Class activation mapping methods are explainable AI (XAI) techniques used to visualize the regions of an input image that are the most relevant for a particular task, especially image classification, in convolutional neural networks (CNNs). These methods generate heatmaps by weighting the feature maps from a convolutional layer according to their relevance to the target class. In the field of artificial intelligence, generically defined as "the effort to automate intellectual tasks normally performed by humans", machine learning and deep learning were created. They both use statistical and computational methods to learn patterns from data, reducing the need for manually coded rules. Machine learning models are trained on input data and the known respective answers, learning the underlying patterns or structures present in the data. Traditional Machine learning algorithms employ manually designed feature sets, posing a direct link between machine learning designers and employed features. Deep learning is a subfield of machine learning, based on the concept of successive layers of representation, in which the data is progressively unfolded in different ways, to extract relevant and informative patterns in data analysis. Deep learning algorithms are defined as feature learning algorithms automatically learning hierarchical feature representations from raw data, extracting increasingly abstract features through multiple layers. CNNs are a specific architecture of deep learning models, designed to process spatially structured data, such as images, exploiting a series of convolution, non-linear activation and pooling operations to extract relevant features, contained in the so-called feature maps from input data. CNNs have demonstrated to be highly effective in a variety of computer vision and image processing tasks. CNNs (and deep learning models more broadly) are described as black boxes due to their complex and non-transparent internal layers of representation. The need for clearer indications on its internal working and decision-making process gave birth to XAI techniques. Among the proposed XAI techniques for computer vision tasks, Class activation mapping methods can show which pixels in an input image are important to the predicted logit for a class of interest, in a classification task. Class activation mapping methods were originally developed for class-discriminative scenarios to visualize which parts of the input image influenced the classification decision, namely to visually highlight the regions of those feature maps that contribute most strongly to the prediction of a given class. More advanced versions of these methods are not limited to image classification tasks, but have been extended also to several vision-related tasks, such as object detection, image captioning, visual question answering and image segmentation. == Background == The following methods laid the groundwork for the class activation maps approaches, forming the conceptual basis of using gradients to highlight class-discriminative regions. === Class model visualization and saliency maps for convolutional neural networks === The class model visualization and image-specific saliency maps approaches have been presented in the foundational work "Deep Inside Convolutional Networks: Visualising Image Classification Models and Saliency Maps" by Karen Simonyan, Andrea Vedaldi, and Andrew Zisserman and it generalizes the deconvnet method by Zeiler and Fergus. Class model visualization synthesizes an artificial input image that strongly activates the output neurons associated with a target class. Given a trained, fixed model, this method starts with a zero-initialized image, backpropagates the gradients from the class score to the image pixels, updates the image pixels increasing the specific class scores and it repeats the pixel updating process, showing an encoded (idealized version) prototype of the class of interest. Image-specific class saliency visualization method provides a visual explanation by highlighting the most relevant pixels in an image for predicting a certain class C of interest. This is done by computing the gradient of the class score with respect to the input image, I 0 , {\displaystyle I_{0},} w = ∂ S C ∂ I | I 0 {\displaystyle w=\left.