Python

“”” Test script for module a1 When run as a script, this module invokes several procedures that test the various functions in the module a1. Author: Anqi Bai/Hongyi Lu NetId:ab2897/hl2374 Date: 9/22/2019 “”” import introcs import a1 #Testing function before_space and after_space def testA(): “”” Test Procedure for Part A Testing function before_space and after_space “”” print(‘Testing function before_space’) #testing strings with one space result = a1.before_space(‘2 Bitcon’) introcs.assert_equals(‘2’,result) #testing strings with only space result = a1.before_space(‘ ‘) introcs.assert_equals(”,result) #testing strings with more than one spaces result = a1.before_space(‘6 Japanese Yen’) introcs.assert_equals(‘6’,result) #testing strings with more than one consective spaces result = a1.before_space(‘6 CubanPeso’) introcs.assert_equals(‘6’,result) print(‘Testing function after_space’) #testing strings with one space result = a1.after_space(‘2 Bitcon’) introcs.assert_equals(‘Bitcon’,result) #testing strings with only space result = a1.after_space(‘ ‘) introcs.assert_equals(”,result) #testing strings with more than one spaces result = a1.after_space(‘6 Japanese Yen’) introcs.assert_equals(‘Japanese Yen’,result) #testing strings with more than one consective spaces result = a1.after_space(‘6 CubanPeso’) introcs.assert_equals(‘ CubanPeso’,result) #Testing function first_inside_quotes, get_lhs, get_rhs and has_error def testB(): “”” Test procedure for Part B Testing function first_inside_quotes, get_lhs, get_rhs and has_error “”” print(‘Testing function first_inside_quotes’) #test strings with two quotes result = a1.first_inside_quotes(‘A “B C” D’) introcs.assert_equals(‘B C’,result) #test strings with nothing in quotes result = a1.first_inside_quotes(‘””‘) introcs.assert_equals(”,result) #test strings with all strings in two quotes result = a1.first_inside_quotes(‘”A B C D E F”‘) introcs.assert_equals(‘A B C D E F’,result) #test strings with more than two quotes result = a1.first_inside_quotes(‘A “B C” “D” “E” F’) introcs.assert_equals(‘B C’,result) print(‘Testing function get_lhs’) #Testing json with valid currency and amount result = a1.get_lhs(‘{ “ok”:true, “lhs”:”1 Bitcoin’+ ‘”, “rhs”:”9916.0137939344 Euros”, “err”:”” }’) introcs.assert_equals(‘1 Bitcoin’,result) #Testing json with invalid currency and amount result = a1.get_lhs(‘{ “ok”:false, “lhs”:””, “rhs”:””,’+ ‘ “err”:”Source currency code is invalid.” }’) introcs.assert_equals(”,result) print(‘Testing function get_rhs’) #Testing json with valid currency and amount result = a1.get_rhs(‘{ “ok”:true, “lhs”:”1 Bitcion”, ‘+ ‘”rhs”:”9916.0137 Euros”, “err”:”” }’) introcs.assert_equals(‘9916.0137 Euros’,result) #Testing json with valid currency and amount result = a1.get_rhs(‘{ “ok”:true, “lhs”:”1 Bitcion”,’+ ‘ “rhs”:”233 AED”, “err”:”” }’) introcs.assert_equals(‘233 AED’,result) #Testing json with invalid currency and amount result = a1.get_rhs(‘{ “ok”:false, “lhs”:””, “rhs”:””,’+ ‘ “err”:”Source currency code is invalid.” }’) introcs.assert_equals(”,result) print(‘Testing function has_error’) #Testing Json that is a response for invalid currency result = a1.has_error(‘{ “ok”:True, “lhs”:”1 Bitcoin”, ‘+ ‘”rhs”:”9916.0137 Euros”, “err”:”” }’) introcs.assert_equals(False,result) #Testing Json that is a response for valid currency result = a1.has_error(‘{ “ok”:false, “lhs”:””, “rhs”:””, ‘+ ‘”err”:”Source currency code is invalid.” }’) introcs.assert_equals(True,result) #Testing function currency_response def testC(): “”” Test procedure for Part C Testing function currency_response “”” print(‘Testing function currency_response’) #Testing with proper currency code and amount (same currency) result = a1.currency_response(‘USD’,’USD’,1.0) introcs.assert_equals(‘{ “ok”:true, “lhs”:”1 United States ‘+ ‘Dollar”, “rhs”:”1 United States Dollar”, “err”:”” }’,result) #Testing with proper currency code and amount result = a1.currency_response(‘AUD’,’USD’,2.0) introcs.assert_equals(‘{ “ok”:true, “lhs”:”2 Australian Dollars”, ‘+ ‘”rhs”:”1.4041334881625 United States Dollars”, “err”:”” }’,result) #Testing with improper currency code and amount with one invalid currency result = a1.currency_response(‘USD’,’ABC’,3.0) introcs.assert_equals(‘{ “ok”:false, “lhs”:””, “rhs”:””‘+ ‘, “err”:”Exchange currency code is invalid.” }’,result) #Testing with improper currency code and amount with two invalid currencies result = a1.currency_response(‘TYU’,’ABC’,3.0) introcs.assert_equals(‘{ “ok”:false, “lhs”:””, “rhs”:””, ‘+ ‘”err”:”Source currency code is invalid.” }’,result) #Testing function is_currency and exchange def testD(): “”” Test Procedure for Part D Testing function is_currency and exchange “”” print(‘Testing function is_currency’) #Testing with valid currency code result = a1.is_currency(‘USD’) introcs.assert_equals(True,result) #Testing with valid currency code result = a1.is_currency(‘CNY’) introcs.assert_equals(True,result) #Testing with invalid currency code result = a1.is_currency(‘ZZZ’) introcs.assert_equals(False,result) print(‘Testing function exchange’) #Testing with valid same currency and amount result = a1.exchange(‘USD’,’USD’,666.0) introcs.assert_floats_equal(666.0,result) #Testing with valid currency and amount with multiple decimals result = a1.exchange(‘USD’,’JPY’,666.0) introcs.assert_floats_equal(71871.39,result) testA() testB() testC() testD() print(‘Module a1 passed all tests.’)

 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!

Help With Microsoft Excel 2013 Assignment!!!

Advertising Order Form

Jesse Jewelers
Advertising Order Form
Name A-1 Services
Number RS-1988
Order Date 16-Mar
Item Description Quantity Type Unit Price Order Amount
$ –
Total:

Advertising Rate Information

Jesse Jewelers
Advertising Rate List
Code Description Unit Price
D-TV Global News Newspaper, Travel Section $ 5,352
A-NW New York Travel Magazine, two-page ad $ 2,746
B-BB Houston Billboard $ 1,450
D-IN AvantClothes.com $ 1,713
A-MG New York Travel Magazine, one-page ad $ 1,528
D-R Travel Tours Magazine $ 2,751
D-PH Southwest Tourist Magazine $ 2,889
 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!

Implementing Access Controls With Windows Active Directory

1. Relate how Windows Server 2012 Active Directory and the configuration of

access controls achieve CIA for departmental LANs, departmental folders, and

data.

2. Is it a good practice to include the account or user name in the password? Why

or why not?

3. To enhance the strength of user passwords, what are some of the best

practices to implement for user password definitions to maximize

confidentiality?

4. Can a user who is defined in Active Directory access a shared drive on a

computer if the server with the shared drive is not part of the domain?

5. When granting access to network systems for guests (i.e., auditors,

consultants, third-party individuals, etc.), what security controls do you

recommend implementing to maximize CIA of production systems and data?

6. In the Access Controls Criteria table, what sharing changes were made to the

MGRfiles folder on the TargetWindows01 server?

7. In the Access Controls Criteria table, what sharing changes were made on the

TargetWindows01 server to allow ShopFloor users to read/write files in the

C:\LabDocuments\SFfiles folder?

8. In the Access Controls Criteria table, what sharing changes were made on the

TargetWindows01 server to allow HumanResources users to access files in

the C:\LabDocuments\HRfiles folder?

9. Explain how CIA can be achieved down to the folder and data file access level

for departments and users using Active Directory and Windows Server 2012

R2 access control configurations. Configuring unique access controls for

different user types is an example of which kind of access controls

complete all the 9questions in the pdf provided

 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!

Artificial Intelligence Midterm Exam

Artificial Intelligence A Modern Approach

Third Edition

 

 

PRENTICE HALL SERIES IN ARTIFICIAL INTELLIGENCE Stuart Russell and Peter Norvig, Editors

FORSYTH & PONCE Computer Vision: A Modern Approach GRAHAM ANSI Common Lisp JURAFSKY & MARTIN Speech and Language Processing, 2nd ed. NEAPOLITAN Learning Bayesian Networks RUSSELL & NORVIG Artificial Intelligence: A Modern Approach, 3rd ed.

 

 

Artificial Intelligence A Modern Approach

Third Edition

Stuart J. Russell and Peter Norvig

Contributing writers: Ernest Davis

Douglas D. Edwards David Forsyth

Nicholas J. Hay Jitendra M. Malik

Vibhu Mittal Mehran Sahami Sebastian Thrun

Upper Saddle River Boston Columbus San Francisco New York Indianapolis London Toronto Sydney Singapore Tokyo Montreal

Dubai Madrid Hong Kong Mexico City Munich Paris Amsterdam Cape Town

 

 

Vice President and Editorial Director, ECS: Marcia J. Horton Editor-in-Chief: Michael Hirsch Executive Editor: Tracy Dunkelberger Assistant Editor: Melinda Haggerty Editorial Assistant: Allison Michael Vice President, Production: Vince O’Brien Senior Managing Editor: Scott Disanno Production Editor: Jane Bonnell Senior Operations Supervisor: Alan Fischer Operations Specialist: Lisa McDowell Marketing Manager: Erin Davis Marketing Assistant: Mack Patterson Cover Designers: Kirsten Sims and Geoffrey Cassar Cover Images: Stan Honda/Getty, Library of Congress, NASA, National Museum of Rome,

Peter Norvig, Ian Parker, Shutterstock, Time Life/Getty Interior Designers: Stuart Russell and Peter Norvig Copy Editor: Mary Lou Nohr Art Editor: Greg Dulles Media Editor: Daniel Sandin Media Project Manager: Danielle Leone

Copyright c© 2010, 2003, 1995 by Pearson Education, Inc., Upper Saddle River, New Jersey 07458. All rights reserved. Manufactured in the United States of America. This publication is protected by Copyright and permissions should be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or likewise. To obtain permission(s) to use materials from this work, please submit a written request to Pearson Higher Education, Permissions Department, 1 Lake Street, Upper Saddle River, NJ 07458.

The author and publisher of this book have used their best efforts in preparing this book. These efforts include the development, research, and testing of the theories and programs to determine their effectiveness. The author and publisher make no warranty of any kind, expressed or implied, with regard to these programs or the documentation contained in this book. The author and publisher shall not be liable in any event for incidental or consequential damages in connection with, or arising out of, the furnishing, performance, or use of these programs.

Library of Congress Cataloging-in-Publication Data on File

10 9 8 7 6 5 4 3 2 1 ISBN-13: 978-0-13-604259-4 ISBN-10: 0-13-604259-7

 

 

For Loy, Gordon, Lucy, George, and Isaac — S.J.R.

For Kris, Isabella, and Juliet — P.N.

 

 

This page intentionally left blank

 

 

Preface Artificial Intelligence (AI) is a big field, and this is a big book. We have tried to explore the full breadth of the field, which encompasses logic, probability, and continuous mathematics; perception, reasoning, learning, and action; and everything from microelectronic devices to robotic planetary explorers. The book is also big because we go into some depth.

The subtitle of this book is “A Modern Approach.” The intended meaning of this rather empty phrase is that we have tried to synthesize what is now known into a common frame- work, rather than trying to explain each subfield of AI in its own historical context. We apologize to those whose subfields are, as a result, less recognizable.

New to this edition This edition captures the changes in AI that have taken place since the last edition in 2003. There have been important applications of AI technology, such as the widespread deploy- ment of practical speech recognition, machine translation, autonomous vehicles, and house- hold robotics. There have been algorithmic landmarks, such as the solution of the game of checkers. And there has been a great deal of theoretical progress, particularly in areas such as probabilistic reasoning, machine learning, and computer vision. Most important from our point of view is the continued evolution in how we think about the field, and thus how we organize the book. The major changes are as follows:

• We place more emphasis on partially observable and nondeterministic environments, especially in the nonprobabilistic settings of search and planning. The concepts of belief state (a set of possible worlds) and state estimation (maintaining the belief state) are introduced in these settings; later in the book, we add probabilities.

• In addition to discussing the types of environments and types of agents, we now cover in more depth the types of representations that an agent can use. We distinguish among atomic representations (in which each state of the world is treated as a black box), factored representations (in which a state is a set of attribute/value pairs), and structured representations (in which the world consists of objects and relations between them).

• Our coverage of planning goes into more depth on contingent planning in partially observable environments and includes a new approach to hierarchical planning.

• We have added new material on first-order probabilistic models, including open-universe models for cases where there is uncertainty as to what objects exist.

• We have completely rewritten the introductory machine-learning chapter, stressing a wider variety of more modern learning algorithms and placing them on a firmer theo- retical footing.

• We have expanded coverage of Web search and information extraction, and of tech- niques for learning from very large data sets.

• 20% of the citations in this edition are to works published after 2003.

• We estimate that about 20% of the material is brand new. The remaining 80% reflects older work but has been largely rewritten to present a more unified picture of the field.

vii

 

 

viii Preface

Overview of the book The main unifying theme is the idea of an intelligent agent. We define AI as the study of agents that receive percepts from the environment and perform actions. Each such agent im- plements a function that maps percept sequences to actions, and we cover different ways to represent these functions, such as reactive agents, real-time planners, and decision-theoretic systems. We explain the role of learning as extending the reach of the designer into unknown environments, and we show how that role constrains agent design, favoring explicit knowl- edge representation and reasoning. We treat robotics and vision not as independently defined problems, but as occurring in the service of achieving goals. We stress the importance of the task environment in determining the appropriate agent design.

Our primary aim is to convey the ideas that have emerged over the past fifty years of AI research and the past two millennia of related work. We have tried to avoid excessive formal- ity in the presentation of these ideas while retaining precision. We have included pseudocode algorithms to make the key ideas concrete; our pseudocode is described in Appendix B.

This book is primarily intended for use in an undergraduate course or course sequence. The book has 27 chapters, each requiring about a week’s worth of lectures, so working through the whole book requires a two-semester sequence. A one-semester course can use selected chapters to suit the interests of the instructor and students. The book can also be used in a graduate-level course (perhaps with the addition of some of the primary sources suggested in the bibliographical notes). Sample syllabi are available at the book’s Web site, aima.cs.berkeley.edu. The only prerequisite is familiarity with basic concepts of computer science (algorithms, data structures, complexity) at a sophomore level. Freshman calculus and linear algebra are useful for some of the topics; the required mathematical back- ground is supplied in Appendix A.

Exercises are given at the end of each chapter. Exercises requiring significant pro- gramming are marked with a keyboard icon. These exercises can best be solved by taking advantage of the code repository at aima.cs.berkeley.edu. Some of them are large enough to be considered term projects. A number of exercises require some investigation of the literature; these are marked with a book icon.

