Dive into Deep Learning

Aston Zhang, Zachary Lipton, Mu Li and Alex Smola, 2022 (http://alex.smola.org/projects.html)

This book covers code, math, examples and explanations in one piece. Some of the highlights:

  • Downloadable Jupyter notebooks. In fact, the entire book consists of notebooks.
  • A freely available PDF version
  • A GitHub repository to allow for fast corrections of errata
  • A tight integration with discussion forums to allow for questions regarding the math and code on the site
  • Theoretical background suitable for engineers and undergraduate researchers
  • State of the art models (including ResNet, faster-RCNN, etc)
  • Well documented and structured code that is executed on real datasets, yet at the same time small enough to fit on a laptop.
  • A Chinese translation (in fact, the Chinese book will be released first)

Energy Usage Measurement Techniques in Computing Equipments

Study of various techniques for measuring energy usage in IoT, Servers and programming languages

PaperMethodComments
Joshi J, Rajapriya V, Rahul SR, Kumar P, Polepally S, Samineni R, Kamal Tej D (2017) Performance enhancement and IoT based monitoring for smart home. In: Proceedings of the 2017 international conference on information networking, pp 468–473, IEEE, USA. https://doi.org/10.1109/ICOIN.2017.7899537battery %Energy measured by % of battery used per hour
No mention watt or Joule​1​
Colitti W, Steenhaut K, De Caro N, Buta B, Dobrota V (2011) Evaluation of constrained application protocol for wireless sensor networks. In: Proceedings of the 18th IEEE workshop on local metropolitan area networks, IEEE, USA. https://doi.org/10.1109/LANMAN.2011.6076934
https://doi.org/10.1109/LANMAN.2011.6076934
model based“The evaluation of the energy consumption has been executed on Tmote Sky motes with embedded temperature and humidity sensors.” “Instead, the Cooja simulator provides a module called Energest able to estimate the power consumption of Tmote Sky motes” Energy measured. mW . zzzz​2​
Bandyopadhyay S, Bhattacharyya A (2013) Lightweight internet protocols for Web enablement of sensors using constrained gateway devices. In: Proceedings of the 2013 International conference on computing, networking and communications, pp 334–340, IEEE, USA. https://doi.org/10.1109/ICCNC.2013.6504105no detailenergy measured, but no detail of the measurement technique​3​
Dizdarević J, Carpio F, Jukan A, Masip-Bruin X (2019) A survey of communication protocols for Internet of Things and related challenges of fog and cloud computing integration. ACM Comput Surv 51(6):1–29. https://doi.org/10.1145/3292674This paper is a survey of several IoT protocols (REST HTTP, MQTT, CoAP, AMQP, DDS, XMPP, HTTP/2.0) in terms of (latency, bandwidth utilization, energy consumption, security, developer choice)​4​
109 P. Thota and Y. Kim. 2016. Implementation and comparison of M2M protocols for internet of things. In Proceedings of
the 2016 4th International Conference on Applied Computing and Information Technology/3rd International Conference
on Computational Science/Intelligence and Applied Informatics/1st International Conference on Big Data, Cloud Computing,
Data Science Engineering (ACIT-CSII-BCD’16). 43–48. DOI:http://dx.doi.org/10.1109/ACIT-CSII-BCD.2016.
https://ieeexplore.ieee.org/document/7916956
no measurement
http://stephendnicholas.com/posts/power-profiling-mqtt-vs-httpsmodel basedpower tutor http://ziyang.eecs.umich.edu/projects/powertutor/
Energy awareness and energy efficiency in internet of things middleware: a systematic literature review​5​mention other papers
The Impact of MIS Software on IT Energy Consumption https://aisel.aisnet.org/ecis2010/95/ We measured the power absorbed by the Server Machine by an ad-hoc developed kit based on Hall
effect current sensors, in order to have as accurate measures as possible. We sampled the values of
power consumption at a frequency of 250 Hz by means of a NI USB-6210 DAQ (Data Acquisition
Board). All the collected samples were then analyzed, aggregated and digitally stored by means of an
ad-hoc tool called Virtual Instrument that we implemented with LabVIEW (Formenti and Gallazzi,
2009).

