.2 Hands-off Submissions 131PART 5 INTERNAL AND EXTERNAL COMMUNICATION 1339 DEVELOPMENT AND APPLICATION SECURITY COLLABORATION 1359.1 Key Role Differences 1359.1.1 Application Security Engineer 1359.1.2 Development 1359.2 Facing a Ticking Clock 1369.3 Meaningful Vulnerability Reporting 1369.4 Communicating Expectations 1379.5 Pushback, Escalations, and Exceptions 1389.5.1 Internal steps 1389.5.2 External steps 1399.5.2 Escalations 1399.5.3 Summary 1409.6 Continuous Accountability 1419.6.1 Tracking 1419.6.2 Missed Deadlines 14110 HACKER AND PROGRAM INTERACTION ESSENTIALS 14310.1 Understanding the Hacker 14310.1.1 Money, Ethics, or Both? 14310.1.2 Case Study Analysis 14510.2 Invalidating False Positives 14510.2.1 Intake Process and Breaking the News 14510.2.2 Dealing with a Toxic Hacker 14710.3 Managed Program Considerations 14710.4 In-house Programs 14810.5 Blackmail or Possible Threat Actor 15110.6 Public Threats or Disclosure 15110.7 Program Warning Messages 15310.8 Threat Actor or Security Researcher? 15310.9 Messaging Researchers 15510.9.1 Security Researcher Interviews 15510.9.2 Bug Bounty Program Manager Interviews 15910.10 Summary 164PART 6 ASSESSMENTS AND EXPANSIONS 16511 INTERNAL ASSESSMENTS 16711.1 Introduction to Internal Assessments 16711.2 Proactive Vs Reactive Testing 16711.3 Passive Assessments 16811.3.1 Shodan 16811.3.1.1 Using Shodan 16811.3.2 Amass/crt.sh 17111.3.2.1 Amass 17211.3.2.2 crt.sh 17311.4 Active Assessments 17311.4.1 nmapAutomator.sh 17311.4.2 Sn1per 17511.4.3 Owasp Zap 17511.4.4 Dalfox 17711.4.5 Dirsearch 17911.5 Passive/Active Summary 18011.6 Additional Considerations: Professional Testing and Third-Party Risk 18012 EXPANDING SCOPE 18112.1 Communicating with the Team 18112.2 Costs of Expansion 18212.3 When to Expand Scope 18212.4 Alternatives to Scope Expansion 18312.5 Managing Expansion 18313 PUBLIC RELEASE 18513.1 Understanding the Public Program 18513.2 The “Right” Time 18513.3 Recommended Release 18613.3.1 Requirements 18613.4 Rolling Backwards 18613.5 Summary 187Index 189
Data Science anwenden
Dieses Buch bietet einen Einstieg in das Thema Data Science auf Basis der visuellen Aufbereitung von Daten. Es hat ethische Betrachtungen in der digitalen Transformation zum Gegenstand und stellt ein Prozessrahmenwerk für die Bewertung von Technologien vor. Außerdem erläutert es Besonderheiten und Erkenntnisse zum Scheitern von Data-Science-Projekten und stellt Empfehlungssysteme unter Berücksichtigung aktueller Entwicklungen vor. Funktionalität zu Machine Learning in Werkzeugen zu Business Analytics wird verglichen und der Einsatz eines Vorgehensmodells für Data Science aufgezeigt.Die Integration erneuerbarer Energien am Beispiel von Photovoltaikanlagen, ein effizienterer Umgang mit Wärmeenergie, wissenschaftliche Literaturauswertung, Kundenzufriedenheit in der Automobilindustrie und ein Framework für die Analyse von Fahrzeugdaten dienen als Anwendungsbeispiele für den konkreten Einsatz von Data Science. Das Buch bietet wichtige Informationen, die für Praktiker ebenso relevant sind wie für Studierende und Lehrende.PROF. DR. THOMAS BARTON ist Professor an der Hochschule Worms. Seine Schwerpunkte liegen in den Bereichen Entwicklung betrieblicher Anwendungen, E-Business, Cloud Computing und Data Science.PROF. DR. CHRISTIAN MÜLLER ist Professor an der Technischen Hochschule Wildau. Seine Schwerpunkte liegen in den Bereichen Operations Research, Simulation von Geschäftsprozessen und Internet-Technologien.Einleitung - Einführung in Data Science - Systeme, Werkzeuge und Methoden - Anwendungen
Artificial Neural Networks with Java
Develop neural network applications using the Java environment. After learning the rules involved in neural network processing, this second edition shows you how to manually process your first neural network example. The book covers the internals of front and back propagation and helps you understand the main principles of neural network processing. You also will learn how to prepare the data to be used in neural network development and you will be able to suggest various techniques of data preparation for many unconventional tasks.This book discusses the practical aspects of using Java for neural network processing. You will know how to use the Encog Java framework for processing large-scale neural network applications. Also covered is the use of neural networks for approximation of non-continuous functions. In addition to using neural networks for regression, this second edition shows you how to use neural networks for computer vision. It focuses on image recognition such as the classification of handwritten digits, input data preparation and conversion, and building the conversion program. And you will learn about topics related to the classification of handwritten digits such as network architecture, program code, programming logic, and execution.The step-by-step approach taken in the book includes plenty of examples, diagrams, and screenshots to help you grasp the concepts quickly and easily.WHAT YOU WILL LEARN* Use Java for the development of neural network applications* Prepare data for many different tasks* Carry out some unusual neural network processing* Use a neural network to process non-continuous functions* Develop a program that recognizes handwritten digitsWHO THIS BOOK IS FORIntermediate machine learning and deep learning developers who are interested in switching to JavaIGOR LIVSHIN is a senior specialist at Dev Technologies Corp, specializing in developing neural network applications. He worked previously as a senior J2EE architect at two large insurance companies: Continental Insurance and Blue Cross & Blue Shield of Illinois, developing large-scale enterprise applications. Igor published his first book, WebSphere Studio Application Developer 5.0 (Apress), in 2003. He has a master’s degree in computer science from the Institute of Technology in Odessa, Russia/Ukraine.Part One. Getting Started with Neural NetworksChapter 1. Learning Neural NetworkChapter Goal: This chapter introduces you with the Artificial Intelligence Neural NetworksSub-TopicsBiological and artificial neuronsActivation functionsSummaryChapter 2. Internal Mechanism of Neural Network ProcessingChapter Goal: The chapter explores the inner machinery of neural network processingSub-TopicsFunction to be approximatedNetwork architectureForward pass calculationsBack-propagation pass calculationsFunction derivative and function divergentTable of most commonly used function derivativesSummaryChapter 3. Manual Neural Network ProcessingChapter Goal: Manual neural network processingSub-TopicsExample 1. Manual approximation of a function at a single pointBuilding the neural networkForward pass calculationBackward pass calculationCalculating weight adjustments for the output layer neuronsCalculating weight adjustments for the hidden layer neuronsUpdating network biasesBack to the forward passMatrix form of network calculationDigging deeperMini-batches and stochastic gradientSummaryPart Two. Neural Network Java Development EnvironmentChapter 4. Configuring Your Development EnvironmentChapter Goal: Explain how to download and install a set of tools necessary for building, debugging, testing, and executing neural network applications.Sub-TopicsInstalling Java 8 environment on your Windows machineInstalling NetBeans IDEInstalling Encog Java frameworkInstalling XChart PackageSummaryChapter 5. Neural Network Development Using Java EncogFrameworkChapter Goal: Using Java Encog framework.Sub-TopicsExample 2. Function approximation using Java environmentNetwork architectureNormalizing the input datasetsBuilding the Java program that normalizes both datasetsProgram codeDebugging and executing the program Processing results for the training methodTesting the networkTesting resultsDigging deeperSummaryChapter 6. Neural Network Prediction Outside of the Training RangeChapter Goal: Neural network is not a function extrapolation mechanism.Sub-TopicsExample 3a. Approximating periodic