Throughout the book, important points are marked with a pointing icon. We have in- cluded an extensive index of around 6,000 items to make it easy to find things in the book. Wherever a new term is first defined, it is also marked in the margin.NEW TERM

About the Web site aima.cs.berkeley.edu, the Web site for the book, contains

• implementations of the algorithms in the book in several programming languages, • a list of over 1000 schools that have used the book, many with links to online course

materials and syllabi, • an annotated list of over 800 links to sites around the Web with useful AI content, • a chapter-by-chapter list of supplementary material and links, • instructions on how to join a discussion group for the book,

 

 

Preface ix

• instructions on how to contact the authors with questions or comments,

• instructions on how to report errors in the book, in the likely event that some exist, and

• slides and other materials for instructors.

About the cover The cover depicts the final position from the decisive game 6 of the 1997 match between chess champion Garry Kasparov and program DEEP BLUE. Kasparov, playing Black, was forced to resign, making this the first time a computer had beaten a world champion in a chess match. Kasparov is shown at the top. To his left is the Asimo humanoid robot and to his right is Thomas Bayes (1702–1761), whose ideas about probability as a measure of belief underlie much of modern AI technology. Below that we see a Mars Exploration Rover, a robot that landed on Mars in 2004 and has been exploring the planet ever since. To the right is Alan Turing (1912–1954), whose fundamental work defined the fields of computer science in general and artificial intelligence in particular. At the bottom is Shakey (1966– 1972), the first robot to combine perception, world-modeling, planning, and learning. With Shakey is project leader Charles Rosen (1917–2002). At the bottom right is Aristotle (384 B.C.–322 B.C.), who pioneered the study of logic; his work was state of the art until the 19th century (copy of a bust by Lysippos). At the bottom left, lightly screened behind the authors’ names, is a planning algorithm by Aristotle from De Motu Animalium in the original Greek. Behind the title is a portion of the CPSC Bayesian network for medical diagnosis (Pradhan et al., 1994). Behind the chess board is part of a Bayesian logic model for detecting nuclear explosions from seismic signals.

Credits: Stan Honda/Getty (Kasparaov), Library of Congress (Bayes), NASA (Mars rover), National Museum of Rome (Aristotle), Peter Norvig (book), Ian Parker (Berkeley skyline), Shutterstock (Asimo, Chess pieces), Time Life/Getty (Shakey, Turing).

Acknowledgments This book would not have been possible without the many contributors whose names did not make it to the cover. Jitendra Malik and David Forsyth wrote Chapter 24 (computer vision) and Sebastian Thrun wrote Chapter 25 (robotics). Vibhu Mittal wrote part of Chapter 22 (natural language). Nick Hay, Mehran Sahami, and Ernest Davis wrote some of the exercises. Zoran Duric (George Mason), Thomas C. Henderson (Utah), Leon Reznik (RIT), Michael Gourley (Central Oklahoma) and Ernest Davis (NYU) reviewed the manuscript and made helpful suggestions. We thank Ernie Davis in particular for his tireless ability to read multiple drafts and help improve the book. Nick Hay whipped the bibliography into shape and on deadline stayed up to 5:30 AM writing code to make the book better. Jon Barron formatted and improved the diagrams in this edition, while Tim Huang, Mark Paskin, and Cynthia Bruyns helped with diagrams and algorithms in previous editions. Ravi Mohan and Ciaran O’Reilly wrote and maintain the Java code examples on the Web site. John Canny wrote the robotics chapter for the first edition and Douglas Edwards researched the historical notes. Tracy Dunkelberger, Allison Michael, Scott Disanno, and Jane Bonnell at Pearson tried their best to keep us on schedule and made many helpful suggestions. Most helpful of all has

 

 

x Preface

been Julie Sussman, P.P.A., who read every chapter and provided extensive improvements. In previous editions we had proofreaders who would tell us when we left out a comma and said which when we meant that; Julie told us when we left out a minus sign and said xi when we meant xj . For every typo or confusing explanation that remains in the book, rest assured that Julie has fixed at least five. She persevered even when a power failure forced her to work by lantern light rather than LCD glow.

Stuart would like to thank his parents for their support and encouragement and his wife, Loy Sheflott, for her endless patience and boundless wisdom. He hopes that Gordon, Lucy, George, and Isaac will soon be reading this book after they have forgiven him for working so long on it. RUGS (Russell’s Unusual Group of Students) have been unusually helpful, as always.

Peter would like to thank his parents (Torsten and Gerda) for getting him started, and his wife (Kris), children (Bella and Juliet), colleagues, and friends for encouraging and tolerating him through the long hours of writing and longer hours of rewriting.

We both thank the librarians at Berkeley, Stanford, and NASA and the developers of CiteSeer, Wikipedia, and Google, who have revolutionized the way we do research. We can’t acknowledge all the people who have used the book and made suggestions, but we would like to note the especially helpful comments of Gagan Aggarwal, Eyal Amir, Ion Androutsopou- los, Krzysztof Apt, Warren Haley Armstrong, Ellery Aziel, Jeff Van Baalen, Darius Bacon, Brian Baker, Shumeet Baluja, Don Barker, Tony Barrett, James Newton Bass, Don Beal, Howard Beck, Wolfgang Bibel, John Binder, Larry Bookman, David R. Boxall, Ronen Braf- man, John Bresina, Gerhard Brewka, Selmer Bringsjord, Carla Brodley, Chris Brown, Emma Brunskill, Wilhelm Burger, Lauren Burka, Carlos Bustamante, Joao Cachopo, Murray Camp- bell, Norman Carver, Emmanuel Castro, Anil Chakravarthy, Dan Chisarick, Berthe Choueiry, Roberto Cipolla, David Cohen, James Coleman, Julie Ann Comparini, Corinna Cortes, Gary Cottrell, Ernest Davis, Tom Dean, Rina Dechter, Tom Dietterich, Peter Drake, Chuck Dyer, Doug Edwards, Robert Egginton, Asma’a El-Budrawy, Barbara Engelhardt, Kutluhan Erol, Oren Etzioni, Hana Filip, Douglas Fisher, Jeffrey Forbes, Ken Ford, Eric Fosler-Lussier, John Fosler, Jeremy Frank, Alex Franz, Bob Futrelle, Marek Galecki, Stefan Gerberding, Stuart Gill, Sabine Glesner, Seth Golub, Gosta Grahne, Russ Greiner, Eric Grimson, Bar- bara Grosz, Larry Hall, Steve Hanks, Othar Hansson, Ernst Heinz, Jim Hendler, Christoph Herrmann, Paul Hilfinger, Robert Holte, Vasant Honavar, Tim Huang, Seth Hutchinson, Joost Jacob, Mark Jelasity, Magnus Johansson, Istvan Jonyer, Dan Jurafsky, Leslie Kaelbling, Keiji Kanazawa, Surekha Kasibhatla, Simon Kasif, Henry Kautz, Gernot Kerschbaumer, Max Khesin, Richard Kirby, Dan Klein, Kevin Knight, Roland Koenig, Sven Koenig, Daphne Koller, Rich Korf, Benjamin Kuipers, James Kurien, John Lafferty, John Laird, Gus Lars- son, John Lazzaro, Jon LeBlanc, Jason Leatherman, Frank Lee, Jon Lehto, Edward Lim, Phil Long, Pierre Louveaux, Don Loveland, Sridhar Mahadevan, Tony Mancill, Jim Martin, Andy Mayer, John McCarthy, David McGrane, Jay Mendelsohn, Risto Miikkulanien, Brian Milch, Steve Minton, Vibhu Mittal, Mehryar Mohri, Leora Morgenstern, Stephen Muggleton, Kevin Murphy, Ron Musick, Sung Myaeng, Eric Nadeau, Lee Naish, Pandu Nayak, Bernhard Nebel, Stuart Nelson, XuanLong Nguyen, Nils Nilsson, Illah Nourbakhsh, Ali Nouri, Arthur Nunes-Harwitt, Steve Omohundro, David Page, David Palmer, David Parkes, Ron Parr, Mark

 

 

Preface xi

Paskin, Tony Passera, Amit Patel, Michael Pazzani, Fernando Pereira, Joseph Perla, Wim Pi- jls, Ira Pohl, Martha Pollack, David Poole, Bruce Porter, Malcolm Pradhan, Bill Pringle, Lor- raine Prior, Greg Provan, William Rapaport, Deepak Ravichandran, Ioannis Refanidis, Philip Resnik, Francesca Rossi, Sam Roweis, Richard Russell, Jonathan Schaeffer, Richard Scherl, Hinrich Schuetze, Lars Schuster, Bart Selman, Soheil Shams, Stuart Shapiro, Jude Shav- lik, Yoram Singer, Satinder Singh, Daniel Sleator, David Smith, Bryan So, Robert Sproull, Lynn Stein, Larry Stephens, Andreas Stolcke, Paul Stradling, Devika Subramanian, Marek Suchenek, Rich Sutton, Jonathan Tash, Austin Tate, Bas Terwijn, Olivier Teytaud, Michael Thielscher, William Thompson, Sebastian Thrun, Eric Tiedemann, Mark Torrance, Randall Upham, Paul Utgoff, Peter van Beek, Hal Varian, Paulina Varshavskaya, Sunil Vemuri, Vandi Verma, Ubbo Visser, Jim Waldo, Toby Walsh, Bonnie Webber, Dan Weld, Michael Wellman, Kamin Whitehouse, Michael Dean White, Brian Williams, David Wolfe, Jason Wolfe, Bill Woods, Alden Wright, Jay Yagnik, Mark Yasuda, Richard Yen, Eliezer Yudkowsky, Weixiong Zhang, Ming Zhao, Shlomo Zilberstein, and our esteemed colleague Anonymous Reviewer.

 

 

About the Authors Stuart Russell was born in 1962 in Portsmouth, England. He received his B.A. with first- class honours in physics from Oxford University in 1982, and his Ph.D. in computer science from Stanford in 1986. He then joined the faculty of the University of California at Berkeley, where he is a professor of computer science, director of the Center for Intelligent Systems, and holder of the Smith–Zadeh Chair in Engineering. In 1990, he received the Presidential Young Investigator Award of the National Science Foundation, and in 1995 he was cowinner of the Computers and Thought Award. He was a 1996 Miller Professor of the University of California and was appointed to a Chancellor’s Professorship in 2000. In 1998, he gave the Forsythe Memorial Lectures at Stanford University. He is a Fellow and former Executive Council member of the American Association for Artificial Intelligence. He has published over 100 papers on a wide range of topics in artificial intelligence. His other books include The Use of Knowledge in Analogy and Induction and (with Eric Wefald) Do the Right Thing: Studies in Limited Rationality.

Peter Norvig is currently Director of Research at Google, Inc., and was the director respon- sible for the core Web search algorithms from 2002 to 2005. He is a Fellow of the American Association for Artificial Intelligence and the Association for Computing Machinery. Previ- ously, he was head of the Computational Sciences Division at NASA Ames Research Center, where he oversaw NASA’s research and development in artificial intelligence and robotics, and chief scientist at Junglee, where he helped develop one of the first Internet information extraction services. He received a B.S. in applied mathematics from Brown University and a Ph.D. in computer science from the University of California at Berkeley. He received the Distinguished Alumni and Engineering Innovation awards from Berkeley and the Exceptional Achievement Medal from NASA. He has been a professor at the University of Southern Cal- ifornia and a research faculty member at Berkeley. His other books are Paradigms of AI Programming: Case Studies in Common Lisp and Verbmobil: A Translation System for Face- to-Face Dialog and Intelligent Help Systems for UNIX.

xii

 

 

Contents

I Artificial Intelligence

1 Introduction 1 1.1 What Is AI? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 The Foundations of Artificial Intelligence . . . . . . . . . . . . . . . . . . 5 1.3 The History of Artificial Intelligence . . . . . . . . . . . . . . . . . . . . 16 1.4 The State of the Art . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 1.5 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 29

2 Intelligent Agents 34 2.1 Agents and Environments . . . . . . . . . . . . . . . . . . . . . . . . . . 34 2.2 Good Behavior: The Concept of Rationality . . . . . . . . . . . . . . . . 36 2.3 The Nature of Environments . . . . . . . . . . . . . . . . . . . . . . . . . 40 2.4 The Structure of Agents . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 2.5 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 59

II Problem-solving

3 Solving Problems by Searching 64 3.1 Problem-Solving Agents . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 3.2 Example Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 3.3 Searching for Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 3.4 Uninformed Search Strategies . . . . . . . . . . . . . . . . . . . . . . . . 81 3.5 Informed (Heuristic) Search Strategies . . . . . . . . . . . . . . . . . . . 92 3.6 Heuristic Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 3.7 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 108

4 Beyond Classical Search 120 4.1 Local Search Algorithms and Optimization Problems . . . . . . . . . . . 120 4.2 Local Search in Continuous Spaces . . . . . . . . . . . . . . . . . . . . . 129 4.3 Searching with Nondeterministic Actions . . . . . . . . . . . . . . . . . . 133 4.4 Searching with Partial Observations . . . . . . . . . . . . . . . . . . . . . 138 4.5 Online Search Agents and Unknown Environments . . . . . . . . . . . . 147 4.6 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 153

5 Adversarial Search 161 5.1 Games . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 5.2 Optimal Decisions in Games . . . . . . . . . . . . . . . . . . . . . . . . 163 5.3 Alpha–Beta Pruning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 5.4 Imperfect Real-Time Decisions . . . . . . . . . . . . . . . . . . . . . . . 171 5.5 Stochastic Games . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

xiii

 

 

xiv Contents

5.6 Partially Observable Games . . . . . . . . . . . . . . . . . . . . . . . . . 180 5.7 State-of-the-Art Game Programs . . . . . . . . . . . . . . . . . . . . . . 185 5.8 Alternative Approaches . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 5.9 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 189

6 Constraint Satisfaction Problems 202 6.1 Defining Constraint Satisfaction Problems . . . . . . . . . . . . . . . . . 202 6.2 Constraint Propagation: Inference in CSPs . . . . . . . . . . . . . . . . . 208 6.3 Backtracking Search for CSPs . . . . . . . . . . . . . . . . . . . . . . . . 214 6.4 Local Search for CSPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220 6.5 The Structure of Problems . . . . . . . . . . . . . . . . . . . . . . . . . . 222 6.6 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 227

III Knowledge, reasoning, and planning

7 Logical Agents 234 7.1 Knowledge-Based Agents . . . . . . . . . . . . . . . . . . . . . . . . . . 235 7.2 The Wumpus World . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236 7.3 Logic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240 7.4 Propositional Logic: A Very Simple Logic . . . . . . . . . . . . . . . . . 243 7.5 Propositional Theorem Proving . . . . . . . . . . . . . . . . . . . . . . . 249 7.6 Effective Propositional Model Checking . . . . . . . . . . . . . . . . . . 259 7.7 Agents Based on Propositional Logic . . . . . . . . . . . . . . . . . . . . 265 7.8 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 274

8 First-Order Logic 285 8.1 Representation Revisited . . . . . . . . . . . . . . . . . . . . . . . . . . 285 8.2 Syntax and Semantics of First-Order Logic . . . . . . . . . . . . . . . . . 290 8.3 Using First-Order Logic . . . . . . . . . . . . . . . . . . . . . . . . . . . 300 8.4 Knowledge Engineering in First-Order Logic . . . . . . . . . . . . . . . . 307 8.5 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 313

9 Inference in First-Order Logic 322 9.1 Propositional vs. First-Order Inference . . . . . . . . . . . . . . . . . . . 322 9.2 Unification and Lifting . . . . . . . . . . . . . . . . . . . . . . . . . . . 325 9.3 Forward Chaining . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330 9.4 Backward Chaining . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337 9.5 Resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345 9.6 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 357