3 relevant challenge in IoT technologies is the amount of energy used by the vast number of devices​6​
4 MQTT under a high rate of messages per hour would be the best protocol for energy-efficient applications and HTTP would be the worst option​3​
7 Energy-saving proposals started mainly with hardware before considering software
9 MQTT under a high rate of messages per hour would be the best protocol for energy-efficient applications and HTTP would be the worst option​2​
10 MQTT under a high rate of messages per hour would be the best protocol for energy-efficient applications and HTTP would be the worst option​4​
19 survey on operating systems for connected objects and mentioned energy efficiency as a significant concern​7​
20 MQTT under a high rate of messages per hour would be the best protocol for energy-efficient applications and HTTP would be the worst option​1​
24 MQTT would be suitable for energy-constrained environment​8​
28 energy-aware algorithms​9​
31 energy management at the middleware level​10​
32 impact of programming languages and data structures​11​
35 impact of programming languages and data structures​12​
37 study of parallel programming frameworks​13​


42 energy-aware algorithms​14​

Uni-T UT71D multimeter, used as a voltmeter, measures the voltage on the power supply. It is connected to the server for automatic measurements. Sampling time of the voltage measurement is 500 ms.
Fluke 289 multimeter, used to measure the voltage on a 0.4 Ω shunt (used as an ampere meter), connected to the server for automatic measurements. Sampling time of the voltage measurement on the shunt is 10 ms.​15​

We have employed the Otii Arc power measurement device for tracking energy consumption.5 This device can be used as both a power supply unit for the tested IoT device and a current and voltage measurement unit. It provides up to 5 V with a high-resolution current measurement with a sampling rate up to 4000 samples per second in the range from 1 μA to 5 A . To characterize the energy consumption associated with different NB-IoT operations, we need to ensure that the meter measurements correspond to the current drawn by the module only, and not to the entire dev-kit. When using SARA-N211-02B, this can be obtained by powering the module directly with the Otii Arc power measurement device. Quectel BC95 does not readily allow for a similar setup. In this case, we had to remove three resistors from the dev-kit and solder a zero-ohm resistor on the power path to isolate the module power supply from the dev-kit​16​

Instrumentation system to measure voltage & current. Sensor: ACS712​17​

Measure GPU usage with ACS712​18​

Best: “HCLServer01 and HCLServer02 are connected with a Watts Up Pro power meter; HCLServer03 is connected with a Yokogawa WT310 power meter. Watts Up Pro power meters are periodically calibrated using the ANSI C12.20 revenue-grade power meter, Yokogawa WT310.”. A Comparative Study of Methods for Measurement of Energy of Computing​19​

An experimental comparison. pakai omegawatt https://inria.hal.science/hal-04030223/file/_CCGrid23__An_experimental_comparison_of_software_based_power_meters__from_CPU_to_GPU.pdf

Initial Validation https://web.eece.maine.edu/~vweaver/papers/tech_reports/2015_dram_rapl_tr.pdf

Energy Measurement of Encryption Techniques Using RAPL​20​

RAPL in Action: Experiences in Using RAPL for Power Measurements​21​

Android Power Profiler & jRAPL​11​

WattUpPro + Raspberry ​22​

A Comparative Study of Techniques for Energy Predictive Modeling Using Performance Monitoring Counters on Modern Multicore CPUs. tools used: HCLWattsUp​23​

A review of energy measurement approaches​24​

Energy Measurement Tools for Ultrascale Computing: A Survey​25​

Multicore processor computing is not energy proportional: An opportunity for bi-objective optimization for energy and performance. Hardware used: WattsUp Pro & Yokogawa WT310​26​