{\frac {\partial S_{C}}{\partial I}}\right|_{I_{0}}} approximating the model locally (around I 0 {\displaystyle I_{0}} ) as linear, using a first-order Taylor expansion: S C ( I ) ≈ w C T I + b {\displaystyle S_{C}(I)\approx w_{C}^{T}I+b} . The magnitude of w C {\displaystyle w_{C}} , the gradient, indicates the importancy of the pixels: larger gradients suggest greater influence on the prediction. Once the gradient is known, the saliency map is defined as the maximum absolute gradient across the color channels: M i j = m a x C | ∂ S C ∂ I i j C | {\displaystyle M_{ij}=max_{C}\left|{\frac {\partial S_{C}}{\partial I_{ij}^{C}}}\right|} resulting in an saliency map (i.e. heatmap). === Guided backpropagation === The concept of guided backpropagation can be traced for the first time in the paper by Springenberg et al. "Striving For Simplicity: The All Convolutional Net" and also this method builds upon the work by Zeiler and Fergus "Visualizing and Understanding Convolutional Networks". Guided backpropagation core is to understand what a CNN is learning, by visualizing the patterns that activate more strongly individual neurons (or filters), in architectures which do not rely on max-pooling layer. When propagating gradients back through a rectified linear unit (ReLU), guided backpropagation passes the gradient if and only if the input to the ReLU was positive (forward pass) and the output gradient is positive (backward signal), tackling both inactive neurons, negative gradients and suppressing the noise. The result displays sharper, high-resolution visualizations of what each neuron is responding to. Guided backpropagation represents a simple and practical method for model interpretability, helping understand how and where neural networks detect semantic concepts across layers. Moreover, it can be applied to any network architecture, due to its working principle. == Base versions == Class activation mapping and gradient-weighted class activation mapping are the original and most widely used methods for visual explanations in convolutional neural networks. These methods serve as the foundation for many later developments in explainable AI. Notation: In this article, the symbols i and j represent integer indices that disappear inside sums or averages, while x and y are the continuous (or up-sampled integer) coordinates of the final heat-map that is plotted. === Class activation mapping (CAM) === Class activation mapping (CAM) was the first, and the original, version of CAM methods, and it gave the name to the whole category. The approach was firstly introduced by Zhou et al. in their seminal work "Learning Deep Features for Discriminative Localization". This approach achieves class-specific heatmaps by modifying image classification CNN architectures, replacing fully-connected layers with convolutional layers and a final global average pooling layer. Its main scope is to localize and highlight discriminative regions of an input image that a CNN uses to identify a particular class, without needing explicit bounding box annotations. ==== Global average pooling (GAP) ==== Global average pooling (GAP) represents the key element in the original CAM approach. It is a dimensionality reduction technique and, similarly to other pooling layers, it allows the downsampling of the feature maps, calculating representative values for a specific region of the feature map. The particularity of GAP is that it calculates a single value for an entire feature map, significantly reducing the model dimensions. ==== Mathematical description ==== The mathematical description considers as its key the combination of convolutional and GAP layers. In CAM, it is mandatory to have the GAP layer after the last convolutional layer and before the final linear classifier layer. This last element of the architecture connects the output logits (the network predictions) y C {\displaystyle y^{C}} , to the GAP values, with its respective fine-tuned weights, w k C {\displaystyle w_{k}^{C}} . Considering A k {\displaystyle A^{k}} as the last feature maps of the last convolutional layer, GAP produces one value for each feature map, by averaging all the matrix elements (i, j) of the feature map: F k = 1 m n ∑ i = 1 m ∑ j = 1 n A i j k {\displaystyle F^{k}={\frac {1}{mn}}\sum _{i=1}^{m}\sum _{j=1}^{n}A_{ij}^{k}} with A k = [ A 11 k A 12 k ⋯ A 1 n k A 21 k A 22 k ⋯ A 2 n k ⋮ ⋮ ⋱ ⋮ A m 1 k A m 2 k ⋯ A m n k ] = { A i j k ∣ 1 ≤ i ≤ m , 1 ≤ j ≤ n } {\displaystyle A^{k}={\begin{bmatrix}A_{11}^{k}&A_{12}^{k}&\cdots &A_{1n}^{k}\\A_{21}^{k}&A_{22}^{k}&\cdots &A_{2n}^{k}\\\vdots &\vdots &\ddots &\vdots \\A_{m1}^{k}&A_{m2}^{k}&\cdots &A_{mn}^{k}\end{bmatrix}}=\left\{A_{
Deadbot
A deadbot, deathbot, or griefbot is a digital avatar, created with artificial intelligence, which resembles a person who is dead. Griefbots employ natural language processing and machine-learning techniques to approximate the style and personality of a deceased person. They may appear as chatbots, voice assistants, or animated avatars, and are often trained on an individual's digital remains. == History == Among the earliest researchers, Muhammad Aurangzeb Ahmad of the University of Washington, developed the Grandpa Bot project, a conversational simulation of his late father designed for his children to interact with. Other efforts include journalist James Vlahos's Dadbot, which evolved into the commercial platform HereAfter AI. Hossein Rahnama's Augmented Eternity research at MIT Media Lab and Toronto Metropolitan University, and game designer Jason Rohrer's "Project December", have enabled users to converse with language-model representations of loved ones. Early commercial projects such as Eternime, founded by Marius Ursache, also popularized the notion of interactive digital immortality. == Cultural and societal impact == Scholars have proposed frameworks and critiques addressing the ethics of these technologies. Tomasz Hollanek and Katarzyna Nowaczyk-Basińska developed a design-ethics taxonomy distinguishing the data donor, data recipient, and interactant. Edina Harbinja and Lilian Edwards formalized the concept of post-mortem privacy, and Carl J. Öhman at the Oxford Internet Institute studied the management of large-scale digital remains. Cultural acceptance varies: while some view them as expressions of remembrance, others regard them as unsettling or ethically problematic. Concerns have been raised about deadbots' potential for creating psychological harm. Griefbots are considered part of the phenomenon of artificial intimacy.
International World Wide Web Conference Committee
The International World Wide Web Conference Committee (abbreviated as IW3C2 also written as IW3C2) is a professional non-profit organization registered in Switzerland (Article 60ff of the Swiss Civil Code) that promotes World Wide Web research and development. The IW3C2 organizes and hosts the annual World Wide Web Conference in conjunction with the W3C. The IW3C2 was founded by Joseph Hardin and Robert Cailliau at a meeting held in Boston, United States, on 14 August 1994 to prepare for the upcoming Second International World Wide Web Conference in Chicago. The IW3C2 formally became an incorporated entity in May 1996 at the fifth conference in Paris, France. The organization is governed by laws of the Swiss Confederation and the By-laws. == Abbreviation == The abbreviation for the International World Wide Web Conference Committee as IW3C2 is as follow: I- The I is represents the leading I in International. W3- The W3 represents the three 3 leading W's in World Wide Web. C2- The C2 represents the three 2 leading C's in Conference Committee. == Mission == The mission of the IW3C2 is: To coordinate the organization and planning of the international WWW conference series and ensure that it remains the foremost conference addressing World Wide Web research and development; To promote a collaborative spirit among conference attendees that is essential to the success of the series; To ensure the global geographical diversity of conference sites and provide support to local organizers at those sites; To make sure that all content arising from these conferences and forums is permanently and openly available on the widest possible scale; To preserve the history of the conference series; To encourage the global development of the World Wide Web through collaboration with WWW standards organizations; To provide a permanent, broad-based international body to achieve these purposes. == Conferences == The conferences are organized by the IW3C2 in collaboration with local organizing committees and technical program committees. The series provides an open forum in which all opinions can be presented, subject to a strict process of peer review. The proceedings of the conference are published in the ACM Digital Library. === Endorsed conferences === The IW3C2 has endorsed regional conferences devoted to a special topic of the Web by working with endorsed conferences on cross-promotion, publicity and programs. == Membership == Members of the IW3C2 are ordinary members, ex officio members, non-voting members, and officers. === Ordinary members === Ordinary members are elected for a period of 3 years during a general meeting. Members are nominated due to their recognition in the WWW community and represent themselves. Members can be re-elected only after at least one year of absence. The following are the founding members at the time when IW3C2 was officially incorporated in May 1996: Jean-François Abramatic Tim Berners-Lee Robert Cailliau Dale Dougherty Ira Goldstein Joseph Hardin Tim Krauskopf Detlef Krömker Corinne Moore R. P. Channing Rodgers Albert Vezza Stuart Weibel Yuri Rubinsky (died prior to incorporation) The following are the current (April 2016) ordinary members: Robin Chen Chin-Wan Chung Allan Ellis Wendy Hall - IW3C2 Chair Ivan Herman Arun Iyengar - IW3C2 Vice Chair Irwin King Yoelle Maarek Luc Mariaux - IW3C2 Treasurer Daniel Schwabe - IW3C2 Vice-Chair === Ex officio members === Ex officio members are selected from the immediate past conference general co-chairs and from future conference co-chairs. Their term expires one year after the conference they organized. Ex officio members can be elected as ordinary members. The following are current (April 2016) ex officio members and the conference with which they are affiliated: Jacqueline Bourdeau - WWW2016 James Hendler - WWW2016 Rick Barrett - WWW2017 Rick Cummings - WWW2017 Laurent