10 Classical Planning 366 10.1 Definition of Classical Planning . . . . . . . . . . . . . . . . . . . . . . . 366 10.2 Algorithms for Planning as State-Space Search . . . . . . . . . . . . . . . 373 10.3 Planning Graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379

 

 

Contents xv

10.4 Other Classical Planning Approaches . . . . . . . . . . . . . . . . . . . . 387 10.5 Analysis of Planning Approaches . . . . . . . . . . . . . . . . . . . . . . 392 10.6 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 393

11 Planning and Acting in the Real World 401 11.1 Time, Schedules, and Resources . . . . . . . . . . . . . . . . . . . . . . . 401 11.2 Hierarchical Planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406 11.3 Planning and Acting in Nondeterministic Domains . . . . . . . . . . . . . 415 11.4 Multiagent Planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 425 11.5 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 430

12 Knowledge Representation 437 12.1 Ontological Engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . 437 12.2 Categories and Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . 440 12.3 Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446 12.4 Mental Events and Mental Objects . . . . . . . . . . . . . . . . . . . . . 450 12.5 Reasoning Systems for Categories . . . . . . . . . . . . . . . . . . . . . 453 12.6 Reasoning with Default Information . . . . . . . . . . . . . . . . . . . . 458 12.7 The Internet Shopping World . . . . . . . . . . . . . . . . . . . . . . . . 462 12.8 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 467

IV Uncertain knowledge and reasoning

13 Quantifying Uncertainty 480 13.1 Acting under Uncertainty . . . . . . . . . . . . . . . . . . . . . . . . . . 480 13.2 Basic Probability Notation . . . . . . . . . . . . . . . . . . . . . . . . . . 483 13.3 Inference Using Full Joint Distributions . . . . . . . . . . . . . . . . . . . 490 13.4 Independence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494 13.5 Bayes’ Rule and Its Use . . . . . . . . . . . . . . . . . . . . . . . . . . . 495 13.6 The Wumpus World Revisited . . . . . . . . . . . . . . . . . . . . . . . . 499 13.7 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 503

14 Probabilistic Reasoning 510 14.1 Representing Knowledge in an Uncertain Domain . . . . . . . . . . . . . 510 14.2 The Semantics of Bayesian Networks . . . . . . . . . . . . . . . . . . . . 513 14.3 Efficient Representation of Conditional Distributions . . . . . . . . . . . . 518 14.4 Exact Inference in Bayesian Networks . . . . . . . . . . . . . . . . . . . 522 14.5 Approximate Inference in Bayesian Networks . . . . . . . . . . . . . . . 530 14.6 Relational and First-Order Probability Models . . . . . . . . . . . . . . . 539 14.7 Other Approaches to Uncertain Reasoning . . . . . . . . . . . . . . . . . 546 14.8 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 551

15 Probabilistic Reasoning over Time 566 15.1 Time and Uncertainty . . . . . . . . . . . . . . . . . . . . . . . . . . . . 566

 

 

xvi Contents

15.2 Inference in Temporal Models . . . . . . . . . . . . . . . . . . . . . . . . 570 15.3 Hidden Markov Models . . . . . . . . . . . . . . . . . . . . . . . . . . . 578 15.4 Kalman Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 584 15.5 Dynamic Bayesian Networks . . . . . . . . . . . . . . . . . . . . . . . . 590 15.6 Keeping Track of Many Objects . . . . . . . . . . . . . . . . . . . . . . . 599 15.7 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 603

16 Making Simple Decisions 610 16.1 Combining Beliefs and Desires under Uncertainty . . . . . . . . . . . . . 610 16.2 The Basis of Utility Theory . . . . . . . . . . . . . . . . . . . . . . . . . 611 16.3 Utility Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615 16.4 Multiattribute Utility Functions . . . . . . . . . . . . . . . . . . . . . . . 622 16.5 Decision Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 626 16.6 The Value of Information . . . . . . . . . . . . . . . . . . . . . . . . . . 628 16.7 Decision-Theoretic Expert Systems . . . . . . . . . . . . . . . . . . . . . 633 16.8 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 636

17 Making Complex Decisions 645 17.1 Sequential Decision Problems . . . . . . . . . . . . . . . . . . . . . . . . 645 17.2 Value Iteration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 652 17.3 Policy Iteration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 656 17.4 Partially Observable MDPs . . . . . . . . . . . . . . . . . . . . . . . . . 658 17.5 Decisions with Multiple Agents: Game Theory . . . . . . . . . . . . . . . 666 17.6 Mechanism Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 679 17.7 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 684

V Learning

18 Learning from Examples 693 18.1 Forms of Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 693 18.2 Supervised Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695 18.3 Learning Decision Trees . . . . . . . . . . . . . . . . . . . . . . . . . . . 697 18.4 Evaluating and Choosing the Best Hypothesis . . . . . . . . . . . . . . . 708 18.5 The Theory of Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . 713 18.6 Regression and Classification with Linear Models . . . . . . . . . . . . . 717 18.7 Artificial Neural Networks . . . . . . . . . . . . . . . . . . . . . . . . . 727 18.8 Nonparametric Models . . . . . . . . . . . . . . . . . . . . . . . . . . . 737 18.9 Support Vector Machines . . . . . . . . . . . . . . . . . . . . . . . . . . 744 18.10 Ensemble Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 748 18.11 Practical Machine Learning . . . . . . . . . . . . . . . . . . . . . . . . . 753 18.12 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 757

19 Knowledge in Learning 768 19.1 A Logical Formulation of Learning . . . . . . . . . . . . . . . . . . . . . 768

 

 

Contents xvii

19.2 Knowledge in Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . 777 19.3 Explanation-Based Learning . . . . . . . . . . . . . . . . . . . . . . . . 780 19.4 Learning Using Relevance Information . . . . . . . . . . . . . . . . . . . 784 19.5 Inductive Logic Programming . . . . . . . . . . . . . . . . . . . . . . . . 788 19.6 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 797

20 Learning Probabilistic Models 802 20.1 Statistical Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 802 20.2 Learning with Complete Data . . . . . . . . . . . . . . . . . . . . . . . . 806 20.3 Learning with Hidden Variables: The EM Algorithm . . . . . . . . . . . . 816 20.4 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 825

21 Reinforcement Learning 830 21.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 830 21.2 Passive Reinforcement Learning . . . . . . . . . . . . . . . . . . . . . . 832 21.3 Active Reinforcement Learning . . . . . . . . . . . . . . . . . . . . . . . 839 21.4 Generalization in Reinforcement Learning . . . . . . . . . . . . . . . . . 845 21.5 Policy Search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 848 21.6 Applications of Reinforcement Learning . . . . . . . . . . . . . . . . . . 850 21.7 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 853

VI Communicating, perceiving, and acting

22 Natural Language Processing 860 22.1 Language Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 860 22.2 Text Classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 865 22.3 Information Retrieval . . . . . . . . . . . . . . . . . . . . . . . . . . . . 867 22.4 Information Extraction . . . . . . . . . . . . . . . . . . . . . . . . . . . . 873 22.5 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 882

23 Natural Language for Communication 888 23.1 Phrase Structure Grammars . . . . . . . . . . . . . . . . . . . . . . . . . 888 23.2 Syntactic Analysis (Parsing) . . . . . . . . . . . . . . . . . . . . . . . . . 892 23.3 Augmented Grammars and Semantic Interpretation . . . . . . . . . . . . 897 23.4 Machine Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 907 23.5 Speech Recognition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 912 23.6 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 918

24 Perception 928 24.1 Image Formation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 929 24.2 Early Image-Processing Operations . . . . . . . . . . . . . . . . . . . . . 935 24.3 Object Recognition by Appearance . . . . . . . . . . . . . . . . . . . . . 942 24.4 Reconstructing the 3D World . . . . . . . . . . . . . . . . . . . . . . . . 947 24.5 Object Recognition from Structural Information . . . . . . . . . . . . . . 957

 

 

xviii Contents

24.6 Using Vision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 961 24.7 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 965

25 Robotics 971 25.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 971 25.2 Robot Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 973 25.3 Robotic Perception . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 978 25.4 Planning to Move . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 986 25.5 Planning Uncertain Movements . . . . . . . . . . . . . . . . . . . . . . . 993 25.6 Moving . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 997 25.7 Robotic Software Architectures . . . . . . . . . . . . . . . . . . . . . . . 1003 25.8 Application Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1006 25.9 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 1010

VII Conclusions

26 Philosophical Foundations 1020 26.1 Weak AI: Can Machines Act Intelligently? . . . . . . . . . . . . . . . . . 1020 26.2 Strong AI: Can Machines Really Think? . . . . . . . . . . . . . . . . . . 1026 26.3 The Ethics and Risks of Developing Artificial Intelligence . . . . . . . . . 1034 26.4 Summary, Bibliographical and Historical Notes, Exercises . . . . . . . . . 1040

27 AI: The Present and Future 1044 27.1 Agent Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1044 27.2 Agent Architectures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1047 27.3 Are We Going in the Right Direction? . . . . . . . . . . . . . . . . . . . 1049 27.4 What If AI Does Succeed? . . . . . . . . . . . . . . . . . . . . . . . . . 1051

A Mathematical background 1053 A.1 Complexity Analysis and O() Notation . . . . . . . . . . . . . . . . . . . 1053 A.2 Vectors, Matrices, and Linear Algebra . . . . . . . . . . . . . . . . . . . 1055 A.3 Probability Distributions . . . . . . . . . . . . . . . . . . . . . . . . . . . 1057

B Notes on Languages and Algorithms 1060 B.1 Defining Languages with Backus–Naur Form (BNF) . . . . . . . . . . . . 1060 B.2 Describing Algorithms with Pseudocode . . . . . . . . . . . . . . . . . . 1061 B.3 Online Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1062

Bibliography 1063

Index 1095

 

 

1 INTRODUCTION

In which we try to explain why we consider artificial intelligence to be a subject most worthy of study, and in which we try to decide what exactly it is, this being a good thing to decide before embarking.

We call ourselves Homo sapiens—man the wise—because our intelligence is so importantINTELLIGENCE to us. For thousands of years, we have tried to understand how we think; that is, how a mere handful of matter can perceive, understand, predict, and manipulate a world far larger and more complicated than itself. The field of artificial intelligence, or AI, goes further still: itARTIFICIALINTELLIGENCE attempts not just to understand but also to build intelligent entities.

AI is one of the newest fields in science and engineering. Work started in earnest soon after World War II, and the name itself was coined in 1956. Along with molecular biology, AI is regularly cited as the “field I would most like to be in” by scientists in other disciplines. A student in physics might reasonably feel that all the good ideas have already been taken by Galileo, Newton, Einstein, and the rest. AI, on the other hand, still has openings for several full-time Einsteins and Edisons.

AI currently encompasses a huge variety of subfields, ranging from the general (learning and perception) to the specific, such as playing chess, proving mathematical theorems, writing poetry, driving a car on a crowded street, and diagnosing diseases. AI is relevant to any intellectual task; it is truly a universal field.

1.1 WHAT IS AI?

We have claimed that AI is exciting, but we have not said what it is. In Figure 1.1 we see eight definitions of AI, laid out along two dimensions. The definitions on top are concerned with thought processes and reasoning, whereas the ones on the bottom address behavior. The definitions on the left measure success in terms of fidelity to human performance, whereas the ones on the right measure against an ideal performance measure, called rationality. ARATIONALITY system is rational if it does the “right thing,” given what it knows.

Historically, all four approaches to AI have been followed, each by different people with different methods. A human-centered approach must be in part an empirical science, in-

1

 

 

2 Chapter 1. Introduction

Thinking Humanly Thinking Rationally

“The exciting new effort to make comput- ers think . . . machines with minds, in the full and literal sense.” (Haugeland, 1985)

“The study of mental faculties through the use of computational models.” (Charniak and McDermott, 1985)

“[The automation of] activities that we associate with human thinking, activities such as decision-making, problem solv- ing, learning . . .” (Bellman, 1978)

“The study of the computations that make it possible to perceive, reason, and act.” (Winston, 1992)

Acting Humanly Acting Rationally

“The art of creating machines that per- form functions that require intelligence when performed by people.” (Kurzweil, 1990)

“Computational Intelligence is the study of the design of intelligent agents.” (Poole et al., 1998)

“The study of how to make computers do things at which, at the moment, people are better.” (Rich and Knight, 1991)

“AI . . . is concerned with intelligent be- havior in artifacts.” (Nilsson, 1998)

Figure 1.1 Some definitions of artificial intelligence, organized into four categories.

volving observations and hypotheses about human behavior. A rationalist1 approach involves a combination of mathematics and engineering. The various group have both disparaged and helped each other. Let us look at the four approaches in more detail.

1.1.1 Acting humanly: The Turing Test approach

The Turing Test, proposed by Alan Turing (1950), was designed to provide a satisfactoryTURING TEST operational definition of intelligence. A computer passes the test if a human interrogator, after posing some written questions, cannot tell whether the written responses come from a person or from a computer. Chapter 26 discusses the details of the test and whether a computer would really be intelligent if it passed. For now, we note that programming a computer to pass a rigorously applied test provides plenty to work on. The computer would need to possess the following capabilities:

• natural language processing to enable it to communicate successfully in English;NATURAL LANGUAGEPROCESSING • knowledge representation to store what it knows or hears;KNOWLEDGEREPRESENTATION • automated reasoning to use the stored information to answer questions and to drawAUTOMATEDREASONING

new conclusions;

• machine learning to adapt to new circumstances and to detect and extrapolate patterns.MACHINE LEARNING

1 By distinguishing between human and rational behavior, we are not suggesting that humans are necessarily “irrational” in the sense of “emotionally unstable” or “insane.” One merely need note that we are not perfect: not all chess players are grandmasters; and, unfortunately, not everyone gets an A on the exam. Some systematic errors in human reasoning are cataloged by Kahneman et al. (1982).

 

 

Section 1.1. What Is AI? 3

Turing’s test deliberately avoided direct physical interaction between the interrogator and the computer, because physical simulation of a person is unnecessary for intelligence. However, the so-called total Turing Test includes a video signal so that the interrogator can test theTOTAL TURING TEST subject’s perceptual abilities, as well as the opportunity for the interrogator to pass physical objects “through the hatch.” To pass the total Turing Test, the computer will need

• computer vision to perceive objects, andCOMPUTER VISION

• robotics to manipulate objects and move about.ROBOTICS

These six disciplines compose most of AI, and Turing deserves credit for designing a test that remains relevant 60 years later. Yet AI researchers have devoted little effort to passing the Turing Test, believing that it is more important to study the underlying principles of in- telligence than to duplicate an exemplar. The quest for “artificial flight” succeeded when the Wright brothers and others stopped imitating birds and started using wind tunnels and learn- ing about aerodynamics. Aeronautical engineering texts do not define the goal of their field as making “machines that fly so exactly like pigeons that they can fool even other pigeons.”

1.1.2 Thinking humanly: The cognitive modeling approach

If we are going to say that a given program thinks like a human, we must have some way of determining how humans think. We need to get inside the actual workings of human minds. There are three ways to do this: through introspection—trying to catch our own thoughts as they go by; through psychological experiments—observing a person in action; and through brain imaging—observing the brain in action. Once we have a sufficiently precise theory of the mind, it becomes possible to express the theory as a computer program. If the program’s input–output behavior matches corresponding human behavior, that is evidence that some of the program’s mechanisms could also be operating in humans. For example, Allen Newell and Herbert Simon, who developed GPS, the “General Problem Solver” (Newell and Simon, 1961), were not content merely to have their program solve problems correctly. They were more concerned with comparing the trace of its reasoning steps to traces of human subjects solving the same problems. The interdisciplinary field of cognitive science brings togetherCOGNITIVE SCIENCE computer models from AI and experimental techniques from psychology to construct precise and testable theories of the human mind.

