Adobe Encore (previously Adobe Encore DVD) was a DVD authoring software tool produced by Adobe Systems and targeted at professional video producers. Video and audio resources could be used in their current format for development, allowing the user to transcode them to MPEG-2 video and Dolby Digital audio upon project completion. DVD menus could be created and edited in Adobe Photoshop using special layering techniques. Adobe Encore did not support writing to a Blu-ray Disc using AVCHD 2.0. Encore is bundled with Adobe Premiere Pro CS6. Adobe Encore CS6 was the last release. While Premiere Pro CC has moved to the Creative Cloud, Encore has now been discontinued. == Licensing == All forms of Adobe Encore used a proprietary licensing system from its developer, Adobe Systems. Versions 1.0 and 1.5 required a separate license fee (rather than making 1.5 available as a free update). Version 3, also known as CS3, was sold only in bundle with Premiere CS3. Encore CS4, CS5, CS5.5 and CS6 were only sold in the Premiere Pro CS4, CS5, CS5.5 and CS6 bundles, respectively. Adobe CC subscribers no longer have access to Adobe Encore CS6. Adobe Encore is not included with Premiere Pro CC. == Functionality == Adobe Encore allowed for creating interactive DVD menus from Photoshop documents, which could be tweaked from within Encore. Video and audio streams could be embedded in the DVD and be made to play when certain elements of the menu are interacted with. It had similar functionality to Adobe Flash and Premiere Pro, due to its ability to both edit video on a timeline and embed interactive content.
Vulnerabilities Equities Process
The Vulnerabilities Equities Process (VEP) is a process used by the U.S. federal government to determine on a case-by-case basis how it should treat zero-day computer security vulnerabilities: whether to disclose them to the public to help improve general computer security, or to keep them secret for offensive use against the government's adversaries. The VEP was first developed during the period 2008–2009, but only became public in 2016, when the government released a redacted version of the VEP in response to a FOIA request by the Electronic Frontier Foundation. Following public pressure for greater transparency in the wake of the Shadow Brokers affair, the U.S. government made a more public disclosure of the VEP process in November 2017. == Participants == According to the VEP plan published in 2017, the Equities Review Board (ERB) is the primary forum for interagency deliberation and determinations concerning the VEP. The ERB meets monthly, but may also be convened sooner if an immediate need arises. The ERB consists of representatives from the following agencies: Office of Management and Budget Office of the Director of National Intelligence (including the Intelligence Community-Security Coordination Center) United States Department of the Treasury United States Department of State United States Department of Justice (including the Federal Bureau of Investigation and the National Cyber Investigative Joint Task Force) Department of Homeland Security (including the National Cybersecurity and Communications Integration Center and the United States Secret Service) United States Department of Energy United States Department of Defense (to include the National Security Agency, including Information Assurance and Signals Intelligence elements), United States Cyber Command, and DoD Cyber Crime Center) United States Department of Commerce Central Intelligence Agency The National Security Agency serves as the executive secretariat for the VEP. == Process == According to the November 2017 version of the VEP, the process is as follows: === Submission and notification === When an agency finds a vulnerability, it will notify the VEP secretariat as soon as is possible. The notification will include a description of the vulnerability and the vulnerable products or systems, together with the agency's recommendation to either disseminate or restrict the vulnerability information. The secretariat will then notify all participants of the submission within one business day, requesting them to respond if they have an relevant interest. === Equity and discussions === An agency expressing an interest must indicate whether it concurs with the original recommendation to disseminate or restrict within five business days. If it does not, it will hold discussions with the submitting agency and the VEP secretariat within seven business days to attempt to reach consensus. If no consensus is reached, the participants will suggest options for the Equities Review Board. === Determination to disseminate or restrict === Decisions whether to disclose or restrict a vulnerability should be made quickly, in full consultation with all concerned agencies, and in the overall best interest of the competing interests of the missions of the U.S. government. As far as possible, determinations should be based on rational, objective methodologies, taking into account factors such as prevalence, reliance, and severity. If the review board members cannot reach consensus, they will vote on a preliminary determination. If an agency with an equity disputes that decision, they may, by providing notice to the VEP secretariat, elect to contest the preliminary determination. If no agency contests a preliminary determination, it will be treated as a final decision. === Handling and follow-on actions === If vulnerability information is released, this will be done as quickly as possible, preferably within seven business days. Disclosure of vulnerabilities will be conducted according to guidelines agreed on by all members. The submitting agency is presumed to be most knowledgeable about the vulnerability and, as such, will be responsible for disseminating vulnerability information to the vendor. The submitting agency may elect to delegate dissemination responsibility to another agency on its behalf. The releasing agency will promptly provide a copy of the disclosed information to the VEP secretariat for record keeping. Additionally, the releasing agency is expected to follow up so the ERB can determine whether the vendor's action meets government requirements. If the vendor chooses not to address a vulnerability, or is not acting with urgency consistent with the risk of the vulnerability, the releasing agency will notify the secretariat, and the government may take other mitigation steps. == Criticism == The VEP process has been criticized for a number of deficiencies, including restriction by non-disclosure agreements, lack of risk ratings, special treatment for the NSA, and less than whole-hearted commitment to disclosure as the default option. == UK equivalent == British intelligence agencies—GCHQ in particular—follow a similar approach, also known as the Equities Process, to determine whether to disclose or retain security vulnerabilities. The Investigatory Powers Act 2016 was amended in 2022 to bring oversight of the operation of the process within the remit of the Investigatory Powers Commissioner. Details of the process were made public in 2018.