functions outside of the training rangeNetwork architecture for example 3aProgram code for example 3aTesting the networkExample 3b. Correct way of approximating periodic functions outside of the training rangePreparing the training dataNetwork architecture for the example 3bProgram code for example 3bTraining results for example 3bTesting results for example 3bSummaryChapter 7. Processing Complex Periodic FunctionsChapter Goal: Approximation of the complex periodic functionSub-TopicsExample 4. Approximation of a complex periodic functionData preparationReflecting function topology in dataNetwork architectureProgram codeTesting the networkDigging deeperSummaryChapter 8. Approximating Non-Continuous FunctionsChapter Goal: This chapter introduced the micro-batch method that is able to approximate any non-continuous function with high precision results.Sub-TopicsExample 5. Approximating non-continuous functionsApproximating non-continuous function using conventional network process . . . . . . .Network architectureProgram codeCode fragments for the training processUnsatisfactory training resultsApproximating the non-continuous function using micro-bach methodProgram code for micro-batch processingProgram Code for the getChart() methodCode fragment 1 of the training methodCode fragment 2 of the training methodTraining results for micro-batch methodTest processing logicTesting results for micro-batch methodDigging deeperSummaryChapter 9. Approximation Continuous Functions with Complex TopologyChapter Goal: Neural network has problem approximating continuous functions with complex topology. It is very difficult to obtain a good quality approximation for such functions. This chapter showed that the micro-batch method is able to approximate such functions with high precision results.Sub-TopicsExample 5a. Approximation of continuous function with complex topologyNetwork architecture for example 5aProgram code for example 5aTraining processing results for example 5aApproximation of continuous function with complex topology using micro-batch methodProgram code for example 5a using micro-batch methodExample 5b. Approximation of spiral-like functionsNetwork architecture for example 5bProgram Code for example 5bApproximation of the same functions using micro-batch methodSummaryChapter 10. Using Neural Network for Classification of ObjectsChapter Goal: Show how to use neural networks for classification of objectsSub-TopicsExample 6. Classification of recordsTraining datasetNetwork architecture Testing datasetProgram code for data normalizationProgram code for classificationTraining resultsTesting resultsSummaryChapter 11. Importance of Selecting the Correct ModelChapter Goal: Explained the importance of selecting a correct working modelSub-TopicsExample 7. Predicting next month stock market priceData preparationIncluding function topology in the datasetBuilding micro-batch filesNetwork architectureProgram codeTraining processTraining resultsTesting processTest processing logicTesting resultsAnalyzing testing results SummaryChapter 12. Approximation of Functions in 3-D SpaceChapter Goal: Using neuron network for approximation of functions in 3-D space.Sub-TopicsExample 8. Approximation of functions in 3-D spaceData preparation Network architectureProgram codeProcessing resultsSummaryPart Three. Introduction to Computer VisionChapter 13. Image RecognitionChapter Goal: introduction to the computer vision - the branch of Artificial IntelligenceSub-TopicsClassification of handwritten digitsInput data preparationInput data conversionBuilding the conversion programSummaryChapter 14. Classification of Handwritten DigitsChapter Goal: Developed a program able to recognize (classify) handwritten digitsSub-TopicsNetwork architectureProgram codeProgramming logicExecutionSummary
Is AI Good for the Planet?
Artificial intelligence (AI) is presented as a solution to the greatest challenges of our time, from global pandemics and chronic diseases to cybersecurity threats and the climate crisis. But AI also contributes to the climate crisis by running on technology that depletes scarce resources and by relying on data centres that demand excessive energy use.Is AI Good for the Planet? brings the climate crisis to the centre of debates around AI, exposing its environmental costs and forcing us to reconsider our understanding of the technology. It reveals why we should no longer ignore the environmental problems generated by AI. Embracing a green agenda for AI that puts the climate crisis at centre stage is our urgent priority.Engaging and passionately written, this book is essential reading for scholars and students of AI, environmental studies, politics, and media studies and for anyone interested in the connections between technology and the environment.BENEDETTA BREVINi is a journalist and Associate Professor in the Department of Media and Communications at the University of Sydney.AcknowledgementsIntroductionChapter One: Defining AI: beyond the HypeChapter Two: Controlling AI: understanding data capitalismChapter Three: Why AI worsens the Climate CrisisConclusion: AI and the Climate Crisis: what we can do about itNotesReferencesIndex
Web Data APIs for Knowledge Graphs
THIS BOOK DESCRIBES A SET OF METHODS, ARCHITECTURES, AND TOOLS TO EXTEND THE DATA PIPELINE AT THE DISPOSAL OF DEVELOPERS WHEN THEY NEED TO PUBLISH AND CONSUME DATA FROM KNOWLEDGE GRAPHS (GRAPH-STRUCTURED KNOWLEDGE BASES THAT DESCRIBE THE ENTITIES AND RELATIONS WITHIN A DOMAIN IN A SEMANTICALLY MEANINGFUL WAY) USING SPARQL, WEB APIS, AND JSON. To do so, it focuses on the paradigmatic cases of two middleware software packages, grlc and SPARQL Transformer, which automatically build and run SPARQL-based REST APIs and allow the specification of JSON schema results, respectively.The authors highlight the underlying principles behind these technologies—query management, declarative languages, new levels of indirection, abstraction layers, and separation of concerns—, explain their practical usage, and describe their penetration in research projects and industry.The book, therefore, serves a double purpose: to provide a sound and technical description of tools and methods at the disposal of publishers and developers to quickly deploy and consume Web Data APIs on top of Knowledge Graphs; and to propose an extensible and heterogeneous Knowledge Graph access infrastructure that accommodates a growing ecosystem of querying paradigms.* Foreword by Tobias Kuhn* Preface* Acknowledgments* Knowledge Graphs of Linked Data* Accessing Knowledge Graphs Programmatically* Shaping JSON Results: SPARQL Transformer* Applications* Conclusion and Future Challenges* Bibliography* Authors' Biographies
Spring Boot with React and AWS
Create and deploy full-stack Spring Boot applications with React and AWS. This practical and authoritative guide teaches you the fundamentals of Amazon Web Services with no prior experience.You will start by learning the fundamentals of AWS, including EC2, S3, IAM, and load balancer. Next, you will learn to deploy a Spring Boot REST API to AWS with Elastic Beanstalk, which will give you the ability to build and deploy a Spring Boot application. You will explore the RDS relational database and create an instance of a MySQL database in AWS with RDS.You will then deploy a Spring Boot application to MySQL in AWS and deploy a full-stack Spring Boot React application to AWS using Elastic Beanstalk and S3. Lastly, you will be introduced to ELB, CloudWatch, and Route 53. By the end of this book you will understand full-stack Spring Boot React applications and their deployment. If you prefer "learning by coding" then Spring Boot with React and AWS is the book for you.WHAT YOU'LL LEARN* Review the fundamentals of Amazon Web Services* Install a Spring Boot REST API with CRUD operation to AWS using AWS Elastic Beanstalk* Deploy a full-stack Spring Boot React application to AWS using AWS Elastic Beanstalk and S3* Work with MySQL as a database in AWS using