Cognitive science is a fascinating field in itself, worthy of several textbooks and at least one encyclopedia (Wilson and Keil, 1999). We will occasionally comment on similarities or differences between AI techniques and human cognition. Real cognitive science, however, is necessarily based on experimental investigation of actual humans or animals. We will leave that for other books, as we assume the reader has only a computer for experimentation.

In the early days of AI there was often confusion between the approaches: an author would argue that an algorithm performs well on a task and that it is therefore a good model of human performance, or vice versa. Modern authors separate the two kinds of claims; this distinction has allowed both AI and cognitive science to develop more rapidly. The two fields continue to fertilize each other, most notably in computer vision, which incorporates neurophysiological evidence into computational models.

 

 

4 Chapter 1. Introduction

1.1.3 Thinking rationally: The “laws of thought” approach

The Greek philosopher Aristotle was one of the first to attempt to codify “right thinking,” that is, irrefutable reasoning processes. His syllogisms provided patterns for argument structuresSYLLOGISM that always yielded correct conclusions when given correct premises—for example, “Socrates is a man; all men are mortal; therefore, Socrates is mortal.” These laws of thought were supposed to govern the operation of the mind; their study initiated the field called logic.LOGIC

Logicians in the 19th century developed a precise notation for statements about all kinds of objects in the world and the relations among them. (Contrast this with ordinary arithmetic notation, which provides only for statements about numbers.) By 1965, programs existed that could, in principle, solve any solvable problem described in logical notation. (Although if no solution exists, the program might loop forever.) The so-called logicist tradition withinLOGICIST artificial intelligence hopes to build on such programs to create intelligent systems.

There are two main obstacles to this approach. First, it is not easy to take informal knowledge and state it in the formal terms required by logical notation, particularly when the knowledge is less than 100% certain. Second, there is a big difference between solving a problem “in principle” and solving it in practice. Even problems with just a few hundred facts can exhaust the computational resources of any computer unless it has some guidance as to which reasoning steps to try first. Although both of these obstacles apply to any attempt to build computational reasoning systems, they appeared first in the logicist tradition.

1.1.4 Acting rationally: The rational agent approach

An agent is just something that acts (agent comes from the Latin agere, to do). Of course,AGENT all computer programs do something, but computer agents are expected to do more: operate autonomously, perceive their environment, persist over a prolonged time period, adapt to change, and create and pursue goals. A rational agent is one that acts so as to achieve theRATIONAL AGENT best outcome or, when there is uncertainty, the best expected outcome.

In the “laws of thought” approach to AI, the emphasis was on correct inferences. Mak- ing correct inferences is sometimes part of being a rational agent, because one way to act rationally is to reason logically to the conclusion that a given action will achieve one’s goals and then to act on that conclusion. On the other hand, correct inference is not all of ration- ality; in some situations, there is no provably correct thing to do, but something must still be done. There are also ways of acting rationally that cannot be said to involve inference. For example, recoiling from a hot stove is a reflex action that is usually more successful than a slower action taken after careful deliberation.

All the skills needed for the Turing Test also allow an agent to act rationally. Knowledge representation and reasoning enable agents to reach good decisions. We need to be able to generate comprehensible sentences in natural language to get by in a complex society. We need learning not only for erudition, but also because it improves our ability to generate effective behavior.

The rational-agent approach has two advantages over the other approaches. First, it is more general than the “laws of thought” approach because correct inference is just one of several possible mechanisms for achieving rationality. Second, it is more amenable to

 

 

Section 1.2. The Foundations of Artificial Intelligence 5

scientific development than are approaches based on human behavior or human thought. The standard of rationality is mathematically well defined and completely general, and can be “unpacked” to generate agent designs that provably achieve it. Human behavior, on the other hand, is well adapted for one specific environment and is defined by, well, the sum total of all the things that humans do. This book therefore concentrates on general principles of rational agents and on components for constructing them. We will see that despite the apparent simplicity with which the problem can be stated, an enormous variety of issues come up when we try to solve it. Chapter 2 outlines some of these issues in more detail.

One important point to keep in mind: We will see before too long that achieving perfect rationality—always doing the right thing—is not feasible in complicated environments. The computational demands are just too high. For most of the book, however, we will adopt the working hypothesis that perfect rationality is a good starting point for analysis. It simplifies the problem and provides the appropriate setting for most of the foundational material in the field. Chapters 5 and 17 deal explicitly with the issue of limited rationality—actingLIMITEDRATIONALITY appropriately when there is not enough time to do all the computations one might like.

1.2 THE FOUNDATIONS OF ARTIFICIAL INTELLIGENCE

In this section, we provide a brief history of the disciplines that contributed ideas, viewpoints, and techniques to AI. Like any history, this one is forced to concentrate on a small number of people, events, and ideas and to ignore others that also were important. We organize the history around a series of questions. We certainly would not wish to give the impression that these questions are the only ones the disciplines address or that the disciplines have all been working toward AI as their ultimate fruition.

1.2.1 Philosophy

• Can formal rules be used to draw valid conclusions? • How does the mind arise from a physical brain? • Where does knowledge come from? • How does knowledge lead to action?

Aristotle (384–322 B.C.), whose bust appears on the front cover of this book, was the first to formulate a precise set of laws governing the rational part of the mind. He developed an informal system of syllogisms for proper reasoning, which in principle allowed one to gener- ate conclusions mechanically, given initial premises. Much later, Ramon Lull (d. 1315) had the idea that useful reasoning could actually be carried out by a mechanical artifact. Thomas Hobbes (1588–1679) proposed that reasoning was like numerical computation, that “we add and subtract in our silent thoughts.” The automation of computation itself was already well under way. Around 1500, Leonardo da Vinci (1452–1519) designed but did not build a me- chanical calculator; recent reconstructions have shown the design to be functional. The first known calculating machine was constructed around 1623 by the German scientist Wilhelm Schickard (1592–1635), although the Pascaline, built in 1642 by Blaise Pascal (1623–1662),

 

 

6 Chapter 1. Introduction

is more famous. Pascal wrote that “the arithmetical machine produces effects which appear nearer to thought than all the actions of animals.” Gottfried Wilhelm Leibniz (1646–1716) built a mechanical device intended to carry out operations on concepts rather than numbers, but its scope was rather limited. Leibniz did surpass Pascal by building a calculator that could add, subtract, multiply, and take roots, whereas the Pascaline could only add and sub- tract. Some speculated that machines might not just do calculations but actually be able to think and act on their own. In his 1651 book Leviathan, Thomas Hobbes suggested the idea of an “artificial animal,” arguing “For what is the heart but a spring; and the nerves, but so many strings; and the joints, but so many wheels.”

It’s one thing to say that the mind operates, at least in part, according to logical rules, and to build physical systems that emulate some of those rules; it’s another to say that the mind itself is such a physical system. René Descartes (1596–1650) gave the first clear discussion of the distinction between mind and matter and of the problems that arise. One problem with a purely physical conception of the mind is that it seems to leave little room for free will: if the mind is governed entirely by physical laws, then it has no more free will than a rock “deciding” to fall toward the center of the earth. Descartes was a strong advocate of the power of reasoning in understanding the world, a philosophy now called rationalism, and one thatRATIONALISM counts Aristotle and Leibnitz as members. But Descartes was also a proponent of dualism.DUALISM He held that there is a part of the human mind (or soul or spirit) that is outside of nature, exempt from physical laws. Animals, on the other hand, did not possess this dual quality; they could be treated as machines. An alternative to dualism is materialism, which holdsMATERIALISM that the brain’s operation according to the laws of physics constitutes the mind. Free will is simply the way that the perception of available choices appears to the choosing entity.

Given a physical mind that manipulates knowledge, the next problem is to establish the source of knowledge. The empiricism movement, starting with Francis Bacon’s (1561–EMPIRICISM 1626) Novum Organum,2 is characterized by a dictum of John Locke (1632–1704): “Nothing is in the understanding, which was not first in the senses.” David Hume’s (1711–1776) A Treatise of Human Nature (Hume, 1739) proposed what is now known as the principle of induction: that general rules are acquired by exposure to repeated associations between theirINDUCTION elements. Building on the work of Ludwig Wittgenstein (1889–1951) and Bertrand Russell (1872–1970), the famous Vienna Circle, led by Rudolf Carnap (1891–1970), developed the doctrine of logical positivism. This doctrine holds that all knowledge can be characterized byLOGICAL POSITIVISM logical theories connected, ultimately, to observation sentences that correspond to sensoryOBSERVATIONSENTENCES inputs; thus logical positivism combines rationalism and empiricism.3 The confirmation the- ory of Carnap and Carl Hempel (1905–1997) attempted to analyze the acquisition of knowl-CONFIRMATIONTHEORY edge from experience. Carnap’s book The Logical Structure of the World (1928) defined an explicit computational procedure for extracting knowledge from elementary experiences. It was probably the first theory of mind as a computational process.

2 The Novum Organum is an update of Aristotle’s Organon, or instrument of thought. Thus Aristotle can be seen as both an empiricist and a rationalist. 3 In this picture, all meaningful statements can be verified or falsified either by experimentation or by analysis of the meaning of the words. Because this rules out most of metaphysics, as was the intention, logical positivism was unpopular in some circles.

 

 

Section 1.2. The Foundations of Artificial Intelligence 7

The final element in the philosophical picture of the mind is the connection between knowledge and action. This question is vital to AI because intelligence requires action as well as reasoning. Moreover, only by understanding how actions are justified can we understand how to build an agent whose actions are justifiable (or rational). Aristotle argued (in De Motu Animalium) that actions are justified by a logical connection between goals and knowledge of the action’s outcome (the last part of this extract also appears on the front cover of this book, in the original Greek):

But how does it happen that thinking is sometimes accompanied by action and sometimes not, sometimes by motion, and sometimes not? It looks as if almost the same thing happens as in the case of reasoning and making inferences about unchanging objects. But in that case the end is a speculative proposition . . . whereas here the conclusion which results from the two premises is an action. . . . I need covering; a cloak is a covering. I need a cloak. What I need, I have to make; I need a cloak. I have to make a cloak. And the conclusion, the “I have to make a cloak,” is an action.

In the Nicomachean Ethics (Book III. 3, 1112b), Aristotle further elaborates on this topic, suggesting an algorithm:

We deliberate not about ends, but about means. For a doctor does not deliberate whether he shall heal, nor an orator whether he shall persuade, . . . They assume the end and consider how and by what means it is attained, and if it seems easily and best produced thereby; while if it is achieved by one means only they consider how it will be achieved by this and by what means this will be achieved, till they come to the first cause, . . . and what is last in the order of analysis seems to be first in the order of becoming. And if we come on an impossibility, we give up the search, e.g., if we need money and this cannot be got; but if a thing appears possible we try to do it.

Aristotle’s algorithm was implemented 2300 years later by Newell and Simon in their GPS program. We would now call it a regression planning system (see Chapter 10).

Goal-based analysis is useful, but does not say what to do when several actions will achieve the goal or when no action will achieve it completely. Antoine Arnauld (1612–1694) correctly described a quantitative formula for deciding what action to take in cases like this (see Chapter 16). John Stuart Mill’s (1806–1873) book Utilitarianism (Mill, 1863) promoted the idea of rational decision criteria in all spheres of human activity. The more formal theory of decisions is discussed in the following section.

1.2.2 Mathematics

• What are the formal rules to draw valid conclusions?

• What can be computed?

• How do we reason with uncertain information?

Philosophers staked out some of the fundamental ideas of AI, but the leap to a formal science required a level of mathematical formalization in three fundamental areas: logic, computa- tion, and probability.

The idea of formal logic can be traced back to the philosophers of ancient Greece, but its mathematical development really began with the work of George Boole (1815–1864), who

 

 

8 Chapter 1. Introduction

worked out the details of propositional, or Boolean, logic (Boole, 1847). In 1879, Gottlob Frege (1848–1925) extended Boole’s logic to include objects and relations, creating the first- order logic that is used today.4 Alfred Tarski (1902–1983) introduced a theory of reference that shows how to relate the objects in a logic to objects in the real world.

The next step was to determine the limits of what could be done with logic and com- putation. The first nontrivial algorithm is thought to be Euclid’s algorithm for computingALGORITHM greatest common divisors. The word algorithm (and the idea of studying them) comes from al-Khowarazmi, a Persian mathematician of the 9th century, whose writings also introduced Arabic numerals and algebra to Europe. Boole and others discussed algorithms for logical deduction, and, by the late 19th century, efforts were under way to formalize general mathe- matical reasoning as logical deduction. In 1930, Kurt Gödel (1906–1978) showed that there exists an effective procedure to prove any true statement in the first-order logic of Frege and Russell, but that first-order logic could not capture the principle of mathematical induction needed to characterize the natural numbers. In 1931, Gödel showed that limits on deduc- tion do exist. His incompleteness theorem showed that in any formal theory as strong asINCOMPLETENESSTHEOREM Peano arithmetic (the elementary theory of natural numbers), there are true statements that are undecidable in the sense that they have no proof within the theory.

This fundamental result can also be interpreted as showing that some functions on the integers cannot be represented by an algorithm—that is, they cannot be computed. This motivated Alan Turing (1912–1954) to try to characterize exactly which functions are com- putable—capable of being computed. This notion is actually slightly problematic becauseCOMPUTABLE the notion of a computation or effective procedure really cannot be given a formal definition. However, the Church–Turing thesis, which states that the Turing machine (Turing, 1936) is capable of computing any computable function, is generally accepted as providing a sufficient definition. Turing also showed that there were some functions that no Turing machine can compute. For example, no machine can tell in general whether a given program will return an answer on a given input or run forever.

Although decidability and computability are important to an understanding of computa- tion, the notion of tractability has had an even greater impact. Roughly speaking, a problemTRACTABILITY is called intractable if the time required to solve instances of the problem grows exponentially with the size of the instances. The distinction between polynomial and exponential growth in complexity was first emphasized in the mid-1960s (Cobham, 1964; Edmonds, 1965). It is important because exponential growth means that even moderately large instances cannot be solved in any reasonable time. Therefore, one should strive to divide the overall problem of generating intelligent behavior into tractable subproblems rather than intractable ones.

How can one recognize an intractable problem? The theory of NP-completeness, pio-NP-COMPLETENESS neered by Steven Cook (1971) and Richard Karp (1972), provides a method. Cook and Karp showed the existence of large classes of canonical combinatorial search and reasoning prob- lems that are NP-complete. Any problem class to which the class of NP-complete problems can be reduced is likely to be intractable. (Although it has not been proved that NP-complete

4 Frege’s proposed notation for first-order logic—an arcane combination of textual and geometric features— never became popular.

 

 

Section 1.2. The Foundations of Artificial Intelligence 9

problems are necessarily intractable, most theoreticians believe it.) These results contrast with the optimism with which the popular press greeted the first computers—“Electronic Super-Brains” that were “Faster than Einstein!” Despite the increasing speed of computers, careful use of resources will characterize intelligent systems. Put crudely, the world is an extremely large problem instance! Work in AI has helped explain why some instances of NP-complete problems are hard, yet others are easy (Cheeseman et al., 1991).