Flory - WWW2018 Fabien Gandon - WWW2018 === Officers === The IW3C2 officers consist of a chairperson, a vice-chair (chairperson-elect), a secretary, a treasurer, and other appointees. Officers are elected during a general meeting (usually at the annual WWW conference) and serve for one year. They can be re-elected an indefinite number of times. == The Seoul Test of Time Award == This annual award, presented at the WWW conference, is made possible by a generous contribution from the organizers of WWW2014 (Seoul Korea). Recipients are determined by the IW3C2 and honor the author, or authors, of a paper presented at a previous WWW conference that has "stood the test of time." The first award, announced at WWW2015 (Florence Italy), recognized Sergey Brin and Larry Page, the founders of Google. The recipients of the WWW2016 award are LinkIn scientist Dr. Badrul Sarwar and University of Minnesota professors George Karypis, Joseph Konstan, and John Riedl (posthumous) for their work in item-item collaborative filtering.
Hardware backdoor
A hardware backdoor is a backdoor implemented within the physical components of a computer system, also known as its hardware. They can be created by introducing malicious code to a component's firmware, or even during the manufacturing process of an integrated circuit. Often, they are used to undermine security in smartcards and cryptoprocessors, unless investment is made in anti-backdoor design methods. They have also been considered for car hacking. Backdoors differ from hardware Trojans as backdoors are introduced intentionally by the original designer or during the design process, whereas hardware Trojans are inserted later by an external party. == Background == The existence of hardware backdoors poses significant security risks for several reasons. They are difficult to detect and are impossible to remove using conventional methods like antivirus software. They can also bypass other security measures, such as disk encryption. Hardware trojans can be introduced during manufacturing where the end-user lacks control over the production chain. == History == In 2008, the FBI reported the discovery of approximately 3,500 counterfeit Cisco network components in the United States, some of which were introduced in military and government infrastructure. In the same year, the possibility of a backdoor SPARC CPU was demonstrated with an FPGA running Linux that supported various hidden malicious services. A few years later, in 2011, Jonathan Brossard presented "Rakshasa", a proof-of-concept hardware backdoor. This backdoor could be installed by an individual with physical access to the hardware. It utilized coreboot to re-flash the BIOS with a SeaBIOS and iPXE-based bootkit composed of legitimate, open-source tools, allowing malware to be fetched from the internet during the boot process. The following year, in 2012, Sergei Skorobogatov and Christopher Woods from the University of Cambridge Computer Laboratory reported the discovery of a backdoor in a military-grade FPGA device, which could be exploited to access and modify sensitive information. It has been said that this was proven to be a software problem and not a deliberate attempt at sabotage. This still brought to attention that equipment manufacturers should ensure that microchips operate as intended. Later that year, two mobile phones developed by the Chinese company ZTE were found to carry a root access backdoor. According to security researcher Dmitri Alperovitch, the exploit used a hard-coded password in its software. Starting in 2012, the United States stated that Huawei might have backdoors present in their products. In 2013, researchers at the University of Massachusetts devised a method of breaking a CPU's internal cryptographic mechanisms by introducing specific impurities into the crystalline structure of transistors to change Intel's random-number generator. Documents revealed from 2013 onwards during the surveillance disclosures initiated by Edward Snowden showed that the Tailored Access Operations (TAO) unit and other NSA employees intercepted servers, routers, and other network gear being shipped to organizations targeted for surveillance to install covert implant firmware onto them before delivery. These tools include custom BIOS exploits that survive the reinstallation of operating systems and USB cables with spy hardware and radio transceiver packed inside. In June 2016 it was reported that University of Michigan Department of Electrical Engineering and Computer Science had built a hardware backdoor that leveraged "analog circuits to create a hardware attack" so that after the capacitors store up enough electricity to be fully charged, it would be switched on, to give an attacker complete access to whatever system or device − such as a PC − that contains the backdoored chip. In the study that won the "best paper" award at the IEEE Symposium on Privacy and