Tools Mentioned

References

  1. 1.
    Joshi J, Rajapriya V, Rahul SR, et al. Performance enhancement and IoT based monitoring for smart home. 2017 International Conference on Information Networking (ICOIN). Published online 2017. doi:10.1109/icoin.2017.7899537
  2. 2.
    Colitti W, Steenhaut K, De Caro N, Buta B, Dobrota V. Evaluation of constrained application protocol for wireless sensor networks. 2011 18th IEEE Workshop on Local & Metropolitan Area Networks (LANMAN). Published online October 2011. doi:10.1109/lanman.2011.6076934
  3. 3.
    Bandyopadhyay S, Bhattacharyya A. Lightweight Internet protocols for web enablement of sensors using constrained gateway devices. 2013 International Conference on Computing, Networking and Communications (ICNC). Published online January 2013. doi:10.1109/iccnc.2013.6504105
  4. 4.
    Dizdarević J, Carpio F, Jukan A, Masip-Bruin X. A Survey of Communication Protocols for Internet of Things and Related Challenges of Fog and Cloud Computing Integration. ACM Comput Surv. Published online January 28, 2019:1-29. doi:10.1145/3292674
  5. 5.
    Silva PVBC da, Taconet C, Chabridon S, Conan D, Cavalcante E, Batista T. Energy awareness and energy efficiency in internet of things middleware: a systematic literature review. Ann Telecommun. Published online December 15, 2022:115-131. doi:10.1007/s12243-022-00936-5
  6. 6.
    Balaji S, Nathani K, Santhakumar R. IoT Technology, Applications and Challenges: A Contemporary Survey. Wireless Pers Commun. Published online April 25, 2019:363-388. doi:10.1007/s11277-019-06407-w
  7. 7.
    Javed F, Afzal MK, Sharif M, Kim BS. Internet of Things (IoT) Operating Systems Support, Networking Technologies, Applications, and Challenges: A Comparative Review. IEEE Commun Surv Tutorials. Published online 2018:2062-2100. doi:10.1109/comst.2018.2817685
  8. 8.
    Luzuriaga JE, Perez M, Boronat P, Cano JC, Calafate C, Manzoni P. A comparative evaluation of AMQP and MQTT protocols over unstable and mobile networks. 2015 12th Annual IEEE Consumer Communications and Networking Conference (CCNC). Published online January 2015. doi:10.1109/ccnc.2015.7158101
  9. 9.
    Marques G, Garcia N, Pombo N. A Survey on IoT: Architectures, Elements, Applications, QoS, Platforms and Security Concepts. Studies in Big Data. Published online November 20, 2016:115-130. doi:10.1007/978-3-319-45145-9_5
  10. 10.
    Noureddine A, Rouvoy R, Seinturier L. A review of middleware approaches for energy management in distributed environments. Softw Pract Exp. Published online July 10, 2012:1071-1100. doi:10.1002/spe.2139
  11. 11.
    Oliveira W, Oliveira R, Castor F, Fernandes B, Pinto G. Recommending Energy-Efficient Java Collections. 2019 IEEE/ACM 16th International Conference on Mining Software Repositories (MSR). Published online May 2019. doi:10.1109/msr.2019.00033
  12. 12.
    Pereira R, Couto M, Ribeiro F, et al. Ranking programming languages by energy efficiency. Science of Computer Programming. Published online May 2021:102609. doi:10.1016/j.scico.2021.102609
  13. 13.
    Pinto G, Canino A, Castor F, Xu G, Liu YD. Understanding and overcoming parallelism bottlenecks in ForkJoin applications. 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE). Published online October 2017. doi:10.1109/ase.2017.8115687
