5,800 research outputs found
On the Reverse Engineering of the Citadel Botnet
Citadel is an advanced information-stealing malware which targets financial
information. This malware poses a real threat against the confidentiality and
integrity of personal and business data. A joint operation was recently
conducted by the FBI and the Microsoft Digital Crimes Unit in order to take
down Citadel command-and-control servers. The operation caused some disruption
in the botnet but has not stopped it completely. Due to the complex structure
and advanced anti-reverse engineering techniques, the Citadel malware analysis
process is both challenging and time-consuming. This allows cyber criminals to
carry on with their attacks while the analysis is still in progress. In this
paper, we present the results of the Citadel reverse engineering and provide
additional insight into the functionality, inner workings, and open source
components of the malware. In order to accelerate the reverse engineering
process, we propose a clone-based analysis methodology. Citadel is an offspring
of a previously analyzed malware called Zeus; thus, using the former as a
reference, we can measure and quantify the similarities and differences of the
new variant. Two types of code analysis techniques are provided in the
methodology, namely assembly to source code matching and binary clone
detection. The methodology can help reduce the number of functions requiring
manual analysis. The analysis results prove that the approach is promising in
Citadel malware analysis. Furthermore, the same approach is applicable to
similar malware analysis scenarios.Comment: 10 pages, 17 figures. This is an updated / edited version of a paper
appeared in FPS 201
Development and implementation of a LabVIEW based SCADA system for a meshed multi-terminal VSC-HVDC grid scaled platform
This project is oriented to the development of a Supervisory, Control and Data Acquisition
(SCADA) software to control and supervise electrical variables from a scaled platform that
represents a meshed HVDC grid employing National Instruments hardware and LabVIEW logic
environment. The objective is to obtain real time visualization of DC and AC electrical variables
and a lossless data stream acquisition.
The acquisition system hardware elements have been configured, tested and installed on the
grid platform. The system is composed of three chassis, each inside of a VSC terminal cabinet,
with integrated Field-Programmable Gate Arrays (FPGAs), one of them connected via PCI bus
to a local processor and the rest too via Ethernet through a switch. Analogical acquisition
modules were A/D conversion takes place are inserted into the chassis. A personal computer is
used as host, screen terminal and storing space.
There are two main access modes to the FPGAs through the real time system. It has been
implemented a Scan mode VI to monitor all the grid DC signals and a faster FPGA access mode
VI to monitor one converter AC and DC values. The FPGA application consists of two tasks
running at different rates and a FIFO has been implemented to communicate between them
without data loss.
Multiple structures have been tested on the grid platform and evaluated, ensuring the
compliance of previously established specifications, such as sampling and scanning rate, screen
refreshment or possible data loss.
Additionally a turbine emulator was implemented and tested in Labview for further testing
Nature-Inspired Interconnects for Self-Assembled Large-Scale Network-on-Chip Designs
Future nano-scale electronics built up from an Avogadro number of components
needs efficient, highly scalable, and robust means of communication in order to
be competitive with traditional silicon approaches. In recent years, the
Networks-on-Chip (NoC) paradigm emerged as a promising solution to interconnect
challenges in silicon-based electronics. Current NoC architectures are either
highly regular or fully customized, both of which represent implausible
assumptions for emerging bottom-up self-assembled molecular electronics that
are generally assumed to have a high degree of irregularity and imperfection.
Here, we pragmatically and experimentally investigate important design
trade-offs and properties of an irregular, abstract, yet physically plausible
3D small-world interconnect fabric that is inspired by modern network-on-chip
paradigms. We vary the framework's key parameters, such as the connectivity,
the number of switch nodes, the distribution of long- versus short-range
connections, and measure the network's relevant communication characteristics.
We further explore the robustness against link failures and the ability and
efficiency to solve a simple toy problem, the synchronization task. The results
confirm that (1) computation in irregular assemblies is a promising and
disruptive computing paradigm for self-assembled nano-scale electronics and (2)
that 3D small-world interconnect fabrics with a power-law decaying distribution
of shortcut lengths are physically plausible and have major advantages over
local 2D and 3D regular topologies
Scalability of broadcast performance in wireless network-on-chip
Networks-on-Chip (NoCs) are currently the paradigm of choice to interconnect the cores of a chip multiprocessor. However, conventional NoCs may not suffice to fulfill the on-chip communication requirements of processors with hundreds or thousands of cores. The main reason is that the performance of such networks drops as the number of cores grows, especially in the presence of multicast and broadcast traffic. This not only limits the scalability of current multiprocessor architectures, but also sets a performance wall that prevents the development of architectures that generate moderate-to-high levels of multicast. In this paper, a Wireless Network-on-Chip (WNoC) where all cores share a single broadband channel is presented. Such design is conceived to provide low latency and ordered delivery for multicast/broadcast traffic, in an attempt to complement a wireline NoC that will transport the rest of communication flows. To assess the feasibility of this approach, the network performance of WNoC is analyzed as a function of the system size and the channel capacity, and then compared to that of wireline NoCs with embedded multicast support. Based on this evaluation, preliminary results on the potential performance of the proposed hybrid scheme are provided, together with guidelines for the design of MAC protocols for WNoC.Peer ReviewedPostprint (published version
When Should I Use Network Emulation?
The design and development of a complex system requires an adequate
methodology and efficient instrumental support in order to early detect and
correct anomalies in the functional and non-functional properties of the tested
protocols. Among the various tools used to provide experimental support for
such developments, network emulation relies on real-time production of
impairments on real traffic according to a communication model, either
realistically or not.
This paper aims at simply presenting to newcomers in network emulation
(students, engineers, ...) basic principles and practices illustrated with a
few commonly used tools. The motivation behind is to fill a gap in terms of
introductory and pragmatic papers in this domain.
The study particularly considers centralized approaches, allowing cheap and
easy implementation in the context of research labs or industrial developments.
In addition, an architectural model for emulation systems is proposed, defining
three complementary levels, namely hardware, impairment and model levels. With
the help of this architectural framework, various existing tools are situated
and described. Various approaches for modeling the emulation actions are
studied, such as impairment-based scenarios and virtual architectures,
real-time discrete simulation and trace-based systems. Those modeling
approaches are described and compared in terms of services and we study their
ability to respond to various designer needs to assess when emulation is
needed
- …