Cardiovascular health awareness in Nepal
Cardiovascular health awareness in Nepal has improved in recent times. It has emerged as a cost-effective tool for prevention of heart disease in recent years. == Background == Cardiovascular diseases in Nepal is responsible for maximum number of deaths and rapid urbanization possess extra threat in this situation emphasizing need for widespread awareness campaigns. Efforts to enhance cardiovascular health awareness among the general public, particularly through social media platforms, have proven pivotal in motivating individuals to adopt healthier lifestyle choices and improve heart health in Nepal in recent years. These awareness initiatives, often organized on special occasions such as World Heart Day of World Heart Federation, World Hypertension Day, and World Health Day of World Health Organization, have garnered active participation from the public, reflecting a growing interest in health-related information. Notably, various hospitals, organizations, and health professionals actively contribute to cardiovascular health awareness in Nepal. The prevalence of heart health-related content on social media platforms indicates a substantial dissemination of information. The engagement of a large number of followers underscores the audience's keen interest in health matters, evident in the significant engagement on various social media accounts and pages. During an event of cardiovascular health awareness a Guinness World Record was achieved on World Heart Day 2023. A Facebook live awareness programme on heart health prevention attracted 11,212 viewers during the 30-minute presentation and was awarded the "Most viewers for a cardiovascular health awareness live stream on Facebook" by Guinness World Record signifying depth of public involvement and importance of social media use in health awareness. In 2014, a 11-day heart camp was conducted in Nepal to raise awareness . In 2015, a is a heart health education program " Mission to Save Heart" was conducted to empower health professionals to manage heart attacks and reduce heart disease deaths.
IP Multimedia Subsystem
The IP Multimedia Subsystem or IP Multimedia Core Network Subsystem (IMS) is a standardized architectural framework for delivering IP-based multimedia services. Historically, mobile phones have provided voice call services over a circuit-switched network, rather than over an IP-based packet-switched network. Various VoIP technologies are available on smartphones; IMS offers a standardized protocol across different vendors. IMS was originally designed by the wireless standards body 3rd Generation Partnership Project (3GPP), as a part of the vision for evolving mobile networks beyond GSM. Its original formulation (3GPP Rel-5) represented an approach for delivering Internet services over GPRS. This vision was later updated by 3GPP, 3GPP2 and ETSI TISPAN by requiring support of networks other than GPRS, such as Wireless LAN, CDMA2000 and fixed lines. IMS uses IETF protocols wherever possible, e.g., the Session Initiation Protocol (SIP). According to the 3GPP, IMS is not intended to standardize applications, but rather to aid the access of multimedia and voice applications from wireless and wireline terminals, i.e., to create a form of fixed-mobile convergence (FMC). This is done by having a horizontal control layer that isolates the access network from the service layer. From a logical architecture perspective, services need not have their own control functions, as the control layer is a common horizontal layer. However, in implementation this does not necessarily map into greater reduced cost and complexity. Alternative and overlapping technologies for access and provisioning of services across wired and wireless networks include combinations of Generic Access Network, softswitches and "naked" SIP. Since it is becoming increasingly easier to access content and contacts using mechanisms outside the control of traditional wireless/fixed operators, the interest of IMS is being challenged. Examples of global standards based on IMS are MMTel which is the basis for Voice over LTE (VoLTE), Wi-Fi Calling (VoWIFI), Video over LTE (ViLTE), SMS/MMS over WiFi and LTE, Unstructured Supplementary Service Data (USSD) over LTE, and Rich Communication Services (RCS), which is also known as joyn or Advanced Messaging, and now RCS is operator's implementation. RCS also further added Presence/EAB (enhanced address book) functionality. == History == IMS was defined by an industry forum called 3G.IP, formed in 1999. 3G.IP developed the initial IMS architecture, which was brought to the 3rd Generation Partnership Project (3GPP), as part of their standardization work for 3G mobile phone systems in UMTS networks. It first appeared in Release 5 (evolution from 2G to 3G networks), when SIP-based multimedia was added. Support for the older GSM and GPRS networks was also provided. 3GPP2 (a different organization from 3GPP) based their CDMA2000 Multimedia Domain (MMD) on 3GPP IMS, adding support for CDMA2000. 3GPP release 6 added interworking with WLAN, inter-operability between IMS using different IP-connectivity networks, routing group identities, multiple registration and forking, presence, speech recognition and speech-enabled services (Push to talk). 