RDS* Use Spring Boot with React and AWSWHO THIS BOOK IS FORIdeal for readers who have some programming experience with Java, Spring Boot, and React, and who now want to deploy a full-stack Spring Boot React application to AWS using AWS Elastic Beanstalk and S3.Ravi Kant Soni is a Principal Full Stack Engineer with 11+ years of IT experience and is an AWS Certified Solutions Architect. Ravi has worn many hats throughout his tenure, ranging from software development, software design, systems architecture, application programming, and automation testing. Ravi has a Bachelor’s degree in Information Science and Engineering from Reva University, Bangalore; and schooling from Bal Vikash Vidyalaya, Sasaram, and Bihar (India). He is the author of Full Stack AngularJS for Java Developers (Apress, 2018), Spring: Developing Java Applications for the Enterprise (Packt, 2017), and Learning Spring Application Development (Packt, 2015). He is also an Esteemed Member of the BOS (Board of Studies) – School of Computing and IT, at Reva University, Bangalore.Namrata Soni is a self-taught web application developer who has been a Web Application Developer since the early years of 2018, with a passion for beautiful and interactive UIs. She has a degree in Computer Science from SISTEC, Bhopal; and schooling from Bal Vikash Vidyalaya, Sasaram, and Bihar (India). She loves clean and well-tested code. She is a big fan of open-source and always tries to learn something new. Currently, she is working with React and NodeJS, crafting modern JavaScript applications.Chapter 1: An Introduction to Amazon Web ServicesCHAPTER GOAL: An Introduction of Amazon Web Service (AWS). And, then we will be creating a Free AWS Account for Developer. We explore AWS Elastic Beanstalk and will create a server. Then, we create HelloWorld JSP application. We will build a WAR file with Maven and upload WAR to AWS Elastic Beanstalk.NO OF PAGES 35SUB -TOPICS1. Introduction to Amazon Web Service2. Create a Free AWS Account for Developer3. Explore and Create an AWS Elastic Beanstalk Server4. Create HelloWorld JSP App, Build WAR with Maven, and Upload WAR to Elastic Beanstalk5. SummaryChapter 2: Deploying Spring Boot Application as REST API in AWSCHAPTER GOAL: Creation of Java Spring Boot Application as REST API with Swagger in Local. And, then we test REST API in Local. We build jar for Spring Boot Application and deploy JAR in AWS Elastic Beanstalk. Then, we will explore AWS environment logs of Spring Boot Application.NO OF PAGES: 35SUB - TOPICS1. Create a Spring Boot Application as REST API with Swagger in Local2. Test Spring Boot Application as REST API in Local3. Build jar for Spring Boot Application as REST API4. Deploy Spring Boot Application as REST API in AWS Elastic Beanstalk5. Explore Logs from AWS Beanstalk6. SummaryChapter 3: Deploying MySQL as Database in AWS with RDSCHAPTER GOAL: In this chapter, we introduce Relational Database Service in AWS with RDS. Then, we create an Instance of MySQL Database in AWS, and configure Database. We create tables inside MySQL DatabaseNO OF PAGES : 25Sub - Topics:1. Overview of MySQL Relational Database Service in AWS with RDS2. Create an Instance of RDS Database in AWS3. Configure Database4. Create tables inside Database5. SummaryChapter 4: Deploying Spring Boot Application Talking to MySQL in AWSCHAPTER GOAL: An overview of CRUD operation in Spring Boot Application. We create RDS profile for Spring Boot Application talking to MySQL. We setup Spring Boot Application to connect to RDS relational Database. We deploy WAR to AWS Elastic Beanstalk and test AWS deployment of Spring Boot application to perform CRUD operation. And, we explore AWS environment logs of Spring Boot Application.NO OF PAGES: 40SUB - TOPICS:1. An Overview of CRUD operation in Spring Boot Application2. Create RDS profile for Spring Boot Application3. Code Review of Spring Boot Application talking to MySQL4. Setting up Spring Boot Application to connect to RDS Database5. Deploy Spring Boot CRUD Application WAR to AWS Elastic Beanstalk6. Testing Spring Boot Application AWS Deployment7. Exploring Environment logs of Spring Boot Application in AWS8. SummaryChapter 5: Deploying Full Stack Spring Boot React Application in AWS and S3CHAPTER GOAL: Explore Full Stack Spring Boot React Application. We develop and Run React as Frontend application in local. First we deploy Spring Boot REST API as Backend application to AWS Elastic Beanstalk. Then we build React Code as Frontend application for AWS deployment. Also, we introduce S3 as Simple Storage Service in AWS.NO OF PAGES: 35SUB - TOPICS:1. Explore Full Stack Spring Boot React Application2. Develop and Run React as Frontend Application in Local3. Deploy Spring Boot REST API as Backend Application to AWS Elastic Beanstalk4. Build React Code as Frontend Application for AWS Deployment5. Introduction to S3 – Simple Storage Service in AWS6. Deploy React Frontend to AWS S3 – Hosting Static Website7. SummaryAppendix A: Installing MySQL Workbench on WindowsNO OF PAGES: 10Appendix B: AWS Command Line Interface CLICHAPTER GOAL:NO OF PAGES: 10
Pro Data Visualization Using R and JavaScript
Use R 4, RStudio, Tidyverse, and Shiny to interrogate and analyze your data, and then use the D3 JavaScript library to format and display that data in an elegant, informative, and interactive way. You will learn how to gather data effectively, and also how to understand the philosophy and implementation of each type of chart, so as to be able to represent the results visually.With the popularity of the R language, the art and practice of creating data visualizations is no longer the preserve of mathematicians, statisticians, or cartographers. As technology leaders, we can gather metrics around what we do and use data visualizations to communicate that information. Pro Data Visualization Using R and JavaScript combines the power of the R language with the simplicity and familiarity of JavaScript to display clear and informative data visualizations.Gathering and analyzing empirical data is the key to truly understanding anything. We can track operational metrics to quantify the health of our products in production. We can track quality metrics of our projects, and even use our data to identify bad code. Visualizing this data allows anyone to read our analysis and easily get a deep understanding of the story the data tells. This book makes the R language approachable, and promotes the idea of data gathering and analysis mostly using web interfaces.WHAT YOU WILL LEARN* Carry out data visualization using R and JavaScript* Use RStudio for data visualization * Harness Tidyverse data pipelinesApply D3 and R Notebooks towards your data * Work with the R Plumber API generator, Shiny, and moreWHO THIS BOOK IS FORProgrammers and data scientists/analysts who have some prior experience with R and JavaScript.Tom Barker is an engineer, a professor and an author. Currently he is Sr Manager of Web Development at Comcast, and an instructor at Philadelphia University. He has authored several books on web development including Pro JavaScript Performance: Monitoring and Visualization, and Pro Data Visualization with JavaScript and R.Matthew Campbell has worked on data visualization and dashboards with a data science team using RStudio. He got his start with technology after college when he learned SAS to do statistical programming at the Educational Testing Service (ETS). Learning this programming language kicked off a lifelong obsession with technology.1. Exploring Data Visualization2. RStudio3. Tidyverse Data Pipelines4. Data Visualization with D35. Comparing Groups with Bar Charts6. Correlation Analysis with Scatter Plots7. Datetime Trend Data with Line Charts8. Visual Presentations with D3 and R Notebooks9. Interactive Dashboards with D3 and Shiny10. Visualization on the Web with D3 and R Plumber API Generator
Practical Svelte