Besides logic and computation, the third great contribution of mathematics to AI is the theory of probability. The Italian Gerolamo Cardano (1501–1576) first framed the idea ofPROBABILITY probability, describing it in terms of the possible outcomes of gambling events. In 1654, Blaise Pascal (1623–1662), in a letter to Pierre Fermat (1601–1665), showed how to pre- dict the future of an unfinished gambling game and assign average payoffs to the gamblers. Probability quickly became an invaluable part of all the quantitative sciences, helping to deal with uncertain measurements and incomplete theories. James Bernoulli (1654–1705), Pierre Laplace (1749–1827), and others advanced the theory and introduced new statistical meth- ods. Thomas Bayes (1702–1761), who appears on the front cover of this book, proposed a rule for updating probabilities in the light of new evidence. Bayes’ rule underlies most modern approaches to uncertain reasoning in AI systems.

1.2.3 Economics

• How should we make decisions so as to maximize payoff?

• How should we do this when others may not go along?

• How should we do this when the payoff may be far in the future?

The science of economics got its start in 1776, when Scottish philosopher Adam Smith (1723–1790) published An Inquiry into the Nature and Causes of the Wealth of Nations. While the ancient Greeks and others had made contributions to economic thought, Smith was the first to treat it as a science, using the idea that economies can be thought of as consist- ing of individual agents maximizing their own economic well-being. Most people think of economics as being about money, but economists will say that they are really studying how people make choices that lead to preferred outcomes. When McDonald’s offers a hamburger for a dollar, they are asserting that they would prefer the dollar and hoping that customers will prefer the hamburger. The mathematical treatment of “preferred outcomes” or utility wasUTILITY first formalized by Léon Walras (pronounced “Valrasse”) (1834-1910) and was improved by Frank Ramsey (1931) and later by John von Neumann and Oskar Morgenstern in their book The Theory of Games and Economic Behavior (1944).

Decision theory, which combines probability theory with utility theory, provides a for-DECISION THEORY mal and complete framework for decisions (economic or otherwise) made under uncertainty— that is, in cases where probabilistic descriptions appropriately capture the decision maker’s environment. This is suitable for “large” economies where each agent need pay no attention to the actions of other agents as individuals. For “small” economies, the situation is much more like a game: the actions of one player can significantly affect the utility of another (either positively or negatively). Von Neumann and Morgenstern’s development of game theory (see also Luce and Raiffa, 1957) included the surprising result that, for some games,GAME THEORY

 

 

10 Chapter 1. Introduction

a rational agent should adopt policies that are (or least appear to be) randomized. Unlike de- cision theory, game theory does not offer an unambiguous prescription for selecting actions.

For the most part, economists did not address the third question listed above, namely, how to make rational decisions when payoffs from actions are not immediate but instead re- sult from several actions taken in sequence. This topic was pursued in the field of operations research, which emerged in World War II from efforts in Britain to optimize radar installa-OPERATIONSRESEARCH tions, and later found civilian applications in complex management decisions. The work of Richard Bellman (1957) formalized a class of sequential decision problems called Markov decision processes, which we study in Chapters 17 and 21.

Work in economics and operations research has contributed much to our notion of ra- tional agents, yet for many years AI research developed along entirely separate paths. One reason was the apparent complexity of making rational decisions. The pioneering AI re- searcher Herbert Simon (1916–2001) won the Nobel Prize in economics in 1978 for his early work showing that models based on satisficing—making decisions that are “good enough,”SATISFICING rather than laboriously calculating an optimal decision—gave a better description of actual human behavior (Simon, 1947). Since the 1990s, there has been a resurgence of interest in decision-theoretic techniques for agent systems (Wellman, 1995).

1.2.4 Neuroscience

• How do brains process information?

Neuroscience is the study of the nervous system, particularly the brain. Although the exactNEUROSCIENCE way in which the brain enables thought is one of the great mysteries of science, the fact that it does enable thought has been appreciated for thousands of years because of the evidence that strong blows to the head can lead to mental incapacitation. It has also long been known that human brains are somehow different; in about 335 B.C. Aristotle wrote, “Of all the animals, man has the largest brain in proportion to his size.”5 Still, it was not until the middle of the 18th century that the brain was widely recognized as the seat of consciousness. Before then, candidate locations included the heart and the spleen.

Paul Broca’s (1824–1880) study of aphasia (speech deficit) in brain-damaged patients in 1861 demonstrated the existence of localized areas of the brain responsible for specific cognitive functions. In particular, he showed that speech production was localized to the portion of the left hemisphere now called Broca’s area.6 By that time, it was known that the brain consisted of nerve cells, or neurons, but it was not until 1873 that Camillo GolgiNEURON (1843–1926) developed a staining technique allowing the observation of individual neurons in the brain (see Figure 1.2). This technique was used by Santiago Ramon y Cajal (1852– 1934) in his pioneering studies of the brain’s neuronal structures.7 Nicolas Rashevsky (1936, 1938) was the first to apply mathematical models to the study of the nervous sytem.

5 Since then, it has been discovered that the tree shrew (Scandentia) has a higher ratio of brain to body mass. 6 Many cite Alexander Hood (1824) as a possible prior source. 7 Golgi persisted in his belief that the brain’s functions were carried out primarily in a continuous medium in which neurons were embedded, whereas Cajal propounded the “neuronal doctrine.” The two shared the Nobel prize in 1906 but gave mutually antagonistic acceptance speeches.

 

 

Section 1.2. The Foundations of Artificial Intelligence 11

Axon

Cell body or Soma

Nucleus

Dendrite

Synapses

Axonal arborization

Axon from another cell

Synapse

 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!

Exp19_Excel_Ch05_Cap_Apartments

Exp19_Excel_Ch05_Cap_Apartments

Project Description:

You manage several apartment complexes in Phoenix, Arizona. You created a dataset that lists details for each apartment complex, such as apartment number, including number of bedrooms, whether the unit is rented or vacant, the last remodel date, rent, and deposits. You will use the datasets to aggregate data to analyze the apartments at the complexes.

Steps to Perform:

 

Step

Instructions

Points    Possible

 

1

Start   Excel. Download and open the file named Exp19_Excel_Ch05_Cap_Apartments.xlsx.   Grader has automatically added your last name to the beginning of the   filename.

02Before subtotalling the data, you need to sort the   data.
Select the Summary sheet. Sort the data by Apartment Complex in alphabetical   order and further sort it by # Bed (the number of bedrooms) from smallest to   largest.

3You   want to use the Subtotal feature to display the average total deposit by   number of bedrooms for each apartment complex.
Use the Subtotal feature to insert subtotal rows by Apartment Complex to   calculate the average Total Deposit. Add a second subtotal (without removing   the first subtotal) by # Bed to calculate the average Total Deposit by the   number of bedrooms.

5

 

4

Use the outline symbols to display only the   subtotal rows. Create an automatic outline and collapse the outline above   Total Deposit.

2

 

5

You   want to create a PivotTable to determine the total monthly rental revenue for   occupied apartments.
Display the Rentals sheet and create a blank PivotTable on a new worksheet to   the left of the Rentals sheet. Change the name of the worksheet to Rental   Revenue. Name   the PivotTable Rental Revenue.

7

 

6

Display the Apartment Complex and # Bed fields in   Rows and the Rental Price field as Values.

6

 

7

Format   the Sum of Rental Price for Accounting Number Format with zero decimal places   and enter the custom name Total Rent Collected.

3

 

8

Select the Occupied field for the filter and set   the filter to Yes to display data for occupied apartments.

3

 

9

You   want to calculate the total monthly rental revenue if the rates increase by   5% for the occupied apartments.
Insert a calculated field to multiply the Rental Price by 1.05. Change the name to New Rental   Revenue. Apply   Accounting Number Format with zero decimal places.

15

 

10

Select the range B3:C3 and apply these formats:   wrap text, Align Right horizontal alignment, and 30 row height. Select column B and set 9.29 column width. Select column C   and set 14.43 column   width.

5

 

11

Apply   Light Orange, Pivot Style Medium 10 to the PivotTable and display banded   rows.

5

 

12

Insert a slicer for # Bed so that you can filter   the dataset by number of bedrooms. Change the slicer caption to # of Bedrooms.

5

 

13

Change   the slicer height to 1.4 inches and width to 1.75 inches. Apply Light Orange, Slicer Style Light 2. Cut the slicer   and paste it in cell E2.

6

 

14

Insert a timeline for the Last Remodel field.   Change the time period to YEARS. Apply Light Orange, Timeline Style Light 2.   Change the timeline height to 1.4 inches and with to 3.75 inches.

5

 

15

The   Databases sheet contains two tables. You will create a relationship between   those tables.
Display the Databases sheet. Create a relationship between the APARTMENTS   table using the Code field and the COMPLEX table using the Code field.

5

 

16You want to create a PivotTable from the related   tables.
Create a PivotTable using the data model on a new sheet. Change the sheet   name to Bedrooms.   Name the PivotTable BedroomData.

5

 

17

Select   the Apartment Name field from the COMPLEX table for Rows, the # Bed field for   Columns, and the # Bed field as Values. This will display the number of   apartments with the specified number of bedrooms per apartment complex.   Display the values as a percentage of row totals.

5

 

18

Create a Clustered Column PivotChart. Cut the chart   and paste it in cell A13.

5

 

19

Select   the 3-bedroom data series and apply the Black, Text 1, Lighter 50% solid fill   color. Apply Black, Text 1 font color to the vertical axis and category axis.   Change the chart height to 3 inches and the width to 5 inches, if necessary. Hide the field   buttons in the PivotChart.

5

 

20

Create a footer on all worksheets with your name in   the left, the sheet name code in the center, and the file name code in the   right.

5

 

21

Save   and close Exp19_Excel_Ch05_Cap_Apartments.xlsx.   Exit Excel. Submit the file as directed.

0

 

Total   Points

100

 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!

Network And Security

Project: Malware Analysis CS 6262 Project 3

 

 

Agenda

• Part 1: Analyzing Windows Malware

• Part 2: Analyzing Android Malware

 

 

Scenario

• Analyzing Windows Malware • You got a malware sample from the wild. Your task is to discover what

malware does by analyzing it

• How do you discover the malware’s behaviors? • Static Analysis

• Manual Reverse Engineering

• Programming binary analysis

• Dynamic Analysis • Network behavioral tracing

• Run-time system behavioral tracing(File/Process/Thread/Registry)

• Symbolic Execution

• Fuzzing

 

 

Scenario

• In our scenario, you are going to analyze the given malware with tools that we provide.

• The tools help you to analyze the malware with static and dynamic analysis.

• Objective 1. Find which server controls the malware (the command and control (C2)

server) 2. Discover how the malware communicates with the command and control

(C2) server • URL and Payload

3. Discover what activities are done by the malware payload • Attack Activities

 

 

Scenario

• Requirement • Make sure that no malware traffic goes out from the virtual machine

• But, updating of malware (stage 2), and downloading payload (stage 3) are required to be allowed (set as default option)

• The command and control server is dead. You need to reconstruct it • Use tools to reconstruct the server, then reveal hidden behaviors of the malware

• Analyze network traffic on the host, and figure out the list of available commands for the malware

• Analyze network traffic trace of the host, and figure out what malware does • Write down your answer into assignment-questionnaire.txt

 

 

Project Structure

• A Virtual Machine for Malware analysis • Please download and install the latest version or update your virtual box.

• https://www.virtualbox.org/wiki/Downloads

• Download the VM • Download links

• http://ironhide.gtisc.gatech.edu/vm_2018.7z

• http://bombshell.gtisc.gatech.edu/vm_2018.7z

• Verify the md5 hash of the 7z file: 537e70c4cb4662d3e3b46af5d8223fd

• Please install 7zip or p7zip • Windows, Linux and MacOs: http://www.7-zip.org/download.html

• Unarchive the 7z file • Password: GTVM!

 

 

Project Structure

• Open VirtualBox • Go to File->Import Appliance.

• Select the ova file and import it.

• For detailed information on how to import the VM, see: • https://docs.oracle.com/cd/E26217_01/E26796/html/qs-import-vm.html

• VM user credentials • Username: analysis

• Password: analysis

 

 

Project Structure

• In the Virtual Machine (VM) • Files

• init.py • This initializes the project environment

• Type your Georgia Tech username (same login name as Canvas) after running this

• update.sh • This script updates the VM if any further update has been made by TA

• DO NOT execute the script unless TAs ask you to execute.

• archive.sh • This will archive the answer sheet for submission (create a zip file)

 

 

Project Structure

• In the Virtual Machine (VM) • Directories

• vm • A directory that stores Windows XP virtual machine (runs with QEMU) • We use the given VM for both Cuckoo and a testbed. Please see page 17.

• shared • A shared directory between Ubuntu and Windows machine. You can put/copy the file in/from

this directory. • Please see page 22.

• report • The answer sheet for project questionnaire.

• setup • Required files for setting up the machine. You don’t need to modify, nor use the files in this

directory.

 

 

Project Structure

• In the Virtual Machine (VM) • Directories

• tools • network

• Configure your network firewall rules (iptables) by editing iptables-rules.

• You can allow/disallow/redirect the traffic from the malware

• ‘./reset’ command in this directory will apply the changes

• cfg-generation (CFG stands for Control-Flow Graph)

• An analysis tool that helps you to find interesting function of malicious activity

• You need to edit score.h to generate the control-flow graph

• Use xdot to open the generated CFG.

 

 

Project Structure

• In the Virtual Machine (VM) • Directories

• tools • sym-exec

• A symbolic executor (based on angr: https://github.com/angr)

• Helps you to figure out the commands that malware expects

• Use cfg-generation tool to figure out the address of the function of interests

• c2-command

• A simplified tool for C2 server reconstruction

• You can write down command in the *.txt file as a line

• In the default settings, it will randomly send a command in the line

 

 

Project Structure

• Network Configurations

Ubuntu Windows (QEMU)

Malware

tap0 (vif)

br0 (network bridge)

enp0s3 (NAT Network)

Analysis tools Fake servers

iptables

The Internet

C2 server Fake targets

 

 

Project Structure

• Network Configurations • tap0

• Virtual network interface for Windows XP • IP Address: 192.168.133.101

• br0 • A network bridge between Windows XP and Ubuntu

• IP Address: 192.168.133.1

• enp0s3 • A network that faces the Internet

• IP Address: 10.0.2.15 (it varies by your VirtualBox settings)

 

 

Project Structure

• Malware • stage1.exe – stage 1 malware

• It will be updated into stage 2 malware if the malware receives the correct command

• stage2.exe – stage 2 malware • It will download the payload

• payload.exe – the malware attack payload • Please discover that what payload is doing on the command from C&C

 

 

Questionnaire • 1) To get your credit for the project, you have to answer the questionnaire

on ~/report/assignment-questionnaire.txt !!!!! • 2) Please strictly follow the format or the example answer on each

question on assignment-questionnaire.txt. TAs use a autograder for your submit.

• Windows Part • Read ~/report/assignment-questionnaire.txt • Read carefully the questionnaire, and answer them on ~/report/assignment-

questionnaire.txt • For each stage, there are 4~6 questionnaire that inquires regarding the behavior of

the malware.