3GPP release 7 added support for fixed networks by working together with TISPAN release R1.1, the function of AGCF (access gateway control function) and PES (PSTN emulation service) are introduced to the wire-line network for the sake of inheritance of services which can be provided in PSTN network. AGCF works as a bridge interconnecting the IMS networks and the Megaco/H.248 networks. Megaco/H.248 networks offers the possibility to connect terminals of the old legacy networks to the new generation of networks based on IP networks. AGCF acts a SIP User agent towards the IMS and performs the role of P-CSCF. SIP User Agent functionality is included in the AGCF, and not on the customer device but in the network itself. Also added voice call continuity between circuit switching and packet switching domain (VCC), fixed broadband connection to the IMS, interworking with non-IMS networks, policy and charging control (PCC), emergency sessions. It also added SMS over IP. 3GPP release 8 added support for LTE / SAE, multimedia session continuity, enhanced emergency sessions, SMS over SGs and IMS centralized services. 3GPP release 9 added support for IMS emergency calls over GPRS and EPS, enhancements to multimedia telephony, IMS media plane security, enhancements to services centralization and continuity. 3GPP release 10 added support for inter device transfer, enhancements to the single radio voice call continuity (SRVCC), enhancements to IMS emergency sessions. 3GPP release 11 added USSD simulation service, network-provided location information for IMS, SMS submit and delivery without MSISDN in IMS, and overload control. Some operators opposed IMS because it was seen as complex and expensive. In response, a cut-down version of IMS—enough of IMS to support voice and SMS over the LTE network—was defined and standardized in 2010 as Voice over LTE (VoLTE). == Architecture == Each of the functions in the diagram is explained below. The IP multimedia core network subsystem is a collection of different functions, linked by standardized interfaces, which grouped form one IMS administrative network. A function is not a node (hardware box): An implementer is free to combine two functions in one node, or to split a single function into two or more nodes. Each node can also be present multiple times in a single network, for dimensioning, load balancing or organizational issues. === Access network === The user can connect to IMS in various ways, most of which use the standard IP. IMS terminals (such as mobile phones, personal digital assistants (PDAs) and computers) can register directly on IMS, even when they are roaming in another network or country (the visited network). The only requirement is that they can use IP and run SIP user agents. Fixed access (e.g., digital subscriber line (DSL), cable modems, Ethernet, FTTx), mobile access (e.g. 5G NR, LTE, W-CDMA, CDMA2000, GSM, GPRS) and wireless access (e.g., WLAN, WiMAX) are all supported. Other phone systems like plain old telephone service (POTS—the old analogue telephones), H.323 and non IMS-compatible systems, are supported through gateways. === Core network === HSS – Home subscriber server: The home subscriber server (HSS), or user profile server function (UPSF), is a master user database that supports the IMS network entities that actually handle calls. It contains the subscription-related information (subscriber profiles), performs authentication and authorization of the user, and can provide information about the subscriber's location and IP information. It is similar to the GSM home location register (HLR) and Authentication centre (AuC). A subscriber location function (SLF) is needed to map user addresses when multiple HSSs are used. User identities: Various identities may be associated with IMS: IP multimedia private identity (IMPI), IP multimedia public identity (IMPU), globally routable user agent URI (GRUU), wildcarded public user identity. Both IMPI and IMPU are not phone numbers or other series of digits, but uniform resource identifier (URIs), that can be digits (a Tel URI, such as tel:+1-555-123-4567) or alphanumeric identifiers (a SIP URI, such as sip:[email protected] ). IP Multimedia Private Identity: The IP Multimedia Private Identity (IMPI) is a unique permanently allocated global identity assigned by the home network operator. It has the form of a Network Access Identifier(NAI) i.e. user.name@domain, and is used, for example, for Registration, Authorization, Administration, and Accounting purposes. Every IMS user shall have one IMPI. IP Multimedia Public Identity: The IP Multimedia Public Identity (IMPU) is used by any user for requesting communications to other users (e.g. this might be included on a business card). Also known as Address of Record (AOR). There can be multiple IMPU per IMPI. The IMPU can also be shared with another phone, so that both can be reached with the same identity (for example, a single phone-number for an entire family). Globally Routable User Agent URI: Globally Routable User Agent URI (GRUU) is an identity that identifies a unique combination of IMPU and UE instance. There are two types of GRUU: Public-GRUU (P-GRUU) and Temporary GRUU (T-GRUU). P-GRUU reveal the IMPU and are very long lived. T-GRUU do not reveal the IMPU and are valid until the contact is explicitly de-registered or the current registration expires Wildcarded Public User Identity: A wildcarded Public User Identity expresses a set of IMPU grouped together. The HSS subscriber database contains the IMPU, IMPI, IMSI, MSISDN, subscriber service profiles, service triggers, and other information. ==== Call Session Control Function (CSCF) ==== Several roles of SIP servers or proxies, collectively called Call Session Control Function (CSCF), are used to process SIP sign