  14. 14.
    Vardhan V, Yuan W, Harris AF, et al. GRACE-2: integrating fine-grained application adaptation with global adaptation for saving energy. IJES. Published online 2009:152. doi:10.1504/ijes.2009.027939
  15. 15.
    Stefanec T, Kusek M. Comparing energy consumption of application layer protocols on IoT devices. 2021 16th International Conference on Telecommunications (ConTEL). Published online June 30, 2021. doi:10.23919/contel52528.2021.9495993
  16. 16.
    Michelinakis F, Al-Selwi AS, Capuzzo M, Zanella A, Mahmood K, Elmokashfi A. Dissecting Energy Consumption of NB-IoT Devices Empirically. IEEE Internet Things J. Published online January 15, 2021:1224-1242. doi:10.1109/jiot.2020.3013949
  17. 17.
    Osolinskyi O, Sachenko A, Kochan V, Kolodiichuk L. Measurement and Optimization Methods of Energy Consumption for Microcontroller Systems Within IoT. 2022 12th International Conference on Dependable Systems, Services and Technologies (DESSERT). Published online December 9, 2022. doi:10.1109/dessert58054.2022.10018631
  18. 18.
    Huzmiev IK, Chipirov ZAh. Energy consumption powered by graphics processing units (GPU) in response to the number of operating computing unit. 2016 2nd International Conference on Industrial Engineering, Applications and Manufacturing (ICIEAM). Published online 2016. doi:10.1109/icieam.2016.7910995
  19. 19.
    Fahad M, Shahid A, Manumachu RR, Lastovetsky A. A Comparative Study of Methods for Measurement of Energy of Computing. Energies. Published online June 10, 2019:2204. doi:10.3390/en12112204
  20. 20.
    Thorat CG, Inamdar VS. Energy Measurement of Encryption Techniques Using RAPL. 2017 International Conference on Computing, Communication, Control and Automation (ICCUBEA). Published online August 2017. doi:10.1109/iccubea.2017.8463756
  21. 21.
    Khan KN, Hirki M, Niemi T, Nurminen JK, Ou Z. RAPL in Action. ACM Trans Model Perform Eval Comput Syst. Published online March 22, 2018:1-26. doi:10.1145/3177754
  22. 22.
    Georgiou S, Kechagia M, Spinellis D. Analyzing Programming Languages’ Energy Consumption. Proceedings of the 21st Pan-Hellenic Conference on Informatics. Published online September 28, 2017. doi:10.1145/3139367.3139418
  23. 23.
    Shahid A, Fahad M, Manumachu RR, Lastovetsky A. A Comparative Study of Techniques for Energy Predictive Modeling Using Performance Monitoring Counters on Modern Multicore CPUs. IEEE Access. Published online 2020:143306-143332. doi:10.1109/access.2020.3013812
  24. 24.
    Noureddine A, Rouvoy R, Seinturier L. A review of energy measurement approaches. SIGOPS Oper Syst Rev. Published online November 26, 2013:42-49. doi:10.1145/2553070.2553077
  25. 25.
    Energy Measurement Tools for Ultrascale Computing: A Survey. JSFI. Published online June 2015. doi:10.14529/jsfi150204
  26. 26.
    Khokhriakov S, Manumachu RR, Lastovetsky A. Multicore processor computing is not energy proportional: An opportunity for bi-objective optimization for energy and performance. Applied Energy. Published online June 2020:114957. doi:10.1016/j.apenergy.2020.114957

