A new approach to deploy a self-adaptive distributed firewall

Distributed firewall systems emerged with the proposal of protecting individual hosts against attacks originating from inside the network. In these systems, firewall rules are centrally created, then distributed and enforced on all servers that compose the firewall, restricting which services will be available. However, this approach lacks protection against software vulnerabilities that can make network services vulnerable to attacks, since firewalls usually do not scan application protocols. In this sense, from the discovery of any vulnerability until the publication and application of patches there is an exposure window that should be reduced. In this context, this article presents Self-Adaptive Distributed Firewall (SADF). Our approach is based on monitoring hosts and using a vulnerability assessment system to detect vulnerable services, integrated with components capable of deciding and applying firewall rules on affected hosts. In this way, SADF can respond to vulnerabilities discovered in these hosts, helping to mitigate the risk of exploiting the vulnerability. Our system was evaluated in the context of a simulated network environment, where the results achieved demonstrate its viability

PeerRush : mining for unwanted P2P traffic

In this paper we present PeerRush, a novel system for the identification of unwanted P2P traffic. Unlike most previous work, PeerRush goes beyond P2P traffic detection, and can accurately categorize the detected P2P traffic and attribute it to specific P2P applications, including malicious applications such as P2P botnets. PeerRush achieves these results without the need of deep packet inspection, and can accurately identify applications that use encrypted P2P traffic. We implemented a prototype version of PeerRush and performed an extensive evaluation of the system over a variety of P2P traffic datasets. Our results show that we can detect all the considered types of P2P traffic with up to 99.5% true positives and 0.1% false positives. Furthermore, PeerRush can attribute the P2P traffic to a specific P2P application with a misclassification rate of 0.68% or less

Integrated genomic analysis identifies UBTF tandem duplications as a recurrent lesion in pediatric acute myeloid leukemiaUBTF tandem duplications in pediatric acute myeloid leukemia

The genetics of relapsed pediatric acute myeloid leukemia (AML) has yet to be comprehensively defined. Here, we present the spectrum of genomic alterations in 136 relapsed pediatric AMLs. We identified recurrent exon 13 tandem duplications (TD) in upstream binding transcription factor (UBTF) in 9% of relapsed AML cases. UBTF-TD AMLs commonly have normal karyotype or trisomy 8 with cooccurring WT1 mutations or FLT3-ITD but not other known oncogenic fusions. These UBTF-TD events are stable during disease progression and are present in the founding clone. In addition, we observed that UBTF-TD AMLs account for approximately 4% of all de novo pediatric AMLs, are less common in adults, and are associated with poor outcomes and MRD positivity. Expression of UBTF-TD in primary hematopoietic cells is sufficient to enhance serial clonogenic activity and to drive a similar transcriptional program to UBTF-TD AMLs. Collectively, these clinical, genomic, and functional data establish UBTF-TD as a new recurrent mutation in AML.SignificanceWe defined the spectrum of mutations in relapsed pediatric AML and identified UBTF-TDs as a new recurrent genetic alteration. These duplications are more common in children and define a group of AMLs with intermediate-risk cytogenetic abnormalities, FLT3-ITD and WT1 alterations, and are associated with poor outcomes. See related commentary by Hasserjian and Nardi, p. 173. This article is highlighted in the In This Issue feature, p. 171