Hardware trojan
A hardware trojan (HT) is a malicious modification of the circuitry of an integrated circuit. A hardware trojan is completely characterized by its physical representation and its behavior. The payload of an HT is the entire activity that the Trojan executes when it is triggered. In general, trojans try to bypass or disable the security fence of a system: for example, leaking confidential information by radio emission. HTs also could disable, damage or destroy the entire chip or components of it. Hardware trojans may be introduced as hidden front-doors that are inserted while designing a computer chip, by using a pre-made application-specific integrated circuit (ASIC) semiconductor intellectual property core (IP core) that have been purchased from a non-reputable source, or inserted internally by a rogue employee, either acting on their own, or on behalf of rogue special interest groups, or state sponsored spying and espionage. One paper published by IEEE in 2015 explains how a hardware design containing a trojan could leak a cryptographic key leaked over an antenna or network connection, provided that the correct "easter egg" trigger is applied to activate the data leak. In high security governmental IT departments, hardware trojans are a well known problem when buying hardware such as: a KVM switch, keyboards, mice, network cards, or other network equipment. This is especially the case when purchasing such equipment from non-reputable sources that could have placed hardware trojans to leak keyboard passwords, or provide remote unauthorized entry. == Background == In a diverse global economy, outsourcing of production tasks is a common way to lower a product's cost. Embedded hardware devices are not always produced by the firms that design and/or sell them, nor in the same country where they will be used. Outsourced manufacturing can raise doubt about the evidence for the integrity of the manufactured product (i.e., one's certainty that the end-product has no design modifications compared to its original design). Anyone with access to the manufacturing process could, in theory, introduce some change to the final product. For complex products, small changes with large effects can be difficult to detect. The threat of a serious, malicious, design alteration can be especially relevant to government agencies. Resolving doubt about hardware integrity is one way to reduce technology vulnerabilities in the military, finance, energy and political sectors of an economy. Since fabrication of integrated circuits in untrustworthy factories is common, advanced detection techniques have emerged to discover when an adversary has hidden additional components in, or otherwise sabotaged, the circuit's function. == Characterization of hardware trojans == An HT can be characterized by several methods such as by its physical representation, activation phase and its action phase. Alternative methods characterize the HT by trigger, payload and stealth. === Physical characteristics === One of this physical trojan characteristics is the type. The type of a trojan can be either functional or parametric. A trojan is functional if the adversary adds or deletes any transistors or gates to the original chip design. The other kind of trojan, the parametric trojan, modifies the original circuitry, e.g. thinning of wires, weakening of flip-flops or transistors, subjecting the chip to radiation, or using focused ion-beams (FIB) to reduce the reliability of a chip. The size of a trojan is its physical extension or the number of components it is made of. Because a trojan can consist of many components, the designer can distribute the parts of a malicious logic on the chip. The additional logic can occupy the chip wherever it is needed to modify, add, or remove a function. Malicious components can be scattered, called loose distribution, or consist of only few components, called tight distribution, so the area is small where the malicious logic occupies the layout of the chip. In some cases, high-effort adversaries in may regenerate the layout so that the placement of the components of the IC is altered. In rare cases the chip dimension is altered. These changes are structural alterations. === Activation characteristics === The typical trojan is condition-based: It is triggered by sensors, internal logic states, a particular input pattern or an internal counter value. Condition-based trojans are detectable with power traces to some degree when inactive. That is due to the leakage currents generated by the trigger or counter circuit activating the trojan. Hardware trojans can be triggered in different ways. A trojan can be internally activated, which means it monitors one or more signals inside the IC. The malicious circuitry could wait for a count down logic an attacker added to the chip, so that the trojan awakes after a specific time-span. The opposite is externally activated. There can be malicious logic inside a chip, that uses an antenna or other