Tools for Academic Writing

Tools for Academic Writing

  • PubMed https://pubmed.ncbi.nlm.nih.gov/
  • Google Scholar https://scholar.google.com/
  • Insight https://insightai.dev/
  • Research Rabbit https://www.researchrabbit.ai/
  • Connected Papers https://www.connectedpapers.com/
  • Lateral https://www.lateral.io/
  • PaperPal https://paperpal.com/
  • Quillbot https://quillbot.com/
  • Grammarly https://www.grammarly.com/
  • Zotero https://www.zotero.org/
  • Mendeley https://www.mendeley.com/
  • PaperPile https://paperpile.com/

Linda Bloomberg Academic Writing Resource

Source: https://study.sagepub.com/sites/default/files/linda_bloomberg_academic_writing_resource.pdf

Continuation Signals (a warning that there are more ideas to come)

  • A final reason
  • Again
  • Also
  • And
  • And finally
  • Another
  • Besides
  • Equally important
  • First of all
  • Further
  • Furthermore
  • In addition
  • Last of all
  • Likewise
  • More
  • Moreover
  • Next
  • Of equal importance
  • One reason
  • Other
  • Secondly
  • Similarly
  • Then
  • Too
  • With

Change-of-Direction Signals (watch out, we’re doubling back)

  • Admittedly
  •  Although
     But
     Conversely
     Despite
     Different from
     doubtless
     Even though
     Granted
     However
     In contrast
     In spite of
     Instead of
     It is true
     Nevertheless
     On the contrary
     On the other hand
     Otherwise
     Rather
     Regardless
     Still
     The opposite
     Though
     To be sure
     True
     While
     Yet
    Sequence Signals (there is an
    order to these ideas)
     A, B, C
     After
     Always
     As soon as
     Before
     During
     Earlier
     Finally
     First, second, third
     For one thing
     From here on
     Gradually
     Hence
     In the end
     In the first place
     Into (far into the night)
     Last
     Last of all
     Later
     Next
     Now
     On time
     Since
     Then
     To begin with
     Until
     While
    Time Signals (when is it
    happening?)
     After a short time
     After awhile
     Afterward
     Already
     At last
     At length
     At the same time
     During
     Final
     Finally
     Immediately
     In the meantime
     Last
     Lastly
     Lately
     Later
     Little by little
     Next
     Now
     Once
     Presently
     Soon
     Subsequently
     The next week (month,
    day, year)
     Then
     Thereafter
     Ultimately
     When
     When
    Illustration Signals (here’s what
    that principle means in reality)
     Another
     For example
     For instance
     For this purpose
     For this reason
     For these reasons
     Furthermore
     In addition
     In the same way as
     Just as important
     Moreover
     Most important
     Much like
     Similar to
     Similarly
     Specifically
     Such as
     To be specific
     To begin with
     To illustrate
     To this end
     With this in mind
    Emphasis Signals (This is
    important)
     Aboveall
     A central issue
     A distinctive quality
     A key feature
     A major development
     A major event
     A primary concern
     A significant factor
     A vital force
     Above all
     Again
     As a matter of fact
     As has been noted
     As I have said
     By the way
     Especially important
     Especially relevant
     Especially valuable
     First and foremost
     Important to note
     Importantly
     In fact
     Indeed
     It all boils down to
     More than anything else
     Most noteworthy
     Most of all
     Of course
     Pay particular attention
    to
     Remember that
     Should be noted
     The basic concept
     The chief outcome
     The crux of the matter
     The main value
     The most substantial
    issue
     The principle item
     To be sure
    Cause, Condition, or Result
    Signals (condition or
    modification is coming up)
     Accordingly
     Also
     As a consequence
     As a result
     Because of
     But
     Consequently
     Due to
     For this reason
     From
     Hence
     If…then
     In order that/to
     May be due to
     Nevertheless
     Not only…but
     Of
     Resulting from
     Since
     So
     So that
     That
     Then…if
     Therefore
     Thus
     Unless
     Until
     Whether
     While
     Without
     Yet
    Spatial Signals (this answers
    the “where” question)
     About
     Above
     Across
     Adjacent
     Alongside
     Around
     Away
     Behind
     Below
     Beside
     Between
     Beyond
     By
     Close to
     East
     Far
     Here
     In
     In front of
     Inside
     Into
     Left
     Middle
     Near
     Next to
     North
     On
     Opposite
     Out
     Outside
     Over
     Over
     Right
     Side
     South
     There
     These
     This
     Toward
     Under
     upon
     West
    Comparison-Contrast Signals
    (we will now compare idea A
    with idea B)
     Actually
     Also
     Although
     Analogous to
     And
     And yet
     As opposed to
     As well as
     Best
     Better
     But
     Compared with
     Conversely
     Different from
     Either…or
     Even
     For all that
     Half
     However
     In contrast
     In spite
     Instead of
     In the same (like) manner
    or way
     Ironically
     Less
     Less than
     Like
     More than
     Most
     Much as
     Nevertheless
     Nonetheless
     Now
     Of course
     Of this
     On the contrary
     On the other hand
     Opposite
     Or
     Rather
     Same as
     Similar to
     Similarly
     Still
     Strangely enough
     Then
     Thought
     Too
     Unless
     While
     Yet
    Conclusion Signals (this ends
    the discussion and may have
    special importance)
     As a result
     As I have stated
     As you can see
     Briefly
     Consequently
     Finally
     From this we see
     Hence
     In conclusion
     In fact
     In short
     In summary
     In the end
     Last of all
     On the whole
     Therefore
     To repeat
     To sum up
     Ultimately