Learn to leverage the power of Svelte to produce web applications that are efficient and fast. This project-oriented book simplifies creating sites using Svelte from start to finish, with little more than a text editor and familiar languages such as HTML, CSS, and JavaScript. It equips you with a starting toolset that you can use to develop future projects, incorporate into your existing workflow, and allow you to take your websites to the next level.Practical Svelte is an excellent resource for getting acquainted with creating and manipulating websites or online applications using a component framework approach. It takes the view that we don’t have to create something complex and unwieldy. We can build something quickly, using less code than some of its competitors, and extend it using the power of the API and plugins over time, without sacrificing speed or features.You will learn how to use the Svelte framework to rapidly create and deploy websites or online applications that are performant, with the minimum of fuss and using existing tools already available in the browser, get up to speed with individual features of the Svelte framework, and work through a series of small projects that will combine to produce a finished site at the end of the book – this to help consolidate skills from day one and create something that you can use as a basis for future projects.WHAT YOU WILL LEARN* Understand why Svelte’s popularity makes it the go-to framework for constructing applications* Learn how to scaffold and implement web sites or online applications using Svelte* Create reusable components using Svelte that are interoperable with other frameworks and can solve real-world problems* Perform automated testing and deployment using tools such as CI/CD testing * Work through some mini projects from start to finish, understanding what we can achieve using Svelte and where we may need to bring other tools into playWHO THIS BOOK IS FORWebsite developers who are already familiar with JavaScript, CSS, and HTML and are keen to learn how to leverage the Svelte component framework to quickly create web sites or online applications with little more than a text editor. It’s perfect for development teams who do not want to follow the mold and use a credible alternative to React or Angular.Alex Libby is a frontend engineer and seasoned computer book author who hails from England. His passion for all things Open Source dates back to the days of his degree studies, where he first came across web development and has been hooked ever since. His daily work involves extensive use of React, NodeJS, JavaScript, HTML, and CSS; Alex enjoys tinkering with different open source libraries to see how they work. He has spent a stint maintaining the jQuery Tools library and enjoys writing about Open Source technologies, principally for front end UI development.INTRODUCTION (2 PAGES)CHAPTER 1: GETTING STARTED – 20 PAGES1. Setting up our development environment – Git, Git repository, Svelte, editor, etc2. Exploring the basic principles of using Svelte – a primer only: enough to give beginners something to work on3. Setting up the starting site for the book4. Reviewing the changes made5. Setting the background for this bookCHAPTER 2: CREATING COMPONENTS – 30 PAGES1. Understanding the makeup of components2. Creating some examples3. Publishing examples4. X5. Adding functionality to the frontend demoCHAPTER 3: MANAGING STATE AND DATA – 30 PAGES1. Passing and setting values in code2. Exploring the world of props3. Creating and maintaining Svelte stores4. X5. Adding functionality to the frontend demoCHAPTER 4: CONTROLLING LOGIC – 30 PAGES1. Creating if-else conditions2. Working through some examples3. X4. X5. Adding functionality to the frontend demoCHAPTER 5: MANAGING EVENTS – 35 PAGES1. The theory of reactivity – updating the DOM2. Different event types – which to choose?3. X4. X5. Adding functionality to the frontend demoCHAPTER 6: BINDING ELEMENTS – 30 PAGES1. Creating forms in Svelte2. Binding and managing events3. Catering for different form elements4. Managing context5. Adding functionality to the frontend demoCHAPTER 7: ADDING STYLES – 20 PAGES1. Understanding styling in Svelte2. Inlining or external?3. Taking it further – using a style preprocessor4. Applying themes – using a plugin or manually5. Adding functionality to the frontend demoCHAPTER 8: UNIT TESTING AND SVELTE – 30 PAGES1. Deciding our strategy2. Setting up testing environment3. Creating example tests4. Assessing the outcome5. Applying principles to our projectCHAPTER 9: DEPLOYING SVELTE – 30 PAGES1. Debugging Svelte2. Understanding the deployment process3. Setting up the hosting provider4. Deploying content to production5. Bonus – applying a domain nameCHAPTER 10: WORKING WITH EXTERNAL LIBRARIES – 30 PAGES1. Exploring example libraries2. Working client-side v. server-side – watch out!3. Adding Stripe to our frontend site project4. Reviewing the changes made5. What about React?CHAPTER 11: ANIMATING SVELTE – 30 PAGES1. Auditing the site – how could we use animation?2. A quick review of types of animation options3. Working through some examples4. Creating custom animations5. Using Svelte libraries6. Applying animation to our frontend projectCHAPTER 12: ADAPTING FOR SAPPER – 20 PAGES1. Introducing Sapper2. Setting up a Sapper site3. Exploring the structure of a Sapper site4. Migrating our frontend project to SapperAPPENDIX: API REFERENCE (15 PAGES) – ITS INCLUSION TO BE CONFIRMEDThis section will cover guidance on where to seek help when using Svelte if needed and how to debug Svelte
Java Programmieren für Einsteiger
Wie Sie als Einsteiger praxisnah und einfach Java programmieren lernen!- inkl. kostenfreien Zugang zur E-Book Version (PDF) –Egal ob für Ihr Studium, Ihren Beruf, bessere Jobmöglichkeiten und Karrierechancen, oder Ihr Hobby: Mithilfe dieses Buches werden Sie auch ohne Vorkenntnisse alle wichtigen Programmiergrundlagen Schritt für Schritt erlernen und Ihr Wissen in Java vertiefen. Somit erschaffen Sie sich ein solides Fundament und sammeln erste wichtige Erfahrungen für die Praxis, um im Anschluss Ihre eigenen Programme, Anwendungen, Apps und Spiele mit Java programmieren zu können.Da die Programmiersprache Java sich bereits seit langer Zeit als eine zentrale Programmiersprache etabliert hat, werden damit Smartphone-Apps für Android, Computerprogramme und Spiele programmiert. Somit lernen Sie mit diesem Buch eine sehr beliebte Allrounder-Sprache, die Ihnen viele Möglichkeiten liefert und dabei trotzdem relativ leicht zu erlernen ist.Von Datenstrukturen, mathematischen und logischen Operatoren über Kontrollstrukturen, Textverarbeitung bis hin zur rekursiven und objektorientierten Programmierung erwartet Sie alles Notwendige in diesem Buch, damit Sie erfolgreich programmieren lernen und Ihre eigenen Anwendungen mit Java schreiben können!Im Detail erwarten Sie folgende Inhalte:-Schritt für Schritt Anleitungen, damit Sie direkt mit dem Programmieren starten können-alle Grundlagen, damit Sie auch ohne Vorerfahrung erfolgreich programmieren lernen-objektorientierte Programmierung mit Java, damit Sie eigene Anwendungen schreiben können-Exception Handling, damit Sie Fehlerquellen schnell erkennen und so reibungslos programmieren können-Übungen nach jedem Kapitel, damit Sie Ihr Wissen optimal für die Praxis vorbereiten können-zahlreiche Beispiele, Tipps und Tricks, damit Ihnen programmieren noch einfacher fälltIch freue mich darauf, mich mit Ihnen gemeinsam auf die spannende Reise in die Programmierwelt mit Java zu begeben und wünsche Ihnen viel Spaß und Erfolg beim Programmieren lernen!Simon Flaig Neben exzellenten Leistungen im Programmieren im Schulunterricht, eignete sich Simon Flaig in seiner Freizeit selbstständig verschiedene Programmierkenntnisse an. Nach einem sehr guten Abschluss seines Informatikstudiums, konnte Simon reichlich praktische Erfahrung im Bereich der Softwareentwicklung in etablierten Unternehmen im In- und Ausland sammeln. Nun vermittelt Simon sein Know-How im Bereich der Programmierung mithilfe seiner praxisnahen Lehrbücher.
