Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting

Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. {\em Shared} hosting, offers a unique perspective since customers operate under restricted privileges and providers retain more control over configurations. We present the first empirical analysis of the distribution of web security features and software patching practices in shared hosting providers, the influence of providers on these security practices, and their impact on web compromise rates. We construct provider-level features on the global market for shared hosting -- containing 1,259 providers -- by gathering indicators from 442,684 domains. Exploratory factor analysis of 15 indicators identifies four main latent factors that capture security efforts: content security, webmaster security, web infrastructure security and web application security. We confirm, via a fixed-effect regression model, that providers exert significant influence over the latter two factors, which are both related to the software stack in their hosting environment. Finally, by means of GLM regression analysis of these factors on phishing and malware abuse, we show that the four security and software patching factors explain between 10\% and 19\% of the variance in abuse at providers, after controlling for size. For web-application security for instance, we found that when a provider moves from the bottom 10\% to the best-performing 10\%, it would experience 4 times fewer phishing incidents. We show that providers have influence over patch levels--even higher in the stack, where CMSes can run as client-side software--and that this influence is tied to a substantial reduction in abuse levels

Image-based malware classification hybrid framework based on space-filling curves

There exists a never-ending “arms race” between malware analysts and adversarial malicious code developers as malevolent programs evolve and countermeasures are developed to detect and eradicate them. Malware has become more complex in its intent and capabilities over time, which has prompted the need for constant improvement in detection and defence methods. Of particular concern are the anti-analysis obfuscation techniques, such as packing and encryption, that are employed by malware developers to evade detection and thwart the analysis process. In such cases, malware is generally impervious to basic analysis methods and so analysts must use more invasive techniques to extract signatures for classification, which are inevitably not scalable due to their complexity. In this article, we present a hybrid framework for malware classification designed to overcome the challenges incurred by current approaches. The framework incorporates novel static and dynamic malware analysis methods, where static malware executables and dynamic process memory dumps are converted to images mapped through space-filling curves, from which visual features are extracted for classification. The framework is less invasive than traditional analysis methods in that there is no reverse engineering required, nor does it suffer from the obfuscation limitations of static analysis. On a dataset of 13,599 obfuscated and non-obfuscated malware samples from 23 families, the framework outperformed both static and dynamic standalone methods with precision, recall and accuracy scores of 97.6%, 97.6% and 97.6% respectively

You Think You Think

This is a study in thinking according to, but not withheld by, traditional methods from the branch of philosophy called Experiential Philosophy. Philosophers are interested in the topic of thought, if no one else. Yet, thinking is what we do sixteen hours a day. Or, as this study will show, thinking is what is done to us sixteen hours a day. What is thinking? Why is it? And, who is in charge here anyway? The following book will enter these questions and make a serious attempt to keep deviations from target as small as possible. The thesis of this book is based on the recognition that thought is an activity in human beings that (1) proceeds in a fragmented way and that (2) basically cannot be halted. We cannot opt out of thinking. The conclusion is that this accounts for human suffering, lack of direction, and chaos in daily actions and decisions. This leads to the further conclusion that thinking is not something we do, it is something that is being done in us

SCREAM: Sensory Channel Remote Execution Attack Methods

Sensory channel threats on embedded systems are an often overlooked attack vector. Because many computing systems focus on digital communication, much of the security research for embedded systems has focused on securing the communication channels between devices. This project explores sensory channel attack concepts and demonstrates that an attack on an embedded device purely through sensory channel inputs can achieve arbitrary code execution. Unlike previous research on sensory channel attacks, this work does not require the device to have preloaded malware. We demonstrate that our attacks were successful in two separate, realistic applications with up to a 100.00% success rate. Finally, we propose a possible defense to these attacks and suggest future avenues of research in this field