• Android Part • READ ~/Android/MaliciousMessenger/writeup.pdf • Read carefully the writeup, answer on on ~/report/assignment-questionnaire.txt

 

 

Submitting Questionnaire

• Required files • Zip the following files and upload to T-Square

• Run ~/archive.sh will automatically zip the whole files • ~/report/assignment-questionnaire.txt

• Stage1.exe, stage2.exe, payload.exe

• ~/tools/network/iptables_rules

• ~/tools/cfg-generation/score.h

• Running ~/archive.sh will create report.zip automatically • Please check the content of zip file before submitting it to T-square

 

 

Tutorial (for stage1.exe malware)

• Initializing the project • Open the terminal (Ctrl-Alt-T, or choose terminal from the menu)

• Run ./init.py • Type your Georgia Tech username (the login name used for Canvas)

• This will download stage1 malware (stage1.exe) into ~/shared directory

 

 

Tutorial – Secure Experiment Environment

• We need a secure experiment environment to execute the malware. • Why?

• Insecure analysis environment could damage your system • You may not want:

• Encrypting your file during a ransomware analysis • Infecting machines in your corporate network during a worm analysis • Creating a tons of infected bot client in your network during a bot/trojan analysis

• The solution: • Contain malware in a virtual environment

• Virtual Machine • Virtual Network

• Conservative rules(allow network traffic only if it is secure)

• We provide a Win XP VM as a testbed!

 

 

Tutorial – Run Win XP VM • Run Windows XP Virtual Machine with virt-manager

• Open a terminal

• Type “virt-manager” and double click “winxpsp3”

• Click the icon with the two monitors and click on “basecamp”

 

 

• Run Windows XP Virtual Machine with virt-manager • Right click on basecamp, and click “Start snapshot.” Click Yes if prompted.

• Once, virt-manager successfully calls the snapshot, click Show the graphical console. • Click on the Windows Start Menu and Turn off Computer.

• Then select Restart

Tutorial – Run Win XP VM

 

 

• DO NOT MODIFY OR DELETE THE GIVEN SNAPSHOTS!

• The given snapshots are your backups for your analysis.

• If something bad happens on your testbed, always revert back to the basecamp snapshot.

Tutorial – Run Win XP VM

 

 

Tutorial – Copy from Shared Directory

• Go to shared directory by clicking icon (in Windows XP) • Copy stage1.exe into Desktop

 

 

Tutorial – Run the malware!

• Now we will run the malware • Execute stage1.exe (double click the icon)

• It will say “Executing Stage 1 Malware”. Then, click OK. • You should click OK on each dialog to dismiss it

• Otherwise, malware execution will be blocked

 

 

Tutorial – Run the malware!

• If you want halt the running malware. • Execute stop_malware in temp directory at Desktop.

• Then it will quit the current running malware.

• Please halt first before you execute another malwares.

 

 

Tutorial – Network behavioral analysis

• To analyze network behaviors, you need • Wireshark (https://www.wireshark.org/)

• Network Protocol Analyzer

• Cuckoo (https://cuckoosandbox.org/) • Capturing & Recording inbound/outbound network packets

 

 

Tutorial – Observing Network Behavior

• By capturing and recording network packets through the tools, • Reveal C&C protocol

• Attack Source & Destination

• But, malware will not do anything. Why? • The C2 server is dead!

• Therefore, the malware(C2 client) will never unfold its behaviors.

• Question? • If we know C&C dialog of malware, can we build a fake C2 server in order to unfold the

malware behaviors?

• Answer: Hack Yeah! That is your job for this project!

 

 

Tutorial – Wireshark

• Let’s check it through network monitoring • Open wireshark (open a terminal. Type “sudo wireshark“ – you can ignore the

error message that pops up)

• Choose br0 to capture the network traffic

• Then start capture by clicking on the shark-fin on the top left

 

 

Tutorial – Redirect Network Connection

• Redirecting Network Connection • From WireShark, we can notice that the malware tries to connect to the host

at 128.61.240.66, but it fails

• Let’s make it to be redirected to our fake C2 server • Goto ~/tools/network

• Edit iptables_rules to redirect the traffic to 128.61.240.66 to 192.168.133.1 (fake host)

• Whenever you edit iptables_rules, always do reset. (~/tools/network/reset)

 

 

Tutorial – Reading C2 Traffic

• Observing C2 traffic • In the WireShark, we can notice that now the malware can communicate with

our fake C2 • But there will not be further execution, because the command is wrong..

 

 

Tutorial – Reading C2 Traffic

• Observing C2 traffic • You can see the contents of the traffic by right-clicking on the line, then click

Follow – TCP Stream

 

 

Tutorial – Cuckoo • Let’s use cuckoo this time.

• NOTE! You can’t run the testbed vm and cuckoo simultaneously.

• Always turn off the testbed vm, and follow the steps below to execute Cuckoo

• Open two terminals. • $workon cuckoo #Set virtualenv as cuckoo for both terminal1 and terminal2

• $cuckoo –d #To run cuckoo daemon for terminal1

• $cuckoo web #To run cuckoo webserver for terminal2 If you get an error when running cuckoo web because port 8000 is already in use, run “sudo fuser -k 8000/tcp” and try again

 

 

Tutorial – Cuckoo

• The given Cuckoo uses the snapshot of the given testbed VM.

• The snapshot is 1501466914

• DO NOT TOUCH the snapshot!

• When you want to use the testVM back, • Always follow the page 21.

 

 

Tutorial – Upload a file to Cuckoo

• To open cuckoo webserver, type the following URL into Chromium • http://localhost:8000

• To upload a file, click the redbox and choose a file.

 

 

Tutorial – Analysis on Cuckoo

• Once you click the analyze button, will take some time to run the malware.

 

 

Tutorial – Analysis on Cuckoo

• Once the pending job is done, You are ready to see the result

• Click the redbox

 

 

Tutorial – Analysis on Cuckoo(File Info)

 

 

Tutorial – Analysis on Cuckoo(Network Info)

• After redirecting, the result of cuckoo shows high-level information

• Observing the C2 traffic.

• Please compare this result with your Wireshark’s result.

 

 

Tutorial – Analysis on Cuckoo(Network Info)

• In network analysis tab, cuckoo provides more detailed info: payload, HTTPs, etc.

 

 

Tutorial – Figuring Out the List of Commands

• The malware does not exhibit its behavior because we did not send the correct command through our fake C2 server

• We will use • File/Registry/Process tracing analysis to guess the malware behavior. • control-flow graph (CFG) analysis and symbolic execution to figure out the list of the

correct commands

• The purpose of tracing analysis is to draw a big picture of the malware • What kinds of System call/API the malware use? • Does the malware create/read/write a file? How about registry?

• The purpose of CFG analysis is to find the exact logic that involves the interpretation of the command and the execution of malicious behavior

• Then, symbolic execution finds the command that drives the malware into that execution path

 

 

Tutorial – Tracing Analysis on Cuckoo

• On the side bar, there are useful menus for tracing analysis. • We are focusing on:

• Static Analysis • API/System Call.

• Behavioral Analysis • Trace behaviors in time sequence.

 

 

Tutorial – Static Analysis on Cuckoo

• Static Analysis • Information of the malware. • Win32 PE format information

• Windows binary use PE format • Complicated structure • Sections shows that

• .text

• Strings, etc. • .data

• .idata

• .reloc • Virtual link, dynamic link, etc.

• More ref: http://resources.infosecinstitute.com/2-malware-researchers-handbook-demystifying-pe-file/#gref

 

 

Tutorial – Static Analysis on Cuckoo

• Interestingly three DLL(Dynamic Link Libaries) files are imported.

• In WININET.dll, we can see the malware use http protocol.

• In ADVAPI32.dll, we can check the malware touch registry files

• In Kernel32.dll, we can check the malware waiting signal, also sleep.

 

 

Tutorial – Behavior Analysis on Cuckoo

• Tracing a behavior(file/process/thread/registry/network) in time sequence.

• Useful to figure out cause-and-effect in process/file/network.

• Malware create a new file and run the process, write the process on memory.

 

 

Tutorial – Analysis result on Cuckoo

• Based on the analysis of Cuckoo, We can sniff • The malware uses HTTP protocol to communicate

• Communicate with whom? C&C?

• Web server access? For checking alive C2 server?

• Commands through http protocol? Cookie?

• The malware touches(create/write/read) a file/registry/process • This might be a dropper? Or Download a binary from the C2 server?

• What is the purpose of creating process? Modifying registry?

 

 

Tutorial – Control Flow Graph Analysis

• Based on the pre-information that we collected from the previous step, we are going to perform CFG analysis & symbolic execution analysis

• CFG: • graph representation of computation and control flow in the program

• Nodes are basic blocks

• Edges represent possible flow of control from the end of one block to the beginning of the other.

 

 

Tutorial – Control Flow Graph Analysis

• CFG : An Example

• But, in malware analysis, we are analyzing CFG in instruction-level.

 

 

Tutorial – Control Flow Graph Analysis

• We provide a tool for you that helps to find command interpretation logic and the malicious logic • We list down the functions or system calls the malware uses internally • If you provide the score (how malicious it is, or how likely the malicious logic will use

such a function) for the functions, then the tool will find where the malicious logic is, by its score • Example: if you set StrCmpNIA to score 10, then the function that calls StrCmpNIA 5 times

within itself will have the score 50. • Higher score implies more functions related to the malicious activity is used with in the

function. • Your job is to write the score value per each function

• More ref: • http://www.cs.cornell.edu/courses/cs412/2008sp/lectures/lec24.pdf

 

 

Tutorial – Control Flow Graph Analysis

• From our network analysis, we know that the malware uses the Internet connection to 128.61.240.66

• From our cuckoo-based analysis, we know that the malware use HTTP protocol. • Let’s make the Internet related functions to have higher score

• Open score.h, and edit the score of all of the Internet related functions • The score is the value at the end (all others are set as 1)

 

 

Tutorial – Control Flow Graph Analysis

• Build control flow graph • By executing ./generate.py stage1, the tool gives you the CFG

• This finds the function with higher score • Implies that this calls high score functions on its execution

• For stage2 and payload • Use ’stage2’ and ‘payload’ as an argument respectively

• Note: your graph and its memory addresses will vary from this example • The function entry is at the address of 405190

• And, there is a function (marked as sub) of score 12 • At the address of 40525a (marked as red) • Use the block_address, not the call sub_address

• This implies that • sub_4050c0 calls some internet related functions. • We need to find the command that makes malware to

• Run from 405190 to 40525a

 

 

Tutorial – Finding Command

• Finding Command by Symbolic Execution • We want to find a command that drives malware from 405190 to 40525a

• Let’s do symbolic execution to figure that out

• What is symbolic execution? • Rather than executing the program with some input, symbolic execution treats the input

data as symbolic variable, then tries to calculate expressions for the input along the execution.

• Let’s take an example

 

 

Example – Symbolic Execution

Symbolic execution moves along the path of conditional statements, and combine all conditions until it reaches to the target function. At the end, it solves the expression to get an input that satisfies all of the conditions

• What is Symbolic Execution?

• Path explosion • Modeling statements and environments • Constraint solving

 

 

Example – Symbolic Execution

Code Example Type i, j

If i+5 < j

If i%2 == 0

If j%3 == 0

Incorrect!Correct!

i+5 < j

i+5 < j; i%2==0

i+5 < j; i%2==0; j%3 == 0

Solve the expression i = 2

j > 7, but multiple of 3 so j=9

Expressions

i=2, j=9 will lead the program to print “Correct!”

 

 

Example – Symbolic Execution

Code Example Receive command

Command == ‘launch-attack’

Command == ‘remove’

destroy_itself()

Expressions

attack()

Command == ‘launch-attack’

Command == ‘remove’

This executes attack() on command ‘launch-attack’, and destroy_itself() on ‘remove’ command

 

 

Example – Symbolic execution engine

• Symbolic Execution Engine: Klee, Angr, Mayhem, etc. • Loading a binary into the analysis program • Translating a binary into an intermediate representation (IR). • Translating that IR into a semantic representation • Performing the actual analysis with symbolic execution.

Feel free to check this for more information https://www.cs.umd.edu/~mwh/se-tutorial/symbolic-exec.pdf

 

 

Tutorial – Finding Command on Angr

• We prepared a symbolic executor and a solver for you • Your job is to find the starting point of the function which interprets the

command, and find the end point where malware actually executes some function that does malicious operations • Use Control-flow Graph (CFG) analysis tool!

• The symbolic executor is called angr.(http://angr.io/index.html)

 

 

Tutorial – Finding Command on Angr

• We prepared a symbolic executor and a solver for you • How to run?

• Go to ~/tools/sym-exec

• Run it as • ./sym-exec-on-addr [program_path] [start_address] [end_address]

• ./sym-exec-on-addr ~/shared/stage1.exe 405190 40525a

• The command will be printed at the end (if found)

Replace these with start and end addresses from your graph

 

 

Symbolic Execution – Special Note for stage2.exe

• sys-exec for stage2 takes a lot of time to resolve (up to 20 minutes) – you are welcome to modify the VM performance settings (memory, cores) based on your hardware to speed this up

• If you get a single error message, keep trying again – sym-exec will occasionally fail for stage2

• If your screen is filling up with error messages, then you have the wrong start and/or end address

 

 

Tutorial – Reconstructing C2

• After CFG analysis + symbolic execution, reconstruct the C2

Malware

Connect to C&C

Test2: $command2

Test1: $command1

Fake C&C server

Test3: $command3

 

 

Tutorial – Reconstructing C2 • The tool for helping the reconstruction of C2 server is ready on the

VM • It runs nginx and php script

• This will read ~/tools/c2-command/stage*-command.txt

• Your job is to write each command on that *.txt file • The command that leads the execution from 405190 to 40525a is “$uninstall”

• Then, type ”$uninstall” and save the file.

• Important: be sure to put the ‘$’ character before you commands, even if stage*- command.txt says that it’s optional

• The order of commands in the file does not matter – they’ll run in a random order

 

 

After that…

• If you find all commands for stage1.exe malware, the malware will download stage2.exe by updating itself.

• For stage2.exe, please follow the same step on the tutorial • Check its network access by Wireshark

• Redirect network traffic to fake host if required (if connection fails)

• Try to identify malicious function by editing score.h and cfg-generation tool

• Discover the list of commands using the symbolic execution tool

• Fill the commands in ~/tools/c2-command/stage2-command.txt

• Do the same step for payload.exe (stage3)

 

 

Tutorial – Copy to Shared Directory

• As described in page 14, you will see a malware is downloaded.

• You need to copy the malware into the Linux host to analyze. • Right-click the downloaded malware in Desktop, then click “Copy”.

• Open Shared Directory and right-click, then click “paste”

 

 

Tutorial – Copy to Shared Directory

• Back to the Linux host, open a terminal and go to “~/shared”.

• Please the following steps below.

 

 

Tips for assignment-questionnaire.txt

• Complete the questionnaire as you go; try to avoid backtracking as this wastes time

• The URL example in the questionnaire is “http://scouter.cc.gatech.edu/a/b/c”, but some URLs may not include the path (a/b/c) – this is fine, just be sure to include the path in your answer for the URLs that include it

• The grading script will ignore “http://”, “https://” and “www.” for your convenience, but try to be thorough and match what you see exactly

• Commands and memory addresses are NOT case sensitive, but be sure you don’t mix up 0 (zero) and O – the zero should have a dot in it in the VM

 

 

Tips

• Getting the domain name from an IP address (if packet is encrypted) • Use nslookup (IP -> domain, and domain name -> IP vice versa)

 

 

Tips

• Getting the exact domain name from an IP address • Let fake connection can happen (redirect to 192.168.133.1)

• Then look at the TCP stream data

• HTTP header will give the answer • Host: netscan.gtisc.gatech.edu

 

 

Tips

• Getting the process name of the malware • Use taskmgr in Windows

• Start menu -> run -> taskmgr; or, press Ctrl-Shift-Esc on Windows.