Snowflake Security
This book is your complete guide to Snowflake security, covering account security, authentication, data access control, logging and monitoring, and more. It will help you make sure that you are using the security controls in a right way, are on top of access control, and making the most of the security features in Snowflake.Snowflake is the fastest growing cloud data warehouse in the world, and having the right methodology to protect the data is important both to data engineers and security teams. It allows for faster data enablement for organizations, as well as reducing security risks, meeting compliance requirements, and solving data privacy challenges.There are currently tens of thousands of people who are either data engineers/data ops in Snowflake-using organizations, or security people in such organizations. This book provides guidance when you want to apply certain capabilities, such as data masking, row-level security, column-level security, tackling role hierarchy, building monitoring dashboards, etc., to your organizations.WHAT YOU WILL LEARN* Implement security best practices for Snowflake* Set up user provisioning, MFA, OAuth, and SSO* Set up a Snowflake security model* Design roles architecture* Use advanced access control such as row-based security and dynamic masking* Audit and monitor your Snowflake Data CloudWHO THIS BOOK IS FORData engineers, data privacy professionals, and security teams either with security knowledge (preferably some data security knowledge) or with data engineering knowledge; in other words, either “Snowflake people” or “data people” who want to get security right, or “security people” who want to make sure that Snowflake gets handled right in terms of securityBEN HERZBERG is an experienced hacker and developer with years of experience in endpoint security, behavioral analytics, application security, and data security. His professional experience in development, research, and security includes roles such as the CTO of Cynet and leading the threat research group at Imperva. Ben is now the Chief Scientist for Satori, streamlining data access and security with DataSecOps. Ben also loves to write, speak at conferences, travel, and meet new people.YOAV COHEN is the Co-Founder and Chief Technology Officer of Satori Cyber. At Satori, Yoav is building the company’s technology vision and leading the research and engineering teams. Before founding Satori Cyber, Yoav was the Senior Vice President of Product Development for Imperva, which he joined as part of the acquisition of Incapsula, a cloud-based web applications security and acceleration company, where he was the Vice President of Engineering. Before joining Incapsula, Yoav held several technology leadership positions at SAP. When he isn’t glued to his laptop or on a whiteboard, Yoav can be found traveling with his wife and four kids in an RV, playing electric guitar, or doing laps at the pool. He is still dreaming about building his own operating system. Yoav holds an MSc in computer science from Tel-Aviv University and a BSc in computer science and biology from Tel-Aviv University.CHAPTER 1. INTRODUCTION TO SNOWFLAKEWhat’s happening to dataWhere Snowflake fits inBuilding your first Snowflake Data WarehouseCHAPTER 2. ACCOUNT SECURITYSecurity Best Practices for SnowflakePrivate Link ConnectionCHAPTER 3. AUTHENTICATIONAuthentication in Snowflake overviewSetting Up MFASetting Up OAuthSetting Up SSOConnecting through a 3rd party SSOConnecting through a custom OAuth Authentication ServiceNetwork Access ControlManaging Roles Through SCIMCHAPTER 4. DATA ACCESS CONTROLIntroduction to Data Access ControlsSnowflake Security ModelDesigning roles architectureCustom Data Access ControlColumn Based Access ControlUsing AbstractionUsing Dynamic MaskingRow Based Access ControlUsing AbstractionUsing Row Based PoliciesCustom Access ControlCHAPTER 5. LOGGING & MONITORINGIntroductionSnowflake MetadataAccount Usage vs Information SchemaMain Views for SecurityLimitationsSnowAlertBuilding a Custom Security DashboardSetting Things UpDashboardIncident ResponseCHAPTER 6. EPILOGUERecapWhat’s Coming Up
Computation in BioInformatics
COMPUTATION IN BIOINFORMATICS1 BIOINFOMATICS AS A TOOL IN DRUG DESIGNING 1Rene Barbie Browne, Shiny C. Thomas and Jayanti Datta Roy1.1 Introduction 11.2 Steps Involved in Drug Designing 31.2.1 Identification of the Target Protein/Enzyme 51.2.2 Detection of Molecular Site (Active Site) in the Target Protein 61.2.3 Molecular Modeling 61.2.4 Virtual Screening 91.2.5 Molecular Docking 101.2.6 QSAR (Quantitative Structure-Activity Relationship) 121.2.7 Pharmacophore Modeling 141.2.8 Solubility of Molecule 141.2.9 Molecular Dynamic Simulation 141.2.10 ADME Prediction 151.3 Various Softwares Used in the Steps of Drug Designing 161.4 Applications 181.5 Conclusion 20References 202 NEW STRATEGIES IN DRUG DISCOVERY 25Vivek Chavda, Yogita Thalkari and Swati Marwadi2.1 Introduction 262.2 Road Toward Advancement 272.3 Methodology 302.3.1 Target Identification 302.3.2 Docking-Based Virtual Screening 322.3.3 Conformation Sampling 332.3.4 Scoring Function 342.3.5 Molecular Similarity Methods 352.3.6 Virtual Library Construction 372.3.7 Sequence-Based Drug Design 372.4 Role of OMICS Technology 382.5 High-Throughput Screening and Its Tools 402.6 Chemoinformatic 442.6.1 Exploratory Data Analysis 452.6.2 Example Discovery 462.6.3 Pattern Explanation 462.6.4 New Technologies 462.7 Concluding Remarks and Future Prospects 46References 483 ROLE OF BIOINFORMATICS IN EARLY DRUG DISCOVERY: AN OVERVIEW AND PERSPECTIVE 49Shasank S. Swain and Tahziba Hussain3.1 Introduction 503.2 Bioinformatics and Drug Discovery 513.2.1 Structure-Based Drug Design (SBDD) 523.2.2 Ligand-Based Drug Design (LBDD) 533.3 Bioinformatics Tools in Early Drug Discovery 543.3.1 Possible Biological Activity Prediction Tools 553.3.2 Possible Physicochemical and Drug-Likeness Properties Verification Tools 583.3.3 Possible Toxicity and ADME/T Profile Prediction Tools 603.4 Future Directions With Bioinformatics Tool 613.5 Conclusion 63Acknowledgements 64References 644 ROLE OF DATA MINING IN BIOINFORMATICS 69Vivek P. Chavda, Amit Sorathiya, Disha Valu and Swati Marwadi4.1 Introduction 704.2 Data Mining Methods/Techniques 714.2.1 Classification 714.2.1.1 Statistical Techniques 714.2.1.2 Clustering Technique 734.2.1.3 Visualization 744.2.1.4 Induction Decision Tree Technique 744.2.1.5 Neural Network 754.2.1.6 Association Rule Technique 754.2.1.7 Classification 754.3 DNA Data Analysis 774.4 RNA Data Analysis 794.5 Protein Data Analysis 794.6 Biomedical Data Analysis 804.7 Conclusion and Future Prospects 81References 815 IN SILICO PROTEIN DESIGN AND VIRTUAL SCREENING 85Vivek P. Chavda, Zeel Patel, Yashti Parmar and Disha Chavda5.1 Introduction 865.2 Virtual Screening Process 885.2.1 Before Virtual Screening 905.2.2 General Process of Virtual Screening 905.2.2.1 Step 1 (The Establishment of the Receptor Model) 915.2.2.2 Step 2 (The Generation of Small-Molecule Libraries) 925.2.2.3 Step 3 (Molecular Docking) 925.2.2.4 Step 4 (Selection of Lead Protein Compounds) 945.3 Machine Learning and Scoring Functions 945.4 Conclusion and Future Prospects 95References 966 NEW BIOINFORMATICS PLATFORM-BASED APPROACH FOR DRUG DESIGN 101Vivek Chavda, Soham Sheta, Divyesh Changani and Disha Chavda6.1 Introduction 1026.2 Platform-Based Approach and Regulatory Perspective 1046.3 Bioinformatics Tools and Computer-Aided Drug Design 1076.4 Target Identification 1096.5 Target Validation 1106.6 Lead Identification and Optimization 1116.7 High-Throughput Methods (HTM) 1126.8 Conclusion and Future Prospects 114References 1157 BIOINFORMATICS AND ITS APPLICATION AREAS 121Ragini Bhardwaj, Mohit Sharma and Nikhil Agrawal7.1 Introduction 1217.2 Review of Bioinformatics 1247.3 Bioinformatics Applications