sensors the adversary can reach from outside the chip. For example, a trojan could be inside the control system of a cruising missile. The owner of the missile does not know, that the enemy will be able to switch off the rockets by radio. A trojan which is always-on can be a reduced wire. A chip that is modified in this way produces errors or fails every time the wire is used intensely. Always-on circuits are hard to detect with power trace. In this context combinational trojans and sequential trojans are distinguished. A combinational trojan monitors internal signals until a specific condition happens. A sequential trojan is also an internally activated condition-based circuit, but it monitors the internal signals and searches for sequences not for a specific state or condition like the combinational trojans do. ==== Cryptographic key extraction ==== Extraction of secret keys by means of a hardware trojan without detecting the trojan requires that the trojan uses a random signal or some cryptographic implementation itself. To avoid storing a cryptographic key in the trojan itself and reduction, a physical unclonable function can be used. Physical unclonable functions are small in size and can have an identical layout while the cryptographic properties are different. === Action characteristics === A HT could modify the chip's function or could change the chip's parametric properties (e.g. provokes a process delay). Confidential information can also be transmitted to the adversary (transmission of key information). === Peripheral device hardware trojans === A relatively new threat vector to networks and network endpoints is a HT appearing as a physical peripheral device that is designed to interact with the network endpoint using the approved peripheral device's communication protocol. For example, a USB keyboard that hides all malicious processing cycles from the target network endpoint to which it is attached by communicating with the target network endpoint using unintended USB channels. Once sensitive data is ex-filtrated from the target network endpoint to the HT, the HT can process the data and decide what to do with the data: store the data to memory for later physical retrieval of the HT or possibly ex-filtrate the data to the internet using wireless or using the compromised network endpoint as a pivot. == Potential of threat == A common trojan is passive most of the time-span an altered device is in use. If a trojan is activated the device functionality can be changed, the device can be destroyed or disabled, the device can leak confidential information or the HT may tear down the security and safety of the device. Trojans are stealthy, to avoid detection of the trojan the precondition for activation is a very rare event. Traditional testing techniques are not sufficient. A manufacturing fault happens at a random position while malicious changes are well placed to avoid detection. == Detection == === Physical inspection === First, the molding coat is cut to reveal the circuitry. Then, the engineer repeatedly scans the surface while grinding the layers of the chip. There are several operations to scan the circuitry. Typical visual inspection methods are: scanning optical microscopy (SOM), scanning electron microscopy (SEM), pico-second imaging circuit analysis (PICA), voltage contrast imaging (VCI), light induced voltage alteration (LIVA) or charge induced voltage alteration (CIVA). To compare the floor plan of the chip has to be compared with the image of the actual chip. This is still quite challenging to do. To detect Trojan hardware which include (crypto) keys which are different, an image diff can be taken to reveal the different structure on the chip. The only known hardware Trojan using unique crypto keys but having the same structure is. This property enhances the undetectability of the trojan. === Functional testing === This detection method stimulates the input ports of a chip and monitors the output
Anomaly detection
In data analysis, anomaly detection (also referred to as outlier detection and sometimes as novelty detection) is generally understood to be the identification of rare items, events or observations which deviate significantly from the majority of the data and do not conform to a well defined notion of normal behavior. Such examples may arouse suspicions of being generated by a different mechanism, or appear inconsistent with the remainder of that set of data. Anomaly detection finds application in many domains including cybersecurity, medicine, machine vision, statistics, neuroscience, law enforcement and financial fraud to name only a few. Anomalies were initially searched for clear rejection or omission from the data to aid statistical analysis, for example to compute the mean or standard deviation. They were also removed to better predictions from models such as linear regression, and more recently their removal aids the performance of machine learning algorithms. However, in many applications anomalies themselves are of interest and are the observations most desirous in the entire data set, which need to be identified and separated from noise or irrelevant outliers. Three broad categories of anomaly detection techniques exist. Supervised anomaly detection techniques require a data set that has been labeled as "normal" and "abnormal" and involves training