• Click on the ‘Processes’ tab to see the list of processes

• Or use cuckoo in behavior analysis

 

 

Tips

• Getting the process name of the malware and the registery key that created by the malware • Use the given Procmon in ProcessMonitor at the testbed VM

 

 

Tips

• If the malware does not run • E.g., not displaying the dialog box with “Starting Stage X malware” on start

• Try to run stop_malware on the desktop • This will stop all malware activity, and you can run in the clean state

 

 

Tips

• Click OK to proceed malware execution • Currently, the dialog is set to block the execution of the malware

• Click OK whenever this dialog pops-up from the malware • Otherwise, the malware will not execute further to show their behavior

 

 

Tips

• Iptables rules • Edit ~/tools/network/iptables_rules

• Make sure you have no error on writing rules

• Make sure you execute ./reset on that directory • This command will update the current iptables rules…

• NAT Redirect Syntax • iptables -t nat -A PREROUTING -p tcp -s [source-ip-address] -d [destination-ip-address] —

dport 80 -j DNAT –to 192.168.133.1:80 • Insert the rule in the PREROUTING table of NAT,

• And if the protocol is tcp, source ip is matched with [source-ip-address],

• Destination IP is matched with [destination-ip-address], and destination port is 80

• Then redirect this traffic to 192.168.133.1, port 80.

 

 

Advanced Tips

• For those of you who is interested in Reverse Engineering, this slides covers a fundamental material that you need to study.

• Dissembler/Debugger • IDA Pro, binary ninja, radare2, x64 dbg, GDB, immunity debugger, etc.

• Packer/Obfuscation • Ether, VMIUnpacker, xorunpacker, etc.

• PE/ELF binary format

• Memory snapshot.

• More.

 

 

Advanced Tips

• Most malware are packed or obfuscated by a known/unknown packer or obfuscator.

• For Win32 binary, by checking PE32 format, we can check whether binary is packed.

• For obfuscation, we need to usually reverse engineer whether to check the binary is obfuscated.

 

 

Advanced Tips

• Assembly code & OS architecture • X86, x86-64, arm64, etc.

• Stack, heap, canary, guardian, etc.

• An example:

 

 

Advanced Tips

• Anti debugging/Anti VM techniques • Malware is becoming more advanced.

• Malware authors knows: • Malware analyst use debugging/disassembler tool

• Malware analyst use VM environment

• Malware authors embedded evasion of debugging software and VM environment. • Detection software/hardware breakpoint

• Detection memory/conditional breakpoint

• Timing/Artifact based VM detection

 

 

Android Malware Analysis

• Manifest Analysis • Identifying suspicious components

• Static Analysis • Search for C&C commands and trigger conditions

• Vet the app for any anti-analysis techniques that need to be removed.

• Dynamic analysis • Leverage the information found via static analysis to trigger the malicious

behavior.

 

 

Manifest Analysis

• Identify suspicious components • Broadcast receivers registering for suspicious actions.

• Background services

• Narrow the scope of analysis • Malicious apps are repackaged in benign apps with 1000’s of classes.

Broadcast receiver from CoinPirate’s malware family.

 

 

Static Analysis

• Search for C&C commands and trigger conditions

 

 

Static Analysis

• Identifying Anti-analysis techniques

 

 

Scenario

Analyzing Android Malware • You have received a malware sample sms.apk.

• You need to identify communication with C&C server

• Identify anti-analysis techniques being used by the app.

• Identify commands that trigger any malicious behavior.

 

 

Project Structure

• Android emulator • An emulator for Android 4.4 is pre-installed

• Run ‘run-emulator’ • This will open Android emulator.

• Jadx • Disassembles apk files into Java source code.

• Apktool • Disassembles apk file into Smali.

• Rebuilds apk files.

• Write-up (~/Android/MaliciousMessenger/writeup.pdf) • Detailed guide on how to complete the Android section of the lab.

 

 

Project Structure

• Android App • ~/Android/MaliciousMessenger/tutorialApps

• emu-check.apk • A tutorial example (Shown as ‘My application’ in the emulator)

• CoinPirate.apk • Another tutorial example

• ~/Android/MaliciousMessenger/sms.apk • Target app to analyze to answer the questionnaire

• READ ~/Android/MaliciousMessenger/writeup.pdf

 

 

Starting C&C Server

• Starting C&C Server • Run `start_server`

 

 

How to

• Emulator • Run with ‘run-emulator’

 

 

How to

• Emulator • Run Application

• My Application (tutorial, not required) • emu-check.apk

• Coin Pirates (tutorial, not required) • CoinPirates.apk

• Messenger • Sms.apk (analysis target)

 

 

How to

• Emulator • Click ‘…’ to control the emulator

 

 

How to

• Emulator • Send SMS

• Can change sender ID

• Can change content

 

 

How to

• Decompile • Run jadx-gui

 

 

How to

• Disassemble • Run apktool

• apktool d –f –r sms.apk • This command generates decompilied *.smali files

• Copy APK file before doing this.

• Repackage (requires signing) • apktool b sms –o sms.apk

• This command will re-assemble *.smali files into an apk file (as sms.apk, you can change this)

• Sign • You should sign the app to install the app to emulator

• Run ‘signer.py sms.apk’

 

 

How to

• Install / uninstall (you should uninstall first to re-install the app) • Install

• adb install sms.apk • This command will install sms.apk into the emulator

• Make sure turn on the emulator first

• adb uninstall com.smsmessenger • This command will uninstall sms.apk from the emulator

 

 

How to

• Decompile • Run jadx-gui

• Open apk file

• Open class…

 

 

Questionnaire • 1) To get your credit for the project, you have to answer the questionnaire

on ~/report/assignment-questionnaire.txt !!!!! • 2) Please strictly follow the format or the example answer on each

question on assignment-questionnaire.txt. TAs use a autograder for your submit.

• Windows Part • Read ~/report/assignment-questionnaire.txt • Read carefully the questionnaire, and answer them on ~/report/assignment-

questionnaire.txt • For each stage, there are 4~6 questionnaire that inquires regarding the behavior of

the malware.

• Android Part • READ ~/Android/MaliciousMessenger/writeup.pdf • Read carefully the writeup, answer on on ~/report/assignment-questionnaire.txt

 

 

Submitting Questionnaire

• Required files • Zip the following files and upload to T-Square

• Run ~/archive.sh will automatically zip the whole files • ~/report/assignment-questionnaire.txt

• Stage1.exe, stage2.exe, payload.exe

• ~/tools/network/iptables_rules

• ~/tools/cfg-generation/score.h

• Running ~/archive.sh will create report.zip automatically • Please check the content of zip file before submitting it to T-square

 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!

Excel_Ch07_Cap_Real_Estate | Excel Chapter 7 Real Estate

Excel_Ch07_Cap_Real_Estate | Excel Chapter 7 Real Estate

 

You are the office manager for a real estate company in northern Utah County. You tracked real estate listings, including city, agent, listing price, sold price, etc. Agents can represent a seller, a buyer, or both (known as dual agents). Your assistant prepared the spreadsheet structure with agent names, agent types, the listing and sold prices, and the listing and sold dates. You want to complete the spreadsheet by calculating the number of days each house was on the market before being sold, agent commissions, and bonuses. In addition, you will use conditional functions to calculate summary statistics. For further analysis, you will insert a map chart to indicate the average house selling price by city. Finally, you will create a partial loan amortization table and calculate cumulative interest and principal to show a potential buyer to help the buyer make decisions.

The   spreadsheet contains codes (BA, DA, SA) to represent agent roles (Buyer’s   Agent, Dual Agent,   Seller’s Agent). You want to switch the codes for the actual descriptions.
In cell E12 of the Details sheet, insert the SWITCH function to evaluate the   agent code in cell D12. Include mixed cell references to the codes and roles   in the range J2:K4 for the values
and results arguments. use all cell references in the function. Copy the   function to the range E13:E39.

Now you want to calculate the   number of days between the list date and sale date.
In cell J12, insert the DAYS function to calculate the number of days between   the Listing Date and the Sale Date. Copy the function to the range J13:J39.

You want to calculate agent   commissions based on their role.
In cell K12, insert the IFS function to calculate the agent’s commission   based on the agent code and the applicable rates in the range L2:L4. Use   relative and mixed references correctly. Copy the function to the range   K13:K39.

You want to calculate a bonus if   the sold price was at least equal to the listing price, and if the house sold   within 30 days after being listed.
In cell L12, insert an IF function with a nested AND function to calculate a   bonus. The AND function should ensure both conditions are met: Sold Price   divided by the Listing Price is greater than or equal to 100% (cell L7) and   the Days on Market are less than or equal to 30 (cell L8). If both conditions   are met, the bonus is $1,000 (cell L9). Otherwise, the bonus is $0. Use mixed   cell references to the input values in the range L7:L9. Copy the function to   the range L12:L39.

The top-left section of the   spreadsheet is designed for summary statistics for one condition. You will   calculate average selling prices and the number of houses sold in each city   (the condition).
In cell B2, insert the AVERAGEIF function to calculate the average Sold Price   for houses in the city of Alpine. Use mixed references for the range; use a   relative reference to cell A2. Copy the function and use the Paste Formulas   option to paste the function in the range B3:B5 so that the bottom border in   cell B5 is preserved.

You want to count the number of   houses in one city.
In cell C2, insert the COUNTIF function to count the number of houses in the   city of Alpine. Use mixed references for the range; and use a relative   reference to cell A2. Copy the function and use the Paste Formulas option to   paste the function in the range C3:C5 so that the border in cell C5 is   preserved.

You want to calculate the total commissions   for each agent (the condition).
In cell B7, insert the SUMIF function to total the commissions by agent. Use   mixed references for the ranges; and use a relative reference to cell A7.   Copy the function and use the Paste Formulas option to paste the function in   the range B8:B9 so that the borders are preserved.

The top-middle section of the   spreadsheet is designed for summary statistics for multiple conditions. You   will calculate the number of houses sold for each agent when he or she served   as a Dual Agent (DA). Use mixed references for ranges and the agent code   condition in cell J3. Use relative cell references to the agent condition in   cell E2. When you copy the formulas, use the paste Formulas options to   preserve border formatting.
In cell F2, insert the COUNTIFS function in cell F2 to count the number of   houses sold by the first agent (cell E2) who was a Dual Agent (DA) (J3) for   that house. Use all cell references in the function. Copy the function to the   range F3:F4 and preserve the bottom border for cell F4.

You are ready to calculate the   total value of those houses for each agent when he or she served as a Dual   Agent (DA). Use mixed references for ranges and the agent code condition in   cell J3. Use relative cell references to the agent condition in cell E2. When   you copy the formulas, use the paste Formulas options to preserve border   formatting.
In cell G2, insert the SUMIFS function to sum the selling prices of the   houses sold by the first agent (cell E2) who was a Dual Agent (DA) (J3) for   that house. Copy the function to the range G3:G4 and preserve the bottom   border for cell G4.

Now, you will calculate the   highest-price house highest-price house sold for each agent when he or she   served as a Dual Agent (DA). Use mixed references for ranges and the agent   code condition in cell J3. Use relative cell references to the agent   condition in cell E2. When you copy the formulas, use the paste Formulas   options to preserve border formatting.
In cell H2, insert the MAXIFS function in cell H2 to display the highest-price   house sold by the first agent (cell E2) who was a Dual Agent (DA) (J3) for   that house. Copy the function to the range H3:H4 and preserve the borders in   the range H3:H4.

The Map worksheet contains a   list of cities, postal codes, and average house sales. You will insert a map   chart to depict the averages visually using the default gradient fill colors.
Display the Map worksheet, select the range B1:C5 and insert a map chart.

Cut the map chart and paste it   in cell A7. Set a 2.31″ height and 3.62″ width.

You want to enter a meaningful   title for the map.
Change the map title to Average Selling Price by Zip Code.

Display the Format Data Series   task pane, select the option to display only regions with data, and show all   labels. Close the task pane.

You are ready to start   completing the loan amortization table.
Display the Loan worksheet. In cell B8, type a reference formula to cell B1.   The balance before the first payment is identical to the loan amount. Do not   type the value; use the cell reference instead. In cell B9, subtract the   principal from the beginning balance on the previous row. Copy the formula to   the range B10:B19.

Now, you will calculate the   interest for the first payment.
In cell C8, calculate the interest for the first payment using the IPMT   function. Copy the function to the range C9:C19.

Next, you will calculate the   principal paid.
In cell D8, calculate the principal paid for the first payment using the PPMT   function. Copy the
function to the range D9:D19.

Rows 21-23 contain a summary   section for cumulative totals after the first year.
In cell B22, insert the CUMIPMT function that calculates the cumulative   interest after the first year. Use references to cells A8 and A19 for the   period arguments.

The next summary statistic will   calculate the principal paid after the first year.
In cell B23, insert the CUMPRINC function that calculates the cumulative   principal paid after the first year. Use references to cells A8 and A19 for   the period arguments.

Rows 25-28 contain a section for   what-if analysis.
In cell B27, use the RATE financial function to calculate the periodic rate   using $1,400 as the
monthly payment (cell B26), the NPER, and loan amount in the original input   section.

In cell B28, calculate the APR   by multiplying the monthly rate (cell B27) by 12.

Create a footer with your name   on the left side, the sheet name code in the center, and the file name code   on the right side of each worksheet.

 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!

A Video Store (AVS) Runs A Series Of Fairly Standard Video Stores

Consider the following scenario and then answer the corresponding questions.

 

A Video Store (AVS) runs a series of fairly standard video stores. Before a video can be put on the shelf, it must be cataloged and entered into the video database. Every customer must have a valid AVS customer card in order to rent a video. Customers rent videos for three days at a time. Every time a customer rents a video, the system must ensure that they do not have any overdue videos. If so, the overdue videos must be returned and an overdue fee paid before customer can rent more videos. Likewise, if the customer has returned overdue videos, but has not paid the overdue fee, the fee must be paid before new videos can be rented. Every morning, the store manager prints a report that lists overdue videos. If a video is two or more days overdue, the manager calls the customer to remind them to return the video. If a video is returned in damaged condition, the manager removes it from the video database and may sometimes charge the customer.

Upon your review complete the following:

 

1. Identify at least 3 classes that could be part of the AVS system. For each class identify at least 5 attributes and 2 methods. (9 pts)

 

 

2. Provide a one-sentence description of each of the methods you have identified in the previous step. (6 pts)

 

 

3. For each of the methods identified in question 1, list any arguments (data) required to perform the method. (3 pts)

 

 

 

 

4. Whenever a video is added, the system will increase the total number of available for checkout for that movie. How will you model the operation of increasing the total number of available videos? Will this be a public or private operation? Explain your reasoning briefly. (6 pts)

 

 

Explain the concept of polymorphism using an example in the AVS context.

 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!

Concepts Of Programming Language: Building A Scanner

Example Pseudocode

Problem: Given a sorted array a with n elements (i.e., a[0] <= a[1] <= … a[n-1]) and a number m, find if m is in the array.

 

1. Main pseudo code

 

data

given data

n: the number of integers given

a[0], …, a[n-1]: the given integers

m: given integer (to check if it is in a)

unknown data: N.A.

intermediate data:

found: indicating if is found from a

plan

// get array an from user input (numbers in a must be ordered).

n = getseries(a)

// find if is in array from index 0 to n-1

found = search(a, 0 , n-1, m)

if found print is found in a.

Otherwise print is not found in a.