Security they also note that microscopic hardware backdoor wouldn't be caught by practically any modern method of hardware security analysis, and could be planted by a single employee of a chip factory. In October 2018 Bloomberg reported that an attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America's technology supply chain. == Countermeasures == Skorobogatov has developed a technique capable of detecting malicious insertions into chips. New York University Tandon School of Engineering researchers have developed a way to corroborate a chip's operation using verifiable computing whereby "manufactured for sale" chips contain an embedded verification module that proves the chip's calculations are correct and an associated external module validates the embedded verification module. Another technique developed by researchers at University College London (UCL) relies on distributing trust between multiple identical chips from disjoint supply chains. Assuming that at least one of those chips remains honest the security of the device is preserved. Researchers at the University of Southern California Ming Hsieh Department of Electrical and Computer Engineering and the Photonic Science Division at the Paul Scherrer Institute have developed a new technique called Ptychographic X-ray laminography. This technique is the only current method that allows for verification of the chips blueprint and design without destroying or cutting the chip. It also does so in significantly less time than other current methods. Anthony F. J. Levi Professor of electrical and computer engineering at University of Southern California explains “It’s the only approach to non-destructive reverse engineering of electronic chips—[and] not just reverse engineering but assurance that chips are manufactured according to design. You can identify the foundry, aspects of the design, who did the design. It’s like a fingerprint.” This method currently is able to scan chips in 3D and zoom in on sections and can accommodate chips up to 12 millimeters by 12 millimeters easily accommodating an Apple A12 chip but not yet able to scan a full Nvidia Volta GPU. "Future versions of the laminography technique could reach a resolution of just 2 nanometers or reduce the time for a low-resolution inspection of that 300-by-300-micrometer segment to less than an hour, the researchers say."
User-generated content
User-generated content (UGC), alternatively known as user-created content (UCC), is content generated by users of the Internet such as images, videos, audio, text, testimonials, software, and user interactions. Online content aggregation platforms such as social media, discussion forums and wikis by their interactive and social nature, no longer produce multimedia content but provide tools to produce, collaborate, and share a variety of content, which can affect the attitudes and behaviors of the audience in various aspects. This transforms the role of consumers from passive spectators to active participants. User-generated content is used for a wide range of applications, including problem processing, news, entertainment, customer engagement, advertising, gossip, research and more. It is an example of the democratization of content production and the flattening of traditional media hierarchies. The BBC adopted a user-generated content platform for its websites in 2005, and Time magazine named "You" as the Person of the Year in 2006, referring to the rise in the production of UGC on Web 2.0 platforms. CNN also developed a similar user-generated content platform, known as iReport. There are other examples of news channels implementing similar protocols, especially in the immediate aftermath of a catastrophe or terrorist attack. Social media users can provide key eyewitness content and information that may otherwise have been inaccessible. Since 2020, there has been an increasing number of businesses who are utilizing User Generated Content (UGC) to promote their products and services. Several factors significantly influence how UGC is received, including the quality of the content, the credibility of the creator, and viewer engagement. These elements can impact users' perceptions and trust towards the brand, as well as influence the buying intentions of potential customers. UGC has proven to be an effective method for brands to connect with consumers, drawing their attention through the sharing of experiences and information on social media platforms. Due to new media and technology affordances, such as low cost and low barriers to entry, the Internet is an easy platform to create and dispense user-generated content, allowing the dissemination of information at a rapid pace in the wake of an event. == Definition == The advent of user-generated content marked a shift among media organizations from creating online content to providing facilities for amateurs to publish their own content. User-generated