a classifier. However, this approach is rarely used in anomaly detection due to the general unavailability of labelled data and the inherent unbalanced nature of the classes. Semi-supervised anomaly detection techniques assume that some portion of the data is labelled. This may be any combination of the normal or anomalous data, but more often than not, the techniques construct a model representing normal behavior from a given normal training data set, and then test the likelihood of a test instance to be generated by the model. Unsupervised anomaly detection techniques assume the data is unlabelled and are by far the most commonly used due to their wider and relevant application. == Definition == Many attempts have been made in the statistical and computer science communities to define an anomaly. The most prevalent ones include the following, and can be categorised into three groups: those that are ambiguous, those that are specific to a method with pre-defined thresholds usually chosen empirically, and those that are formally defined: === Ill defined === An outlier is an observation which deviates so much from the other observations as to arouse suspicions that it was generated by a different mechanism. Anomalies are instances or collections of data that occur very rarely in the data set and whose features differ significantly from most of the data. An outlier is an observation (or subset of observations) which appears to be inconsistent with the remainder of that set of data. An anomaly is a point or collection of points that is relatively distant from other points in multi-dimensional space of features. Anomalies are patterns in data that do not conform to a well-defined notion of normal behaviour. === Specific === Let T be observations from a univariate Gaussian distribution and O a point from T. Then the z-score for O is greater than a pre-selected threshold if and only if O is an outlier. == History == === Intrusion detection === The concept of intrusion detection, a critical component of anomaly detection, has evolved significantly over time. Initially, it was a manual process where system administrators would monitor for unusual activities, such as a vacationing user's account being accessed or unexpected printer activity. This approach was not scalable and was soon superseded by the analysis of audit logs and system logs for signs of malicious behavior. By the late 1970s and early 1980s, the analysis of these logs was primarily used retrospectively to investigate incidents, as the volume of data made it impractical for real-time monitoring. The affordability of digital storage eventually led to audit logs being analyzed online, with specialized programs being developed to sift through the data. These programs, however, were typically run during off-peak hours due to their computational intensity. The 1990s brought the advent of real-time intrusion detection systems capable of analyzing audit data as it was generated, allowing for immediate detection of and response to attacks. This marked a significant shift towards proactive intrusion detection. As the field has continued to develop, the focus has shifted to creating solutions that can be efficiently implemented across large and complex network environments, adapting to the ever-growing variety of security threats and the dynamic nature of modern computing infrastructures. == Applications == Anomaly detection is applicable in a very large number and variety of domains, and is an important subarea of unsupervised machine learning. As such it has applications in cyber-security, intrusion detection, fraud detection, fault detection, system health monitoring, event detection in sensor networks, detecting ecosystem disturbances, defect detection in images using machine vision, medical diagnosis and law enforcement. === Intrusion detection === Anomaly detection was proposed for intrusion detection systems (IDS) by Dorothy Denning in 1986. Anomaly detection for IDS is normally accomplished with thresholds and statistics, but can also be done with soft computing, and inductive learning. Types of features proposed by 1999 included profiles of users, workstations, networks, remote hosts, groups of users, and programs based on frequencies, means, variances, covariances, and standard deviations. The counterpart of anomaly detection in intrusion detection is misuse detection. === Fintech fraud detection === Anomaly detection is vital in fintech for fraud prevention. === Preprocessing === Preprocessing data to remove anomalies can be an important step in data analysis, and is done for a number of reasons. Statistics such as the mean and standard deviation are more accurate after the removal of anomalies, and the visualisation of data can also be improved. In supervised learning, removing the anomalous data from the dataset often results in a statistically significant increase in accuracy. === Video surveillance === Anomaly detection has become increasingly vital in video surveillance to enhance security and safety. With the advent of deep learning technologies, methods using Convolutional Neural Networks (CNNs) and Simple Recurrent Units (SRUs) have shown significant promise in identifying unusual activities or behaviors in video data. These models can process and analyze extensive video feeds in real-time, recognizing patterns that deviate