 

(Pseudo code for all functions used in the main pseudocode)

 

2. Pseudo code for search function

 

Function name: search

input:

a: an array of numbers

bottom, top: bottom and top index

m: the number to search from a[bottom] to a[top]

output:

b: 1 if is in a a[bottom] to a[top]0 otherwise

Data

mid: middle index of the array

plan:

if (bottom > top) b = 0 and stop.

find the mid point mid of the array between bottom and top

if (a[mid] == mb = 1

else if (m > a[mid])

P2.1 // find if m is in a from mid+1 to top:

b = search(a, mid+1, top, m)

else P2.2 // find if m is in from bottom to mid-1

b = search(a, bottom, mid-1,m)

 

3. Pseudo code for getSeries function

 

omitted here

 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!

Computer

Assignment #2 Security in Computing COSC2536/2537

Total Marks: 35 Submission Deadline: Week 10, May 11 2018 11:59pm

Q1 (Privacy) (Mark 6) Answer either Question (a) or (b) (a): Suppose there are seven voters to vote for YES or NO to give their opinions.

Design a secure voting prototype as shown in Fig. 1 using Paillier cryptosystem where the votes must be encrypted from Voting Booth before sending them to the Voting Server. Assume, four voters will vote for YES and three voters will vote for NO. The Voting Authority should find four YESs and three NOs after counting the votes. The Voting Authority chooses p=59, q=97 and select g=5724. Seven voters select the random numbers as 𝒓𝟏 = 𝟗𝟎, 𝒓𝟐 = 𝟗𝟏, 𝒓𝟑 = 𝟗𝟐, 𝒓𝟒 = 𝟗𝟑, 𝒓𝟓 = 𝟗𝟒, 𝒓𝟔 = 𝟗𝟓 and 𝒓𝟕 = 𝟗𝟔 respectively. Show the encryption, homomorphic computations and decryption processes.

Fig. 1: Secure E-voting Scenario

Hints: Refer to the lecture-5 Secure e voting. You need to represent the total number of votes by 6-bit string. The first three of bits should represent the votes for YES and the rest for NO. When adding a vote for YES, the system adds 001000, which is 8 in integer. Similarly, the system adds 000001 when voting for NO, which is 1 in the integer form. (b) As shown in Fig. 2, Alice owns two different shops where she sells mobile phones of a specific brand. The prices of the phones are different based on the shops. Now with

 

 

the help of a third-party cloud server, Alice wants to know remotely and securely, how much she earned by selling the mobile phones in both shops with different price rate (assume that Alice does not have the homomorphic computation power). Note that, Alice does not want to reveal how many phones are sold also the total amount of money that she earned to the server. How can you build a secure protocol using Exponential ElGamal cryptosystem where the cloud server can perform such computations without knowing the number of phones that are sold and the total earnings? Please refer to the below table for detail information.

Shops Shop 1 Shop 2 Phones sold 20 25 Price rate 50 30

Total Earning per shop 1000 750 Total Earning 1750

 

Fig. 2: Secure Transactions

Hints: Alice as a receiver, should generate the public and private key pairs (as shown in figure) and sends the public keys to the shops. The corresponding shops as senders can encrypt (with random numbers given in the figure) the number of phones sold and send the cipher-texts with the price rate (as plaintext) to the cloud server. The server with computation power should perform the required computations homomorphically so that it cannot reveal the total amount that is earned by selling the phones, since it is privacy sensitive. Only Alice should decrypt and find the Total earning. Q2 (Signatures) (Mark 2+2+1+1=6) (a) Suppose Bob (the sender) wants to send a signed message m=456789 to Alice (the receiver). However, before sending the message he would like to sign the message. When Alice receives the signed message, she would like to verify that the message is

 

 

indeed from Bob. To facilitate signing and verification Bob generates public and private keys using RSA encryption algorithm and sends the public key to Alice. Bob uses parameter p=10009 and q=9739, and chooses a suitable public key parameter e=5737. How would Bob sign message m=456789? How would Alice verify the signed message from Bob? (b) Suppose Bob (the sender) wants to send a signed message m=3456 to Alice (the receiver). However, before sending the message he would like to sign the message. When Alice receives the signed message, she would like to verify that the message is indeed from Bob. To facilitate signing and verification Bob generates public and private keys using ElGamal encryption algorithm and sends the public key to Alice. Bob chooses p=8081, g=2849, x=59. How would Bob sign message m=3456? How would Alice verify the signed message from Bob? (c) Recall that we use both a public key system and a hash function when computing digital signatures. Suppose that the hash function used to compute and verify signatures is insecure, but the public key system is secure. Show that you can forge signatures. (d) Why is it a bad idea to use the same RSA key pair for both signing and decryption? Explain with an example (i.e. a numerical example). Is this also true for ElGamal? 
 Q3 (BlockChain) (Mark 12) Study (i.e. research) various supply-chain systems as listed below. Choose one of the supply-chain systems as a case study (or you may choose any, which is not listed) and write a short report/proposal on how integrity and traceability of the chosen system can be improved by using BlockChain principle. Use plenty of diagrams to explain your concept. We are not asking you to write code and develop the system, but your report should contain enough information for a system architect to understand and build the proposed system. Some existing Blockchain based Supply-chain case studies are as follows.

1. Blockchain in Pharmaceutical supply chain to prevent counterfeit drugs supply.

2. Blockchain based Port logistics 3. Food safety and traceability using Blockchain: Meat traceability, Sea food

traceability etc. 4. Blockchain based garment products supply chain. 5. Tracking and tracing the provenance of diamonds using blockchain.

Some resources to study about existing Blockchain based Supply chain systems to improve the trust, traceability and integrity: Seafood Traceability using Blockchain IBM’s Solution on Blockchain based Food Supply chain

 

 

Q4 (Authentication and Intrusion Detection) (Mark 2+2+3+2=9) (a) Consider the following mutual authentication protocol, where KAB is a shared symmetric key. 
 Give two different attacks that Trudy can use to convince Bob that she is Alice.

(b) Suppose R is a random challenge sent in the clear from Alice to Bob and K is a symmetric key known only to Alice and Bob. Which of the following are secure session keys and which are not? Justify your answers.

(i)

(ii)

(c) The popular method for anomaly-based intrusion detection is based on file-use statistics.

(i) Many other statistics could be used as part of an anomaly-based IDS. For example, network usage would be a sensible statistic to consider. List five other statistics that could reasonably be used in an anomaly-based IDS.

(ii) Why might it be a good idea to combine several statistics rather than relying on just a few?

(iii) Why might it not be a good idea to combine several statistics rather than relying on just a few?

(d) Alice forgets her password. She goes to the system administrator’s office, and the admin resets her password and gives Alice the new password.

(i) Why does the SA reset the password instead of giving Alice her previous (forgotten) password? Why should Alice re-reset her password immediately after the SA has reset it?

(ii) Suppose that after the SA resets Alice’s password, she remembers her

 

340 SIMPLE AUTHENTICATION PROTOCOLS

9.8 Problems 1. Modify the authentication protocol in Figure 9.12 so that it uses a hash

function instead of symmetric key encryption. The resulting protocol must be secure.

2. The insecure protocol in Figure 9.24 was modified in Figure 9.26 to be secure. Find two other distinct ways to slightly modify the protocol in Figure 9.24 so that the resulting protocol is secure. Your protocols must use a timestamp and “encrypt and sign.”

3. We want to design a secure mutual authentication protocol based on a shared symmetric key. We also want to establish a session key, and we want perfect forward secrecy.

a. Design such a protocol that uses three messages.

b. Design such a protocol that uses two messages.

4. Consider the following mutual authentication protocol, where KAB is a shared symmetric key.

“I’m Alice”, R ►

E(R,KAB)

E(R+1,KAB) r Bob

Give two different attacks that Trudy can use to convince Bob that she is Alice.

5. Consider the attack on TCP authentication illustrated in Figure 9.28. Suppose that Trudy cannot guess the initial sequence number 62 ex- actly. Instead, Trudy can only narrow 62 down to one of, say, 1,000 possible values. How can Trudy conduct an attack so that she is likely to succeed?

6. Timestamps can be used in place of nonces in security protocols.

a. What is the primary advantage of using timestamps?

b. What is the primary disadvantage of using timestamps?

7. Consider the following protocol, where CLNT and SRVR are constants, and the session key is K = h(S, RA, RB)·

Alice ~

 

9.8 PROBLEMS 341

“I’m Alice”, RA Certificate, RB

{ S ^ , E(CLNT.K)

E(SRVR,K) Alice + Bob

a. Does Alice authenticate Bob? Justify your answer.

b. Does Bob authenticate Alice? Justify your answer.

Consider the following protocol, where KAB is a shared symmetric key, CLNT and SRVR are constants, and K = h(S,RA,Re) is the session key.

“I’m Alice”, RA

3s. E(S, Κ^), E(CLNT.K) t

E(SRVR,K) Alice ■* Bob

a. Does Alice authenticate Bob? Justify your answer. b. Does Bob authenticate Alice? Justify your answer.

9. The following two-message protocol is designed for mutual authentica- tion and to establish a session key K. Here, T is a timestamp.

“I’m Alice”, \J]Miœ, {K>Bob

Alice Bob

This protocol is insecure. Illustrate a successful attack by Trudy.

10. Suppose R is a random challenge sent in the clear from Alice to Bob and K is a symmetric key known only to Alice and Bob. Which of the following are secure session keys and which are not? Justify your answers.

a. R®K b. E{R,K) c. E(K,R)

 

9.8 PROBLEMS 341

“I’m Alice”, RA Certificate, RB

{ S ^ , E(CLNT.K)

E(SRVR,K) Alice + Bob

a. Does Alice authenticate Bob? Justify your answer.

b. Does Bob authenticate Alice? Justify your answer.

Consider the following protocol, where KAB is a shared symmetric key, CLNT and SRVR are constants, and K = h(S,RA,Re) is the session key.

“I’m Alice”, RA

3s. E(S, Κ^), E(CLNT.K) t

E(SRVR,K) Alice ■* Bob

a. Does Alice authenticate Bob? Justify your answer. b. Does Bob authenticate Alice? Justify your answer.

9. The following two-message protocol is designed for mutual authentica- tion and to establish a session key K. Here, T is a timestamp.

“I’m Alice”, \J]Miœ, {K>Bob

Alice Bob

This protocol is insecure. Illustrate a successful attack by Trudy.

10. Suppose R is a random challenge sent in the clear from Alice to Bob and K is a symmetric key known only to Alice and Bob. Which of the following are secure session keys and which are not? Justify your answers.

a. R®K b. E{R,K) c. E(K,R)

 

 

previous password. Alice likes her old password, so she resets it to its previous value. Would it be possible for the SA to determine that Alice has chosen the same password as before? Why or why not?

Q5 (Data Hiding) (Mark 2) Assume that we have a stego ECG signal with 200 samples in which binary bits of a text message is hidden as secret message. There are 168 bits of the binary secret message. A bit is hidden in the least significant bit (LSB) of an ECG sample. Please note that the bits are embedded sequentially. For example, we have a text message “hello world”. The equivalent binary of secret message is:

011010000110010101101100011011000110111100100000011101110110111 1011100100110110001100100

Now, if we hide first 5 bits of the binary string given above in LSB of first 5 ECG samples then the resultant ECG samples will look like as follows:

ECG Samples

Equivalent Binary Binary After Hiding a bit in LSB

-0.045 10111101001110000101000111101100 10111101001110000101000111101100 -0.055 10111101011000010100011110101110 10111101011000010100011110101111 -0.055 10111101011000010100011110101110 10111101011000010100011110101111 -0.075 10111101100110011001100110011010 10111101100110011001100110011010 -0.065 10111101100001010001111010111000 10111101100001010001111010111001 ⁞ ⁞ ⁞

You need to perform steganalysis to find out the secret text message from the stego ECG signal. In order to do this, convert each ECG samples into 64 bit binary and read corresponding LSB to store. At the end, convert retrieved bits into text.

The contents of stego ECG signal file (stego_ecg.txt) are given in the Appendix.

 

 

APPENDIX Stego_ecg.txt: -0.16999999999999998 -0.16 -0.17 -0.165 -0.15499999999999997 -0.15999999999999998 -0.17 -0.15 -0.10499999999999998 -0.045000000000000005 -0.030000000000000002 0.019999999999999997 0.065 0.12000000000000001 0.05499999999999999 0.01 -0.07999999999999999 -0.16 -0.17 -0.19 -0.21499999999999997 -0.21499999999999997 -0.4000000000000001 -0.39000000000000007 0.475 2.07 3.28 2.345 0.22499999999999998 -0.48000000000000004 -0.235 -0.23500000000000001 -0.275 -0.26000000000000006 -0.26000000000000006 -0.2800000000000001 -0.265 -0.255 -0.2750000000000001 -0.24 -0.24 -0.23 -0.215 -0.195 -0.19000000000000003 -0.16999999999999998 -0.175 -0.13500000000000004 -0.12 -0.08 -0.08 -0.08 -0.07 -0.055 -0.05 -0.004999999999999999 -0.015

 

 

-0.030000000000000002 -0.04 -0.07000000000000002 -0.08 -0.07999999999999999 -0.135 -0.12000000000000001 -0.135 -0.135 -0.17 -0.16499999999999998 -0.175 -0.16499999999999998 -0.14 -0.14 -0.175 -0.13500000000000004 -0.145 -0.14 -0.13000000000000003 -0.13 -0.15499999999999997 -0.14000000000000004 -0.16499999999999998 -0.16 -0.13500000000000004 -0.135 -0.165 -0.15 -0.155 -0.15999999999999998 -0.15999999999999998 -0.15499999999999997 -0.17 -0.14999999999999997 -0.14999999999999997 -0.15999999999999998 -0.15499999999999997 -0.13 -0.14999999999999997 -0.12000000000000001 -0.10000000000000002 -0.05499999999999999 -0.03 0.045 0.085 0.11 0.09 0.02 -0.10000000000000002 -0.14 -0.18500000000000003 -0.19000000000000003 -0.20000000000000004 -0.18000000000000002 -0.395 -0.34500000000000003 0.5200000000000001 2.0299999999999994 3.1300000000000003

 

 

2.1600000000000006 0.1 -0.505 -0.26 -0.24000000000000002 -0.26000000000000006 -0.26000000000000006 -0.275 -0.24 -0.235 -0.22499999999999998 -0.255 -0.25000000000000006 -0.24000000000000002 -0.19000000000000003 -0.18 -0.19000000000000003 -0.18 -0.165 -0.15999999999999998 -0.12000000000000001 -0.10000000000000002 -0.09500000000000001 -0.07999999999999999 -0.07000000000000002 -0.07999999999999999 -0.039999999999999994 -0.06 -0.04 -0.030000000000000002 -0.035 -0.07000000000000002 -0.07 -0.1 -0.105 -0.14 -0.12000000000000001 -0.14000000000000004 -0.14 -0.165 -0.18000000000000002 -0.15 -0.13 -0.175 -0.155 -0.13500000000000004 -0.13 -0.14499999999999996 -0.115 -0.12000000000000001 -0.14000000000000004 -0.15 -0.145 -0.15 -0.16 -0.17 -0.145 -0.165 -0.155 -0.18

 

 

-0.18 -0.175 -0.165 -0.19 -0.17 -0.175 -0.155 -0.12 -0.06 -0.04 0.01 0.06 0.1 0.08 0.06 -0.06 -0.12 -0.185 -0.195 -0.2 -0.195 -0.27 -0.425

 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!