content has also been characterized as citizen media as opposed to the "packaged goods media" of the past century. Citizen Media is audience-generated feedback and news coverage. People give their reviews and share stories in the form of user-generated and user-uploaded audio and user-generated video. The former is a two-way process in contrast to the one-way distribution of the latter. Conversational or two-way media is a key characteristic of so-called Web 2.0, which encourages the publishing of one's own content and commenting on other people's content. The role of the passive audience, therefore, has shifted since the birth of new media, and an ever-growing number of participatory users are taking advantage of these interactive opportunities, especially on the Internet, to create independent content. Grassroots experimentation then generated an innovation in sounds, artists, techniques, and associations with audiences, which then are being used in mainstream media. The active, participatory, and creative audience is prevailing today with relatively accessible media, tools, and applications, and its culture is in turn affecting mass media corporations and global audiences. The Organisation for Economic Co-operation and Development (OECD) has defined three core variables for UGC: Accessible Content: User-generated content (UGC) is publicly produced through platforms located on the Internet and is available to any individual browsing such a publicly accessible website or a public social media account. There are other contexts where users must remain in a community or closed group to access and publish on such platforms (for example, wikis). This is a way of differentiating that although the content is accessible to the audience, there are certain restrictions for the users who generates the content. Creative effort: Creative effort was put into creating the work or adapting existing works to construct a new one; i.e. users must add their own value to the work. UGC often also has a collaborative element to it, as is the case with websites that users can edit collaboratively. For example, merely copying a portion of a television show and posting it to an online video website (an activity frequently seen on the UGC sites) would not be considered UGC. However, uploading photographs, expressing one's thoughts in a blog post or creating a new music video could be considered UGC. Yet the minimum amount of creative effort is hard to define and depends on the context. Creation outside of professional routines and practices: User-generated content is generally created outside of professional routines and practices. It often does not have an institutional or a commercial market context. In extreme cases, UGC may be produced by non-professionals without the expectation of profit or remuneration. Motivating factors include connecting with peers, achieving a certain level of fame, notoriety, or prestige, and the desire to express oneself. == Media pluralism == According to Cisco, in 2016 an average of 96,000 petabytes was transferred monthly over the Internet, more than twice as many as in 2012. In 2016, the number of active websites surpassed 1 billion, up from approximately 700 million in 2012. Reaching 1.66 billion daily active users in Q4 2019, Facebook has emerged as the most popular social media platform globally. Other social media platforms are also dominant at the regional level such as: Twitter in Japan, Naver in the Republic of Korea, Instagram (owned by Facebook) and LinkedIn (owned by Microsoft) in Africa, VKontakte (VK) and Odnoklassniki (eng. Classmates) in Russia and other countries in Central and Eastern Europe, WeChat and QQ in China. However, a concentration phenomenon is occurring globally giving dominance to a few online platforms that become popular for some unique features they provide, most commonly for the added privacy they offer users through disappearing messages or end-to-end encryption (e.g. Jami, Signal, Snapchat, Telegram, Viber, and WhatsApp), but they have tended to occupy niches and to facilitate the exchanges of information that remain rather invisible to larger audiences. Production of freely accessible information has been increasing since 2012. In January 2017, Wikipedia had more than 43 million articles, almost twice as many as in January 2012. This corresponded to a progressive diversification of content and an increase in contributions in languages other than English. In 2017, less than 12 percent of Wikipedia content was in English, down from 18 percent in 2012. Graham, Straumann, and Hogan say that the increase in the availability and diversity of content has not radically changed the structures and processes for the production of knowledge. For example, while content on Africa has dramatically increased, a significant portion of this content has continued to be produced by contributors operating from North America