2,972 research outputs found
On the Reverse Engineering of the Citadel Botnet
Citadel is an advanced information-stealing malware which targets financial
information. This malware poses a real threat against the confidentiality and
integrity of personal and business data. A joint operation was recently
conducted by the FBI and the Microsoft Digital Crimes Unit in order to take
down Citadel command-and-control servers. The operation caused some disruption
in the botnet but has not stopped it completely. Due to the complex structure
and advanced anti-reverse engineering techniques, the Citadel malware analysis
process is both challenging and time-consuming. This allows cyber criminals to
carry on with their attacks while the analysis is still in progress. In this
paper, we present the results of the Citadel reverse engineering and provide
additional insight into the functionality, inner workings, and open source
components of the malware. In order to accelerate the reverse engineering
process, we propose a clone-based analysis methodology. Citadel is an offspring
of a previously analyzed malware called Zeus; thus, using the former as a
reference, we can measure and quantify the similarities and differences of the
new variant. Two types of code analysis techniques are provided in the
methodology, namely assembly to source code matching and binary clone
detection. The methodology can help reduce the number of functions requiring
manual analysis. The analysis results prove that the approach is promising in
Citadel malware analysis. Furthermore, the same approach is applicable to
similar malware analysis scenarios.Comment: 10 pages, 17 figures. This is an updated / edited version of a paper
appeared in FPS 201
New method for critical failure prediction of complex systems
Rigorous analytical technique, called criticality determination methodology /or CD technique/ determines the probability that a given complex system will successfully achieve stated objectives. The CD technique identifies critical elements of the system by a failure mode and effects analysis
Lightweight, low compression aircraft diesel engine
The feasibility of converting a spark ignition aircraft engine to the diesel cycle was investigated. Procedures necessary for converting a single cylinder GTS10-520 are described as well as a single cylinder diesel engine test program. The modification of the engine for the hot port cooling concept is discussed. A digital computer graphics simulation of a twin engine aircraft incorporating the diesel engine and Hot Fort concept is presented showing some potential gains in aircraft performance. Sample results of the computer program used in the simulation are included
Body temperatures of modern and extinct vertebrates from ^(13)C-^(18)O bond abundances in bioapatite
The stable isotope compositions of biologically precipitated apatite in bone, teeth, and scales are widely used to obtain information on the diet, behavior, and physiology of extinct organisms and to reconstruct past climate. Here we report the application of a new type of geochemical measurement to bioapatite, a “clumped-isotope” paleothermometer, based on the thermodynamically driven preference for ^(13)C and ^(18)O to bond with each other within carbonate ions in the bioapatite crystal lattice. This effect is dependent on temperature but, unlike conventional stable isotope paleothermometers, is independent from the isotopic composition of water from which the mineral formed. We show that the abundance of ^(13)C-^(18)O bonds in the carbonate component of tooth bioapatite from modern specimens decreases with increasing body temperature of the animal, following a relationship between isotope “clumping” and temperature that is statistically indistinguishable from inorganic calcite. This result is in agreement with a theoretical model of isotopic ordering in carbonate ion groups in apatite and calcite. This thermometer constrains body temperatures of bioapatite-producing organisms with an accuracy of 1–2 °C. Analyses of fossilized tooth enamel of both Pleistocene and Miocene age yielded temperatures within error of those derived from similar modern taxa. Clumped-isotope analysis of bioapatite represents a new approach in the study of the thermophysiology of extinct species, allowing the first direct measurement of their body temperatures. It will also open new avenues in the study of paleoclimate, as the measurement of clumped isotopes in phosphorites and fossils has the potential to reconstruct environmental temperatures
Mating-type genes and sexual potential in the ascomycete genera Aspergillus and Penicillium
Mating-type and other ‘sex-related’ genes in the filamentous ascomcyete genera Aspergillus and Penicillium, were examined to investigate the potential sexual capacity of supposedly asexual species and also the possible evolutionary route and ancestry of mating strategy and mating-type genes.
Two heterothallic and one homothallic sexual species were screened to determine the presence and genomic organisation of mating-type genes. An additional gene has previously been detected in Neosartorya fischeri, N. fumigata and Penicillium marneffei. This gene was also detected and sequenced in the heterothallic species, Emericella heterothallica and the homothallic species, Eurotium repens. The expression of this gene was investigated under conditions that cause expression of mating-type genes in these species.