in Different Areas 1267.3.1 Microbial Genome Application 1267.3.2 Molecular Medicine 1297.3.3 Agriculture 1307.4 Conclusion 131References 1318 DNA MICROARRAY ANALYSIS: FROM AFFYMETRIX CEL FILES TO COMPARATIVE GENE EXPRESSION 139Sandeep Kumar, Shruti Shandilya, Suman Kapila, Mohit Sharma and Nikhil Agrawal8.1 Introduction 1408.2 Data Processing 1408.2.1 Installation of Workflow 1408.2.2 Importing the Raw Data for Processing 1418.2.3 Retrieving Sample Annotation of the Data 1428.2.4 Quality Control 1438.2.4.1 Boxplot 1448.2.4.2 Density Histogram 1458.2.4.3 MA Plot 1458.2.4.4 NUSE Plot 1458.2.4.5 RLE Plot 1458.2.4.6 RNA Degradation Plot 1458.2.4.7 QCstat 1488.3 Normalization of Microarray Data Using the RMA Method 1488.3.1 Background Correction 1488.3.2 Normalization 1498.3.3 Summarization 1498.4 Statistical Analysis for Differential Gene Expression 1518.5 Conclusion 153References 1539 MACHINE LEARNING IN BIOINFORMATICS 155Rahul Yadav, Mohit Sharma and Nikhil Agrawal9.1 Introduction and Background 1569.1.1 Bioinformatics 1589.1.2 Text Mining 1599.1.3 IoT Devices 1599.2 Machine Learning Applications in Bioinformatics 1599.3 Machine Learning Approaches 1619.4 Conclusion and Closing Remarks 162References 16210 DNA-RNA BARCODING AND GENE SEQUENCING 165Gifty Sawhney, Mohit Sharma and Nikhil Agrawal10.1 Introduction 16610.2 RNA 16910.3 DNA Barcoding 17210.3.1 Introduction 17210.3.2 DNA Barcoding and Molecular Phylogeny 17710.3.3 Ribosomal DNA (rDNA) of the Nuclear Genome (nuDNA)—ITS 17810.3.4 Chloroplast DNA 18010.3.5 Mitochondrial DNA 18110.3.6 Molecular Phylogenetic Analysis 18110.3.7 Metabarcoding 18910.3.8 Materials for DNA Barcoding 19010.4 Main Reasons of DNA Barcoding 19110.5 Limitations/Restrictions of DNA Barcoding 19210.6 RNA Barcoding 19210.6.1 Overview of the Method 19310.7 Methodology 19410.7.1 Materials Required 19510.7.2 Barcoded RNA Sequencing High-Level Mapping of Single-Neuron Projections 19610.7.3 Using RNA to Trace Neurons 19610.7.4 A Life Conservation Barcoder 19810.7.5 Gene Sequencing 19910.7.5.1 DNA Sequencing Methods 20010.7.5.2 First-Generation Sequencing Techniques 20410.7.5.3 Maxam’s and Gilbert’s Chemical Method 20410.7.5.4 Sanger Sequencing 20510.7.5.5 Automation in DNA Sequencing 20610.7.5.6 Use of Fluorescent-Marked Primers and ddNTPs 20610.7.5.7 Dye Terminator Sequencing 20710.7.5.8 Using Capillary Electrophoresis 20710.7.6 Developments and High-Throughput Methodsin DNA Sequencing 20810.7.7 Pyrosequencing Method 20910.7.8 The Genome Sequencer 454 FLX System 21010.7.9 Illumina/Solexa Genome Analyzer 21010.7.10 Transition Sequencing Techniques 21110.7.11 Ion-Torrent’s Semiconductor Sequencing 21110.7.12 Helico’s Genetic Analysis Platform 21110.7.13 Third-Generation Sequencing Techniques 21210.8 Conclusion 212Abbreviations 213Acknowledgement 214References 21411 BIOINFORMATICS IN CANCER DETECTION 229Mohit Sharma, Umme Abiha, Parul Chugh, Balakumar Chandrasekaran and Nikhil Agrawal11.1 Introduction 23011.2 The Era of Bioinformatics in Cancer 23011.3 Aid in Cancer Research via NCI 23211.4 Application of Big Data in Developing Precision Medicine 23311.5 Historical Perspective and Development 23511.6 Bioinformatics-Based Approaches in the Study of Cancer 23711.6.1 SLAMS 23711.6.2 Module Maps 23811.6.3 COPA 23911.7 Conclusion and Future Challenges 240References 24012 GENOMIC ASSOCIATION OF POLYCYSTIC OVARIAN SYNDROME: SINGLE-NUCLEOTIDE POLYMORPHISMS AND THEIR ROLE IN DISEASE PROGRESSION 245Gowtham Kumar Subbaraj and Sindhu Varghese12.1 Introduction 24612.2 FSHR Gene 25212.3 IL-10 Gene 25212.4 IRS-1 Gene 25312.5 PCR Primers Used 25412.6 Statistical Analysis 25512.7 Conclusion 258References 25913 AN INSIGHT OF PROTEIN STRUCTURE PREDICTIONS USING HOMOLOGY MODELING 265S. Muthumanickam, P. Boomi, R. Subashkumar, S. Palanisamy, A. Sudha, K. Anand, C. Balakumar, M. Saravanan, G. Poorani, Yao Wang, K. Vijayakumar and M. Syed Ali13.1 Introduction 26613.2 Homology Modeling Approach 26813.2.1 Strategies for Homology Modeling 26913.2.2 Procedure 26913.3 Steps Involved in Homology Modeling 27013.3.1 Template Identification 27013.3.2 Sequence Alignment 27113.3.3 Backbone Generation 27113.3.4 Loop Modeling 27113.3.5 Side Chain Modeling 27213.3.6 Model Optimization 27213.3.6.1 Model Validation 27213.4 Tools Used for Homology Modeling 27313.4.1 Robetta 27313.4.2 M4T (Multiple Templates) 27313.4.3 I-Tasser (Iterative Implementation of the Threading Assembly Refinement) 27313.4.4 ModBase 27413.4.5 Swiss Model 27413.4.6 PHYRE2 (Protein Homology/Analogy Recognition Engine 2) 27413.4.7 Modeller 27413.4.8 Conclusion 275Acknowledgement 275References 27514 BASIC CONCEPTS IN PROTEOMICS AND APPLICATIONS 279Jesudass Joseph Sahayarayan, A.S. Enogochitra and Murugesan Chandrasekaran14.1 Introduction 28014.2 Challenges on Proteomics 28114.3 Proteomics Based on Gel 28314.4 Non-Gel–Based Electrophoresis Method 28414.5 Chromatography 28414.6 Proteomics Based on Peptides 28514.7 Stable Isotopic Labeling 28614.8 Data Mining and Informatics 28714.9 Applications of Proteomics 28914.10 Future Scope 29014.11 Conclusion 291References 29215 PROSPECTS OF COVALENT APPROACHES IN DRUG DISCOVERY: AN OVERVIEW 295Balajee Ramachandran, Saravanan Muthupandian and Jeyakanthan Jeyaraman15.1 Introduction 29615.2 Covalent Inhibitors Against the Biological Target 29715.3 Application of Physical Chemistry Concepts in Drug Designing 29915.4 Docking Methodologies—An Overview 30115.5 Importance of Covalent Targets 30215.6 Recent Framework on the Existing Docking Protocols 30315.7 SN2 Reactions in the Computational Approaches 30415.8 Other Crucial Factors to Consider in the Covalent Docking 30515.8.1 Role of Ionizable Residues 30515.8.2 Charge Regulation 30615.8.3 Charge-Charge Interactions 30615.9 QM/MM Approaches 30915.10 Conclusion and Remarks 310Acknowledgements 311References 311Index 321
CompTIA PenTest+ Study Guide
PREPARE FOR SUCCESS ON THE NEW PENTEST+ CERTIFICATION EXAM AND AN EXCITING CAREER IN PENETRATION TESTINGIn the revamped Second Edition of CompTIA PenTest+ Study Guide: Exam PT0-002, veteran information security experts Dr. Mike Chapple and David Seidl deliver a comprehensive roadmap to the foundational and advanced skills every pentester (penetration tester) needs to secure their CompTIA PenTest+ certification, ace their next interview, and succeed in an exciting new career in a growing field.You’ll learn to perform security assessments of traditional servers, desktop and mobile operating systems, cloud installations, Internet-of-Things devices, and industrial or embedded systems. You’ll plan and scope a penetration testing engagement including vulnerability scanning, understand legal and regulatory compliance requirements, analyze test results, and produce a written report with remediation techniques.This book will:* Prepare you for success on the newly introduced CompTIA PenTest+ PT0-002 Exam * Multiply your career opportunities with a certification that complies with ISO 17024 standards and meets Department of Defense Directive 8140/8570.01-M requirements * Allow access to the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms Perfect for anyone preparing for the updated CompTIA PenTest+ certification exam, CompTIA PenTest+ Study Guide: Exam PT0-002 is also a must-read resource for aspiring penetration testers and IT security professionals seeking to expand and improve their skillset.MIKE CHAPPLE, SECURITY+, CYSA+, CISSP, is Teaching Professor of IT, Analytics, and Operations at the University of Notre Dame. He's a cybersecurity professional and educator with over 20 years of experience. Mike provides cybersecurity certification resources at his website, CertMike.com.DAVID SEIDL, SECURITY+, CYSA+, CISSP, PENTEST+, is Vice President for Information Technology and CIO at Miami University. David co-led Notre Dame's move to the cloud, and has written multiple cybersecurity certification books.Introduction xxvAssessment Test xxxixCHAPTER 1 PENETRATION TESTING 1What Is Penetration Testing? 