and Europe, rather than from Africa itself. == History == The massive, multi-volume Oxford English Dictionary was exclusively composed of user-generated content. In 1857, Richard Chenevix Trench of the London Philological Society sought public contributions throughout the English-speaking world for the creation of the first edition of the OED. As Simon Winchester recounts: So what we're going to do, if I have your agreement that we're going to produce such a dictionary, is that we're going to send out invitations, were going to send these invitations to every library, every school, every university, every book shop that we can identify throughout the English-speaking world... everywhere where English is spoken or read with any degree of enthusiasm, people will be invited to contribute words. And the point is, the way they do it, the way they will be asked and instructed to do it, is to read voraciously and whenever they see a word, whether it's a preposition or a sesquipedalian monster, they are to... if it interests them and if where they read it, they see it in a sentence that illustrates the way that that word is used, offers the meaning of the day to that word, then they are to write it on a slip of paper... the top left-hand side you write the word, the chosen word, the catchword, which in this case is 'twilight'. Then the quotation, the quotation illustrates the meaning of the word. And underneath it, the citation, where it came from, whether it was printed or whether it was in manuscri
Capture the flag (cybersecurity)
In computer security, Capture the Flag (CTF) is an exercise in which participants attempt to find text strings, called "flags", which are secretly hidden in purposefully vulnerable programs or websites. They can be used for both competitive or educational purposes. In two main variations of CTFs, participants either steal flags from other participants (attack/defense-style CTFs) or from organizers (jeopardy-style challenges). A mixed competition combines these two styles. Competitions can include hiding flags in hardware devices, they can be both online or in-person, and can be advanced or entry-level. The game is inspired by the traditional outdoor sport with the same name. CTFs are used as a tool for developing and refining cybersecurity skills, making them popular in both professional and academic settings. == Overview == Capture the Flag (CTF) is a cybersecurity competition that is used to test and develop computer security skills. It was first developed in 1996 at DEF CON, the largest cybersecurity conference in the United States which is hosted annually in Las Vegas, Nevada. The conference hosts a weekend of cybersecurity competitions, including their flagship CTF. Two popular CTF formats are jeopardy and attack-defense. Both formats test participant’s knowledge in cybersecurity, but differ in objective. In the Jeopardy format, participating teams must complete as many challenges of varying point values from a various categories such as cryptography, web exploitation, and reverse engineering. In the attack-defense format, competing teams must defend their vulnerable computer systems while attacking their opponent's systems. The exercise involves a diverse array of tasks, including exploitation and cracking passwords, but there is little evidence showing how these tasks translate into cybersecurity knowledge held by security experts. Recent research has shown that the Capture the Flag tasks mainly covered technical knowledge but lacked social topics like social engineering and awareness on cybersecurity. == Educational applications == CTFs have been shown to be an effective way to improve cybersecurity education through gamification. There are many examples of CTFs designed to teach cybersecurity skills to a wide variety of audiences, including PicoCTF, organized by the Carnegie Mellon CyLab, which is oriented towards high school students, and Arizona State University supported pwn.college. Beyond educational CTF events and resources, CTFs has been shown to be a highly effective way to instill cybersecurity concepts in the classroom. CTFs have been included in undergraduate computer science classes such as Introduction to Information Security at the National University of Singapore. CTFs are also popular in military academies. They are often included as part of the curriculum for cybersecurity courses, with the NSA organized Cyber Exercise culminating in a CTF competition between the US service academies and military colleges. == Competitions == Many CTF organizers register their competition with the CTFtime platform. This allows the tracking of the position of teams over time and across competitions. These include "Plaid Parliament of Pwning", "More Smoked Leet Chicken", "Dragon Sector", "dcua", "Eat, Sleep, Pwn, Repeat", "perfect blue", "organizers" and "Blue Water". Overall the "Plaid Parliament of Pwning" and "Dragon