    Fuzz Signals (idea is not exact,
    or author is not positive and
    wishes to qualify a statement)
     Alleged
     Almost
     Could
     Except
     If
     Looks like
     Maybe
     Might
     Nearly
     Probably
     Purported
     Reputed
     Seems like
     Should
     Some
     Sort of
     Was reported
    Dispute Signals
     It isn’t true that
     People are wrong who
    say that
     Deny that
     Be that as it may
     By the same token
     No doubt
     We often hear it said
     Many people claim
     Many people suppose
     It used to be thought
     In any case
    Non-word Emphasis Signals
     Exclamation point (!)
     Underline
     Italics
     Bold type
     Subheads, like The
    Conclusion
    indentation of
    paragraph
     Graphic illustrations
     Numbered points (1, 2,
    3)
     Very short sentence.
    Stop War.
     “quotation marks”
    Signal Phrases for Summarizing, Paraphrasing, & Quotations
    Based on templates: They Say, I Say: The Moves that Matter in Academic Writing by Gerald Graff, Cathy
    Birkenstein
    1. Capturing Authorial Action/ For Summaries or Paraphrasing:
    These target phrases alert the reader that the author is about to summarize or paraphrase another idea
    established by an authority on a chosen topic.
     X acknowledges that _____________
     X agrees that _____________.
     X argues that ___________.
     X believes that ____________.
     X denies/ does not deny that _____________.
     X claims that ____________.
     X complains that ____________.
     X concedes that ____________.
     X demonstrates that _____________.
     X celebrates the fact that _____________.
     X emphasizes that __________.
     X insists that ___________.
     X observes that __________.
     X questions whether ______________.
     X refuses to claim that ______________.
     X reminds us that ______________.
     X reports that _____________.
     X suggests that _____________.
     X urges u
    2. Introducing Quotations:
    These target phrases alert the reader that the author is about to quote directly from another source. The writer is
    preparing the reader for the proper parenthetical citation.
     X states, “_____________.”
     In her book, __________, X maintains that “_____________.”
     Writing in the journal XxYyZz, X complains that “_____________.”
     As the prominent philosopher, X puts it, “________________.”
     According to X, “_________________.”
     X himself writes, “__________________.”
     In X’s view, “________________.”
     X agrees when she writes, “_____________.”
     X disagrees when he writes, “______________.”
     X complicates matters further when he writes, “______________.”
    3. Explaining Quotations: Every paragraph must show clarification, interpretation, or necessary analysis of
    a supplied quotation or paraphrase. This offers the research author to have the final word in a paragraph.
     Basically, X is saying ______________.
     In other words, X believes ______________.
     In making this comment, X argues that ______________.
     X’s view confirms/reaffirms/clarifies the view that ______________.
     X is insisting that ______________.
     X’s point is that _______________.
     The essence of X’s argument is that.
    4. Introducing Statistics or “Standard Views”:
    The following target phrases alert the reader that the research writer is about to use numerical data or popular
    opinions. (Remember, numerical data is cited, conventional ideas are not.)
     Americans today tend to believe that ________________.
     Conventional wisdom has it that _______________.
     Common sense seems to dictate that ______________.
     The standard way of thinking about topic X has it that _______________.
     It is often said that _____________.
     Many people assumed that ______________.
     A recent study shows ______________.
     Scientists recently noted that ______________.
     Doctors at the XxYyZz Institute claim that ______________.
     In the 2010 Census, it was shown that ______________.
    5. Introducing Contrasting Arguments: Frequently research writers find conflicting reports. Inclusion of
    these debates can add strength to their own works. Analysis of other opinions likewise needs target phrases.
    When using multiple viewpoints, it is crucial that the reader understands the different opinions.
    A number of sociologists have recently suggested that X’s work has several fundamental problems.
    It has become common today to dismiss X’s contribution to the field of sociology.
     In their recent work, Y and Z have offered harsh critiques of Dr. X for __________.
     X argues ______________.
     According to both X and Y, ________________.
     Politicians _____________, X argues, should ___________________.
    6. Expressing Authorial Opinions:
    The individual research writer may have opinions regarding the collected information shown in the report. Since
    personal voice is not allowed, the following target phrases tell the reader the commentary expressed is the
    research author and not a secondary source. Likewise, these statements help conclude the paragraph and allow
    the research writer to have the last word on the topic.
     But ___________ are real and, arguable, the most significant factor in _________.
     But X is wrong that ______________.
     However, it is simply not true that ______________.
     Indeed, it is highly likely that ____________.
     But the view that ____________ does not fit all the facts.
     X is right that ___________.
     X is wrong that __________.
     X is both right and wrong that ____________.
     Yet a sober analysis of the matter reveals _________________.
     Nevertheless, new research shows ____________.
     Anyone familiar with ___________ should see that ___________.
     Proponents of X are right to argue that ___________. But they exaggerate when they claim that
    ___________.
     While it is true that ____________, it does not necessarily follow that _________.