2Cybersecurity Goals 2Adopting the Hacker Mindset 4Ethical Hacking 5Reasons for Penetration Testing 5Benefits of Penetration Testing 6Regulatory Requirements for Penetration Testing 7Who Performs Penetration Tests? 8Internal Penetration Testing Teams 8External Penetration Testing Teams 9Selecting Penetration Testing Teams 10The CompTIA Penetration Testing Process 10Planning and Scoping 11Information Gathering and Vulnerability Scanning 11Attacks and Exploits 12Reporting and Communication 13Tools and Code Analysis 13The Cyber Kill Chain 14Reconnaissance 15Weaponization 16Delivery 16Exploitation 16Installation 16Command and Control 16Actions on Objectives 17Tools of the Trade 17Reconnaissance 20Vulnerability Scanners 21Social Engineering 21Credential Testing Tools 22Debuggers and Software Testing Tools 22Network Testing 23Remote Access 23Exploitation 24Steganography 24Cloud Tools 25Summary 25Exam Essentials 25Lab Exercises 26Activity 1.1: Adopting the Hacker Mindset 26Activity 1.2: Using the Cyber Kill Chain 26Review Questions 27CHAPTER 2 PLANNING AND SCOPING PENETRATION TESTS 31Scoping and Planning Engagements 34Assessment Types 35Known Environments and Unknown Environments 35The Rules of Engagement 37Scoping Considerations—A Deeper Dive 39Support Resources for Penetration Tests 42Penetration Testing Standards and Methodologies 44Key Legal Concepts for Penetration Tests 46Contracts 46Data Ownership and Retention 47Permission to Attack (Authorization) 47Environmental Differences and Location Restrictions 48Regulatory Compliance Considerations 49Summary 51Exam Essentials 52Lab Exercises 53Review Questions 54CHAPTER 3 INFORMATION GATHERING 59Footprinting and Enumeration 63OSINT 64Location and Organizational Data 65Infrastructure and Networks 68Security Search Engines 74Google Dorks and Search Engine Techniques 77Password Dumps and Other Breach Data 77Source Code Repositories 78Passive Enumeration and Cloud Services 78Active Reconnaissance and Enumeration 78Hosts 79Services 79Networks, Topologies, and Network Traffic 85Packet Crafting and Inspection 88Enumeration 90Information Gathering and Code 97Avoiding Detection 99Information Gathering and Defenses 99Defenses Against Active Reconnaissance 100Preventing Passive Information Gathering 100Summary 100Exam Essentials 101Lab Exercises 102Activity 3.1: Manual OSINT Gathering 102Activity 3.2: Exploring Shodan 102Activity 3.3: Running an Nmap Scan 103Review Questions 104CHAPTER 4 VULNERABILITY SCANNING 109Identifying Vulnerability Management Requirements 112Regulatory Environment 112Corporate Policy 116Support for Penetration Testing 116Identifying Scan Targets 117Determining Scan Frequency 118Active vs. Passive Scanning 120Configuring and Executing Vulnerability Scans 121Scoping Vulnerability Scans 121Configuring Vulnerability Scans 122Scanner Maintenance 129Software Security Testing 131Analyzing and Testing Code 131Web Application Vulnerability Scanning 133Developing a Remediation Workflow 138Prioritizing Remediation 140Testing and Implementing Fixes 141Overcoming Barriers to Vulnerability Scanning 141Summary 143Exam Essentials 143Lab Exercises 144Activity 4.1: Installing a Vulnerability Scanner 144Activity 4.2: Running a Vulnerability Scan 145Activity 4.3: Developing a Penetration Test Vulnerability Scanning Plan 145Review Questions 146CHAPTER 5 ANALYZING VULNERABILITY SCANS 151Reviewing and Interpreting Scan Reports 152Understanding CVSS 156Validating Scan Results 162False Positives 162Documented Exceptions 162Understanding Informational Results 163Reconciling Scan Results with Other Data Sources 164Trend Analysis 164Common Vulnerabilities 165Server and Endpoint Vulnerabilities 166Network Vulnerabilities 175Virtualization Vulnerabilities 181Internet of Things (IoT) 183Web Application Vulnerabilities 184Summary 186Exam Essentials 187Lab Exercises 188Activity 5.1: Interpreting a Vulnerability Scan 188Activity 5.2: Analyzing a CVSS Vector 188Activity 5.3: Developing a Penetration Testing Plan 189Review Questions 190CHAPTER 6 EXPLOITING AND PIVOTING 195Exploits and Attacks 198Choosing Targets 198Enumeration 199Identifying the Right Exploit 201Exploit Resources 204Exploitation Toolkits 206Metasploit 206PowerSploit 212BloodHound 213Exploit Specifics 213RPC/DCOM 213PsExec 214PS Remoting/WinRM 214WMI 214Fileless Malware and Living Off the Land 215Scheduled Tasks and cron Jobs 216SMB 217DNS 219RDP 220Apple Remote Desktop 220VNC 220SSH 220Network Segmentation Testing and Exploits 221Leaked Keys 222Leveraging Exploits 222Common Post-Exploit Attacks 222Cross Compiling 225Privilege Escalation 226Social Engineering 226Escaping and Upgrading Limited Shells 227Persistence and Evasion 228Scheduled Jobs and Scheduled Tasks 228Inetd Modification 228Daemons and Services 229Backdoors and Trojans 229Data Exfiltration and Covert Channels 230New Users 230Pivoting 231Covering Your Tracks 232Summary 233Exam Essentials 234Lab Exercises 235Activity 6.1: Exploit 235Activity 6.2: Discovery 235Activity 6.3: Pivot 236Review Questions 237CHAPTER 7 EXPLOITING NETWORK VULNERABILITIES 243Identifying Exploits 247Conducting Network Exploits 247VLAN Hopping 247DNS Cache Poisoning 249On-Path Attacks 251NAC Bypass 254DoS Attacks and Stress Testing 255Exploit Chaining 257Exploiting Windows Services 257NetBIOS Name Resolution Exploits 257SMB Exploits 261Identifying and Exploiting Common Services 261Identifying and Attacking Service Targets 262SNMP Exploits 263SMTP Exploits 264FTP Exploits 265Kerberoasting 266Samba Exploits 267Password Attacks 268Stress Testing for Availability 269Wireless Exploits 269Attack Methods 269Finding Targets 270Attacking Captive Portals 270Eavesdropping, Evil Twins, and Wireless On-Path Attacks 271Other Wireless Protocols and Systems 275RFID Cloning 276Jamming 277Repeating 277Summary 278Exam Essentials 279Lab Exercises 279Activity 7.1: Capturing Hashes 279Activity 7.2: Brute-ForcingServices 280Activity 7.3: Wireless Testing 281Review Questions 282CHAPTER 8 EXPLOITING PHYSICAL AND SOCIAL VULNERABILITIES 287Physical Facility Penetration Testing 290Entering Facilities 290Information Gathering 294Social Engineering 294In-Person Social Engineering 295Phishing Attacks 297Website-BasedAttacks 298Using Social Engineering Tools 298Summary 302Exam Essentials 303Lab Exercises 303Activity 8.1: Designing a Physical Penetration Test 303Activity 8.2: Brute-Forcing Services 304Activity 8.3: Using BeEF 305Review Questions 306CHAPTER 9 EXPLOITING APPLICATION VULNERABILITIES 311Exploiting Injection Vulnerabilities 314Input Validation 314Web Application Firewalls 315SQL Injection Attacks 316Code Injection Attacks 319Command Injection Attacks 319LDAP Injection Attacks 320Exploiting Authentication Vulnerabilities 320Password Authentication 321Session Attacks 322Kerberos Exploits 326Exploiting Authorization Vulnerabilities 327Insecure Direct Object References 327Directory Traversal 328File Inclusion 330Privilege Escalation 331Exploiting Web Application Vulnerabilities 331Cross-Site Scripting (XSS) 331Request Forgery 334Clickjacking 335Unsecure Coding Practices 335Source Code Comments 335Error Handling 336Hard-Coded Credentials 336Race Conditions 337Unprotected APIs 337Unsigned Code 338Steganography 340Application Testing Tools 341Static Application Security Testing (SAST) 341Dynamic Application Security Testing (DAST) 342Mobile Tools 346Summary 346Exam Essentials 347Lab Exercises 347Activity 9.1: Application Security Testing Techniques 347Activity 9.2: Using the ZAP Proxy 348Activity 9.3: Creating a Cross-Site Scripting Vulnerability 348Review Questions 349CHAPTER 10 ATTACKING HOSTS, CLOUD TECHNOLOGIES, AND SPECIALIZED SYSTEMS 355Attacking Hosts 