Sector" have both placed first worldwide the most with three times each. === Community competitions === Every year there are dozens of CTFs organized in a variety of formats. Many CTFs are associated with cybersecurity conferences such as DEF CON, various editions of SANS Institute's NetWars, HITCON, and BSides. The DEF CON CTF, an attack-defence CTF, is notable for being one of the oldest CTF competitions to exist, and has been variously referred to as the "World Series", "Superbowl", and "Olympics", of hacking by media outlets. The NYU Tandon hosted Cybersecurity Awareness Worldwide (CSAW) CTF is one of the largest open-entry competitions for students learning cybersecurity from around the world. In 2021, it hosted over 1200 teams during the qualification round. In addition to conference organized CTFs, many CTF clubs and teams organize CTF competitions. Many CTF clubs and teams are associated with universities, such as the CMU associated Plaid Parliament of Pwning, which hosts PlaidCTF, and the ASU associated Shellphish. Some community CTFs are online and open to all participants. The SANS Institute Holiday Hack Challenge and TryHackMe Advent of Cyber. === Government-supported competitions === Governmentally supported CTF competitions include the DARPA Cyber Grand Challenge and ENISA European Cybersecurity Challenge. In 2023, the US Space Force-sponsored Hack-a-Sat CTF competition included, for the first time, a live orbital satellite for participants to exploit. === Corporate-supported competitions === Corporations and other organizations sometimes use CTFs as a training or evaluation exercise, with benefits similar to those in educational settings. In addition to internal CTF exercises, some corporations such as Google and Tencent host publicly accessible CTF competitions. == In popular culture == In Mr. Robot, a qualification round for the DEF CON CTF competition is depicted in the season 3 opener "eps3.0_power-saver-mode.h". The logo for DEF CON can be seen in the background. In The Undeclared War, a CTF is depicted in the opening scene of the series as a recruitment exercise used by GCHQ. Go Go Squid!, a Chinese television series, is based around training for and competing in highly stylized CTF competitions .
Feature detection (web development)
Feature detection (also feature testing) is a technique used in web development for handling differences between runtime environments (typically web browsers or user agents), by programmatically testing for clues that the environment may or may not offer certain functionality. This information is then used to make the application adapt in some way to suit the environment: to make use of certain APIs, or tailor for a better user experience. Its proponents claim it is more reliable and future-proof than other techniques like user agent sniffing and browser-specific CSS hacks. == Techniques == A feature test can take many forms. It is essentially any snippet of code which gives some level of confidence that a required feature is indeed supported. However, in contrast to other techniques, feature detection usually focuses on performing actions which directly relate to the feature to be detected, rather than heuristics. === JavaScript === JavaScript feature detection can inspect the DOM and the local JavaScript environment to test whether browser features or APIs are supported. The simplest technique is to check for the existence of a relevant object or property. For example, the Geolocation API (used for accessing the device's knowledge of its geographical location, possibly obtained from a GPS navigation device) exposes a geolocation property on the navigator object in the DOM; the presence of which implies the Geolocation API is supported: if ('geolocation' in navigator) { // Geolocation API is supported } For a higher level of confidence, some feature tests will attempt to invoke the feature then look for clues that it behaved properly. For example, a test for support for cookies might attempt to set a value as a cookie and then verify it can be read back. === CSS === In CSS, the at-rule @supports introduced in 2015 allows to test if a given feature is supported. For instance the following code activates the declarations only if the user agent supports display: flex: == Undetectables == Some browser features are considered undetectable, because no clues are known to give sufficient confidence that a feature is supported. These are often because of limited information available to the JavaScript environment in the browser; generally features must be exposed via the DOM in some way in order to be detectable using JavaScript. When undetectables are encountered, it is common to turn to user agent sniffing as an alternative mechanism, or to employ defensive coding to minimise the impact if the feature turns out not to be supported. The Modernizr project maintains a record of known undetectables on their wiki.