from the norm, which may indicate potential security threats or safety violations. An important aspect for video surveillance is the development of scalable real-time frameworks. Such pipelines are required for processing multiple video streams with low computational resources. === IT infrastructure === In IT infrastructure management, anomaly detection is crucial for ensuring the smooth operation and reliability of services. These are complex systems, composed of many interactive elements and large data quantities, requiring methods to process and reduce this data into a human and machine interpretable format. Techniques like the IT Infrastructure Library (ITIL) and monitoring frameworks are employed to track and manage system performance and user experience. Detected anomalies can help identify and pre-empt potential performance degradations or system failures, thus maintaining productivity and business process effectiveness. === IoT systems === Anomaly detection is critical for the security and efficiency of Internet of Things (IoT) systems. It helps in identifying system failures and security breaches in complex networks of IoT devices. The methods must manage real-time data, diverse device types, and scale effectively. Garg et al. have introduced a multi-stage anomaly detection framework that improves upon traditional methods by incorporating spatial clustering, density-based clustering, and locality-sensitive hashing. This tailored approach is designed to better handle the vast and varied nature of IoT data, thereby enhancing security and operational reliability in smart infrastructure and industrial IoT systems. === Petroleum industry === Anomaly detection is crucial in the petroleum industry for monitoring critical machinery. A 2015 paper proposed a novel segmentation algorithm using support vector machines to analyze sensor data for real-time anomaly detection. === Oil and gas pipeline monitoring === In the oil and gas sector, anomaly detection is not just crucial for maintenance and safety, but also for environmental protection. Aljameel et al. propose an advanced machine learning-based model for detecting minor leaks in oil and gas pipelines, a task traditional methods may miss.
Static web page
A static web page, sometimes called a flat page or a stationary page, is a web page that is delivered to a web browser exactly as stored, in contrast to dynamic web pages which are generated by a web application. Consequently, a static web page displays the same information for all users, from all contexts, subject to modern capabilities of a web server to negotiate content-type or language of the document where such versions are available and the server is configured to do so. However, a webpage's JavaScript can introduce dynamic functionality which may make the static web page dynamic. == Overview == Static web pages are often HTML documents, stored as files in the file system and made available by the web server over HTTP (nevertheless URLs ending with ".html" are not always static). However, loose interpretations of the term could include web pages stored in a database, and could even include pages formatted using a template and served through an application server, as long as the page served is unchanging and presented essentially as stored. The content of static web pages remains stationary irrespective of the number of times it is viewed. Such web pages are suitable for the contents that rarely need to be updated, though modern web template systems are changing this. Maintaining large numbers of static pages as files can be impractical without automated tools, such as static site generators. Any personalization or interactivity has to run client-side, which is restricting. Cloud-based website builders, including Wix, Weebly, and Duda, offer no-code platforms for creating static and dynamic web pages through graphical interfaces, without requiring programming expertise. === Advantages === Provide improved security over dynamic websites (dynamic websites are at risk to web shell attacks if a vulnerability is present) Improved performance for end users compared to dynamic websites Fewer or no dependencies on systems such as databases or other application servers Cost savings from utilizing cloud storage, as opposed to a hosted environment Security configurations are easy to set up, which makes it more secure Static files can be cached by content delivery networks (CDNs) and other intermediate caches, which both reduces page load times at the user and also reduces load on the origin server. Static websites can have improved uptime, since they are still available through any available CDN exit node even when other CDN nodes or the origin webserver are temporarily offline. === Disadvantages === Dynamic functionality must be performed on the client side. After each update of a static website, some or all users may see old, stale, outdated previous versions instead of the latest version until the old version is flushed from CDNs and other caches. == Static site generators == Static site generators are applications that compile static websites - typically populating HTML templates in a predefined folder and file structure, with content supplied in a format such as Markdown or AsciiDoc. === Implementations === Jekyll (powers GitHub Pages) Middleman Hugo Next.js Astro.build Pelican Franklin