360Linux 361Windows 365Cross-Platform Exploits 367Credential Attacks and Testing Tools 368Credential Acquisition 368Offline Password Cracking 369Credential Testing and Brute-Forcing Tools 371Wordlists and Dictionaries 371Remote Access 372SSH 372NETCAT and Ncat 373Metasploit and Remote Access 373Proxies and Proxychains 374Attacking Virtual Machines and Containers 374Virtual Machine Attacks 375Containerization Attacks 377Attacking Cloud Technologies 379Attacking Cloud Accounts 379Attacking and Using Misconfigured Cloud Assets 380Other Cloud Attacks 382Tools for Cloud Technology Attacks 383Attacking Mobile Devices 384Attacking IoT, ICS, Embedded Systems, and SCADA Devices 389Attacking Data Storage 392Summary 393Exam Essentials 395Lab Exercises 396Activity 10.1: Dumping and Cracking the Windows SAM and Other Credentials 396Activity 10.2: Cracking Passwords Using Hashcat 397Activity 10.3: Setting Up a Reverse Shell and a Bind Shell 398Review Questions 400CHAPTER 11 REPORTING AND COMMUNICATION 405The Importance of Communication 409Defining a Communication Path 409Communication Triggers 410Goal Reprioritization 410Recommending Mitigation Strategies 411Finding: Shared Local Administrator Credentials 412Finding: Weak Password Complexity 413Finding: Plaintext Passwords 414Finding: No Multifactor Authentication 414Finding: SQL Injection 416Finding: Unnecessary Open Services 416Writing a Penetration Testing Report 416Structuring the Written Report 417Secure Handling and Disposition of Reports 420Wrapping Up the Engagement 421Post-Engagement Cleanup 421Client Acceptance 421Lessons Learned 421Follow-UpActions/Retesting 422Attestation of Findings 422Retention and Destruction of Data 422Summary 423Exam Essentials 423Lab Exercises 424Activity 11.1: Remediation Strategies 424Activity 11.2: Report Writing 424Review Questions 425CHAPTER 12 SCRIPTING FOR PENETRATION TESTING 429Scripting and Penetration Testing 431Bash 432PowerShell 433Ruby 434Python 435Perl 435JavaScript 436Variables, Arrays, and Substitutions 438Bash 439PowerShell 440Ruby 441Python 441Perl 442JavaScript 442Comparison Operations 444String Operations 445Bash 446PowerShell 447Ruby 448Python 449Perl 450JavaScript 451Flow Control 452Conditional Execution 453for Loops 458while Loops 465Input and Output (I/O) 471Redirecting Standard Input and Output 471Comma-SeparatedValues (CSV) 472Error Handling 472Bash 472PowerShell 473Ruby 473Python 473Advanced Data Structures 474JavaScript Object Notation (JSON) 474Trees 475Reusing Code 475The Role of Coding in Penetration Testing 476Analyzing Exploit Code 476Automating Penetration Tests 477Summary 477Exam Essentials 477Lab Exercises 478Activity 12.1: Reverse DNS Lookups 478Activity 12.2: Nmap Scan 479Review Questions 480APPENDIX A ANSWERS TO REVIEW QUESTIONS 485Chapter 1: Penetration Testing 486Chapter 2: Planning and Scoping Penetration Tests 487Chapter 3: Information Gathering 489Chapter 4: Vulnerability Scanning 491Chapter 5: Analyzing Vulnerability Scans 493Chapter 6: Exploiting and Pivoting 495Chapter 7: Exploiting Network Vulnerabilities 497Chapter 8: Exploiting Physical and Social Vulnerabilities 499Chapter 9: Exploiting Application Vulnerabilities 501Chapter 10: Attacking Hosts, Cloud Technologies, and Specialized Systems 503Chapter 11: Reporting and Communication 505Chapter 12: Scripting for Penetration Testing 506APPENDIX B SOLUTION TO LAB EXERCISE 509Solution to Activity 5.2: Analyzing a CVSS Vector 510Index 511
Wahrheit und Fake im postfaktisch-digitalen Zeitalter
Die Zunahme von Fake News, die stärker werdende Beeinflussung von Wahlen, zunehmende Falschmeldungen und gezielte Desinformationskampagnen sind nicht zuletzt eine Folge der fortschreitenden Digitalisierung. Um diesen Fehlentwicklungen Einhalt zu gebieten, ist die Informationstechnik gefragt. Mit intelligenten Algorithmen und einer verfeinerten Datenanalyse müssen zukünftig Fakes schneller erkannt und deren Verbreitung verhindert werden. Um jedoch Fakes mittels künstlicher Intelligenz sinnvoll zu erkennen und zu filtern, muss es möglich sein, Fakes von Fakten, Fakten von Fiktionen und Fiktionen von Fakes zu unterscheiden.In diesem Buch werden daher auch Fragen nach den Distinktionen von Fake, Faktizität und Fiktionalität gestellt. Es wird auf die dahinter liegenden Wahrheitstheorien eingegangen und es werden praktisch-technische Möglichkeiten aufgezeigt, um Wahrheit von Falschheit zu differenzieren. Mit der Berücksichtigung des Fiktionalen sowie der Annahme, dass informationstechnische Weiterentwicklung von geisteswissenschaftlichen Erkenntnissen profitieren kann, hoffen die Autorinnen und Autoren, dass inhaltliche, technische und methodische Herausforderungen der Gegenwart und Zukunft bewältigt werden können.PETER KLIMCZAK (Dr. phil. et Dr. rer. nat. habil.) lehrt als Privatdozent Medien-, Kultur- und Technikwissenschaften an der Brandenburgischen Technischen Universität und forscht im Rahmen eines Feodor Lynen Research Fellowship an der University of Wroclaw. Er ist Autor zahlreicher Publikationen zum Einsatz künstlicher Sprachen in den Medien- und Kulturwissenschaften, zu digitalen und sozialen Medien sowie zu kognitiven Systemen und künstlicher Intelligenz.THOMAS ZOGLAUER (Dr. phil. habil.) lehrt als außerplanmäßiger Professor Philosophie an der Brandenburgischen Technischen Universität und als Lehrbeauftragter an den Universitäten Freiburg und Stuttgart. Er ist Autor zahlreicher Bücher zur Technikphilosophie, Logik und angewandten Ethik. Einleitung - Wahrheitsrelativismus, Wissenschaftsskeptizismus und die politischen Folgen - Von Fakes und Frauds: Können wissenschaftliche „Hoaxes“ ein legitimes Erkenntnisinstrument sein? - Fiction, Fake and Fact - Stranger than Fiction - Die marxistisch-leninistische Faschismusdefinition und der Mauerbau - Vorsicht: mögliche „Fake News“ – ein technischer Ansatz zur frühen Erkennung - Fake News technisch begegnen – Detektions- und Behandlungsansätze zur Unterstützung von NutzerInnen - NewsDeps: Visualizing the Origin of Information in News Articles
Modeling and Optimization in Software-Defined Networks
THIS BOOK PROVIDES A QUICK REFERENCE AND INSIGHTS INTO MODELING AND OPTIMIZATION OF SOFTWARE-DEFINED NETWORKS (SDNS). It covers various algorithms and approaches that have been developed for optimizations related to the control plane, the considerable research related to data plane optimization, and topics that have significant potential for research and advances to the state-of-the-art in SDN.Over the past ten years, network programmability has transitioned from research concepts to more mainstream technology through the advent of technologies amenable to programmability such as service chaining, virtual network functions, and programmability of the data plane. However, the rapid development in SDN technologies has been the key driver behind its evolution.The logically centralized abstraction of network states enabled by SDN facilitates programmability and use of sophisticated optimization and control algorithms for enhancing network performance, policy management, and security.Furthermore, the centralized aggregation of network telemetry facilitates use of data-driven machine learning-based methods. To fully unleash the power of this new SDN paradigm, though, various architectural design, deployment, and operations questions need to be addressed. Associated with these are various modeling, resource allocation, and optimization opportunities.The book covers these opportunities and associated challenges, which represent a ``call to arms'' for the SDN community to develop new modeling and optimization methods that will complement or improve on the current norms.* Preface* Acknowledgments* Introduction* SDN Control Plane Optimization* SDN Data Plane Optimization* Future Research Directions* Bibliography* Authors' Biographies