5,851 research outputs found
Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences
In this survey, we first briefly review the current state of cyber attacks,
highlighting significant recent changes in how and why such attacks are
performed. We then investigate the mechanics of malware command and control
(C2) establishment: we provide a comprehensive review of the techniques used by
attackers to set up such a channel and to hide its presence from the attacked
parties and the security tools they use. We then switch to the defensive side
of the problem, and review approaches that have been proposed for the detection
and disruption of C2 channels. We also map such techniques to widely-adopted
security controls, emphasizing gaps or limitations (and success stories) in
current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages.
Listing abstract compressed from version appearing in repor
POWER-SUPPLaY: Leaking Data from Air-Gapped Systems by Turning the Power-Supplies Into Speakers
It is known that attackers can exfiltrate data from air-gapped computers
through their speakers via sonic and ultrasonic waves. To eliminate the threat
of such acoustic covert channels in sensitive systems, audio hardware can be
disabled and the use of loudspeakers can be strictly forbidden. Such audio-less
systems are considered to be \textit{audio-gapped}, and hence immune to
acoustic covert channels.
In this paper, we introduce a technique that enable attackers leak data
acoustically from air-gapped and audio-gapped systems. Our developed malware
can exploit the computer power supply unit (PSU) to play sounds and use it as
an out-of-band, secondary speaker with limited capabilities. The malicious code
manipulates the internal \textit{switching frequency} of the power supply and
hence controls the sound waveforms generated from its capacitors and
transformers. Our technique enables producing audio tones in a frequency band
of 0-24khz and playing audio streams (e.g., WAV) from a computer power supply
without the need for audio hardware or speakers. Binary data (files,
keylogging, encryption keys, etc.) can be modulated over the acoustic signals
and sent to a nearby receiver (e.g., smartphone). We show that our technique
works with various types of systems: PC workstations and servers, as well as
embedded systems and IoT devices that have no audio hardware at all. We provide
technical background and discuss implementation details such as signal
generation and data modulation. We show that the POWER-SUPPLaY code can operate
from an ordinary user-mode process and doesn't need any hardware access or
special privileges. Our evaluation shows that using POWER-SUPPLaY, sensitive
data can be exfiltrated from air-gapped and audio-gapped systems from a
distance of five meters away at a maximal bit rates of 50 bit/sec
Integrated signaling pathway and gene expression regulatory model to dissect dynamics of <em>Escherichia coli </em>challenged mammary epithelial cells
AbstractCells transform external stimuli, through the activation of signaling pathways, which in turn activate gene regulatory networks, in gene expression. As more omics data are generated from experiments, eliciting the integrated relationship between the external stimuli, the signaling process in the cell and the subsequent gene expression is a major challenge in systems biology. The complex system of non-linear dynamic protein interactions in signaling pathways and gene networks regulates gene expression.The complexity and non-linear aspects have resulted in the study of the signaling pathway or the gene network regulation in isolation. However, this limits the analysis of the interaction between the two components and the identification of the source of the mechanism differentiating the gene expression profiles. Here, we present a study of a model of the combined signaling pathway and gene network to highlight the importance of integrated modeling.Based on the experimental findings we developed a compartmental model and conducted several simulation experiments. The model simulates the mRNA expression of three different cytokines (RANTES, IL8 and TNFα) regulated by the transcription factor NFκB in mammary epithelial cells challenged with E. coli. The analysis of the gene network regulation identifies a lack of robustness and therefore sensitivity for the transcription factor regulation. However, analysis of the integrated signaling and gene network regulation model reveals distinctly different underlying mechanisms in the signaling pathway responsible for the variation between the three cytokine's mRNA expression levels. Our key findings reveal the importance of integrating the signaling pathway and gene expression dynamics in modeling. Modeling infers valid research questions which need to be verified experimentally and can assist in the design of future biological experiments
Management and Security of IoT systems using Microservices
Devices that assist the user with some task or help them to make an informed decision are called smart devices. A network of such devices connected to internet are collectively called as Internet of Things (IoT). The applications of IoT are expanding exponentially and are becoming a part of our day to day lives. The rise of IoT led to new security and management issues. In this project, we propose a solution for some major problems faced by the IoT devices, including the problem of complexity due to heterogeneous platforms and the lack of IoT device monitoring for security and fault tolerance. We aim to solve the above issues in a microservice architecture. We build a data pipeline for IoT devices to send data through a messaging platform Kafka and monitor the devices using the collected data by making real time dashboards and a machine learning model to give better insights of the data. For proof of concept, we test the proposed solution on a heterogeneous cluster, including Raspberry Pi’s and IoT devices from different vendors. We validate our design by presenting some simple experimental results
- …