755 research outputs found
The Australian Cyber Security Centre threat report 2015
Introduction: The number, type and sophistication of cyber security threats to Australia and Australians are increasing. Due to the varied nature of motivations for cyber adversaries targeting Australian organisations, organisations could be a target for malicious activities even if they do not think the information held on their networks is valuable, or that their business would be of interest to cyber adversaries.
This first unclassified report by the ACSC describes the range of cyber adversaries targeting Australian networks, explains their motivations, the malicious activities they are conducting and their impact, and provides specific examples of activity targeting Australian networks during 2014. This report also offers mitigation advice on how organisations can defend against these activities.
The ACSC’s ability to detect and defend against sophisticated cyber threats continues to improve. But cyber adversaries are constantly improving their tradecraft in their attempts to defeat our network defences and exploit the new technologies we embrace.
There are gaps in our understanding of the extent and nature of malicious activity, particularly against the business sector. The ACSC is reaching out to industry to build partnerships to improve our collective understanding. Future iterations of the Threat Report will benefit from these partnerships and help to close gaps in our knowledge
Automatic Detection of Malware-Generated Domains with Recurrent Neural Models
Modern malware families often rely on domain-generation algorithms (DGAs) to
determine rendezvous points to their command-and-control server. Traditional
defence strategies (such as blacklisting domains or IP addresses) are
inadequate against such techniques due to the large and continuously changing
list of domains produced by these algorithms. This paper demonstrates that a
machine learning approach based on recurrent neural networks is able to detect
domain names generated by DGAs with high precision. The neural models are
estimated on a large training set of domains generated by various malwares.
Experimental results show that this data-driven approach can detect
malware-generated domain names with a F_1 score of 0.971. To put it
differently, the model can automatically detect 93 % of malware-generated
domain names for a false positive rate of 1:100.Comment: Submitted to NISK 201
From ZeuS to Zitmo : trends in banking malware
In the crimeware world, financial botnets are a global threat to banking organizations. Such malware purposely performs financial fraud and steals critical information from clients' computers. A common example of banking malware is the ZeuS botnet. Recently, variants of this malware have targeted mobile platforms, as The-ZeuS-in-the-Mobile or Zitmo. With the rise in mobile systems, platform security is becoming a major concern across the mobile world, with rising incidence of compromising Android devices. In similar vein, there have been mobile botnet attacks on iPhones, Blackberry and Symbian devices. In this setting, we report on trends and developments of ZeuS and its variants
A Formal Programming Framework for Digital Avatars
In the current IoT era, the number of smart things to interact with is raising everyday. However, each one of them precises a manual and specific configuration. In a more people-friendly scenario, smart things should adapt automatically to the preferences of their users. In this field, we have participated in the design of People as a Service, a mobile computing reference architecture which endows the smartphone with the capability of inferring and sharing a virtual profile of its owner. Currently, we are developing Digital Avatars, a framework for programming interac-tions between smartphones and other devices. This way, the smartphone becomes a personalized and seamless interface between people and their IoT environment, configuring the smart things with information from the virtual profile. In this work, we present a formalization of Digital Avatars by means of a Linda-based system with multiple shared tuple spaces.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tech.
Ministerio de Ciencia, Innovación y Universidades: Proyecto PGC2018-094905-B-I0
OnionBots: Subverting Privacy Infrastructure for Cyber Attacks
Over the last decade botnets survived by adopting a sequence of increasingly
sophisticated strategies to evade detection and take overs, and to monetize
their infrastructure. At the same time, the success of privacy infrastructures
such as Tor opened the door to illegal activities, including botnets,
ransomware, and a marketplace for drugs and contraband. We contend that the
next waves of botnets will extensively subvert privacy infrastructure and
cryptographic mechanisms. In this work we propose to preemptively investigate
the design and mitigation of such botnets. We first, introduce OnionBots, what
we believe will be the next generation of resilient, stealthy botnets.
OnionBots use privacy infrastructures for cyber attacks by completely
decoupling their operation from the infected host IP address and by carrying
traffic that does not leak information about its source, destination, and
nature. Such bots live symbiotically within the privacy infrastructures to
evade detection, measurement, scale estimation, observation, and in general all
IP-based current mitigation techniques. Furthermore, we show that with an
adequate self-healing network maintenance scheme, that is simple to implement,
OnionBots achieve a low diameter and a low degree and are robust to
partitioning under node deletions. We developed a mitigation technique, called
SOAP, that neutralizes the nodes of the basic OnionBots. We also outline and
discuss a set of techniques that can enable subsequent waves of Super
OnionBots. In light of the potential of such botnets, we believe that the
research community should proactively develop detection and mitigation methods
to thwart OnionBots, potentially making adjustments to privacy infrastructure.Comment: 12 pages, 8 figure
PEMBUATAN GAME RACING 2D “SAFETY RIDING” DENGAN PENERAPAN ALGORITMA PERLIN NOISE UNTUK MEMBUAT PETA DENGAN UNITY
Game merupakan sebuah permainan dengan adanya sistem yang melibatkan player dengan konflik buatan yang telah ditentukan atau adanya peraturan untuk memberikan hasil yang terukur dan adanya interaksi antara player dengan sistem didalam permainan tersebut. Aplikasi permainan terbagi menjadi dua yaitu aplikasi permainan 2D (dua dimensi) dan 3D (tiga dimensi). Metode Perlin Noise merupakan teknik yang digunakan untuk mensimulasikan sesuatu yang terlihat berantakan dan natural. Peta merupakan rancangan dua dimensi yang berskala medium dari kumpulan objek untuk membuat suatu jalan, tempat, untuk mengetahui apa saja yang ada disekitar, biasanya digunakan untuk titik tujuan.Map sangat penting dalam permainan petualangan. Genre permainan petualangan adalah genre dengan setting tempat yang luas untuk menjelajahi suatu tempat atau wilayah. Unity merupakan software yang dapat digunakan untuk pengembangan game yang digunakan diberbagai platform..
Kata kunci : Game, Perlin Noise, Petualangan, Unity, Ma
Media Pembelajaran Yang Efektif untuk Anak Upaya Menyiapkan Pondasi Anak yang Berkarakter
Menyangkut rendahnya peningkatan nilai-nilai moral anak, Karena disebabkan anak kurang memahami dalam perilaku baik dan buruk, dan guru kadang kurang memperhatikan tingkah laku anak di kelas. Tujuan penelitian, meningkatkan nilai-nilai moral anak melalui bercerita dengan permainan papan magnet di TK Nurfallah Desa Mekarmulya Kecamatan Garawangi Kabupaten Kuningan. Metode penelitian adalah penelitian tindakan kelas dengan subjek penelitian murid kelompok B berjumlah 12 orang. Data penelitian melalui observasi, wanwancara, catatan lapangan, dokumentasi dilakukan dalam dua siklus. Pada siklus kedua menunjukkan peningkatan dan mencapai indikator keberhasilan
- …