 

Application Control

Introduction:

Application control is a highly effective mitigation strategy for ensuring the security of systems, forming an integral part of the Essential Eight from the Strategies to Mitigate Cyber Security Incidents. This publication offers guidance on the concept of application control, what it encompasses, what it doesn’t, and how to implement it.

What Application Control Is:

Application control, as a security approach, aims to safeguard systems against the execution of malicious code or malware. A robust implementation ensures that only approved applications, such as executables, software libraries, scripts, installers, compiled HTML, HTML applications, control panel applets, and drivers, can be executed. While its primary purpose is to prevent the spread of malicious code, it also hinders the installation or use of unauthorized applications.

What Application Control Is Not:

Certain approaches are not considered application control, such as providing a portal for approved applications, using web or email content filtering, checking application reputation through cloud-based services, or relying on next-generation firewalls to identify approved network traffic.

How to Implement Application Control:

The implementation involves steps like identifying approved applications, developing control rules, maintaining these rules through a change management program, and regularly validating and updating them. Methods like cryptographic hash rules, publisher certificate rules, and path rules are suitable for enforcement, while file names or easily changed attributes are not recommended.

Application Control within Microsoft Windows Environments:

For Windows environments, the use of Windows Defender Application Control (WDAC) is suggested. Group Policy settings can be applied to enhance security, and additional hardware requirements may be necessary for virtualization-based security.

Why is Application Control Important?

Understanding the perspectives of various users, including business users, IT users, risk managers, and threat actors, emphasizes the need for application control to balance the benefits of application usage with the potential risks.

Maturity Levels of Application Control:

The document outlines three maturity levels for application control:

  1. Maturity Level 1: Application control on workstations to prevent the execution of potentially malicious code, primarily using whitelisting.
  2. Maturity Level 2: Extending application control to internet-facing servers, with a focus on logging allowed and blocked execution events.
  3. Maturity Level 3: Expanding application control to all servers, including additional measures like blocking malicious drivers and regular validation of application control rulesets.

Conclusion:

Application control is a critical aspect of cybersecurity, limiting the execution of applications to protect users and organizations from potential threats. Advanced maturity in application control involves well-defined processes, regular updates to rulesets, and proactive monitoring for signs of compromise. Implementing application control requires a strategic and cautious approach to avoid disruptions while ensuring enhanced security.

References