Mating-type and other ‘sex-related’ genes were investigated in asexual Aspergilli that have been genome sequenced. Expression of mating-type, α-factor pheromone precursor, pheromone receptor and two transcription factor encoding genes were also investigated. Gene expression varied between species, but no genes displayed mating type-dependent expression.
Previous studies had developed a degenerate PCR diagnostic approach to identify putative MAT1-1-1 and MAT1-2-1 gene fragments. This degenerate PCR diagnostic was performed on Penicillium species in the subgenus Penicillium to determine the presence or absence of mating-type genes. Mating-type gene fragments or whole open reading frames were sequenced from four of these Penicillium species. RT-PCR analyses were also performed on these species, and MAT1-1-1 and MAT1-2-1 gene expression was confirmed in three of the four Penicillium species.
The overall structure of the mating-type loci and idiomorphs of the Aspergillus and Penicillium species revealed certain common features. The ancestral mating strategy of the Eurotiomycetes has been suggested to be homothallism. Whilst this remains possible, alternative evolutionary scenarios are suggested from this investigation
Limits of Predictability in Commuting Flows in the Absence of Data for Calibration
The estimation of commuting flows at different spatial scales is a fundamental problem for different areas of study. Many current methods rely on parameters requiring calibration from empirical trip volumes. Their values are often not generalizable to cases without calibration data. To solve this problem we develop a statistical expression to calculate commuting trips with a quantitative functional form to estimate the model parameter when empirical trip data is not available. We calculate commuting trip volumes at scales from within a city to an entire country, introducing a scaling parameter α to the recently proposed parameter free radiation model. The model requires only widely available population and facility density distributions. The parameter can be interpreted as the influence of the region scale and the degree of heterogeneity in the facility distribution. We explore in detail the scaling limitations of this problem, namely under which conditions the proposed model can be applied without trip data for calibration. On the other hand, when empirical trip data is available, we show that the proposed model's estimation accuracy is as good as other existing models. We validated the model in different regions in the U.S., then successfully applied it in three different countries
High resolution nighttime cloud-cover radiometer Quarterly report XVII, 1 Oct. 1965 - 1 Jan. 1966
Electronic, optical, mechanical, and electron packaging component and system design reviews for high resolution cloud cover infrared radiomete
Spatiotemporal correlations of handset-based service usages
We study spatiotemporal correlations and temporal diversities of
handset-based service usages by analyzing a dataset that includes detailed
information about locations and service usages of 124 users over 16 months. By
constructing the spatiotemporal trajectories of the users we detect several
meaningful places or contexts for each one of them and show how the context
affects the service usage patterns. We find that temporal patterns of service
usages are bound to the typical weekly cycles of humans, yet they show maximal
activities at different times. We first discuss their temporal correlations and
then investigate the time-ordering behavior of communication services like
calls being followed by the non-communication services like applications. We
also find that the behavioral overlap network based on the clustering of
temporal patterns is comparable to the communication network of users. Our
approach provides a useful framework for handset-based data analysis and helps
us to understand the complexities of information and communications technology
enabled human behavior.Comment: 11 pages, 15 figure
Phosphorylation of pRb: mechanism for RB pathway inactivation in MYCN-amplified retinoblastoma.
A small, but unique subgroup of retinoblastoma has been identified with no detectable mutation in the retinoblastoma gene (RB1) and with high levels of MYCN gene amplification. This manuscript investigated alternate pathways of inactivating pRb, the encoded protein in these tumors. We analyzed the mutation status of the RB1 gene and MYCN copy number in a series of 245 unilateral retinoblastomas, and the phosphorylation status of pRb in a subset of five tumors using immunohistochemistry. There were 203 tumors with two mutations in RB1 (RB1(-/-) , 83%), 29 with one (RB1(+/-) , 12%) and 13 with no detectable mutations (RB1(+/+) , 5%). Eighteen tumors carried MYCN amplification between 29 and 110 copies: 12 had two (RB1(-/-) ) or one RB1 (RB1(+/-) ) mutations, while six had no mutations (RB1(+/+) ). Immunohistochemical staining of tumor sections with antibodies against pRb and phosphorylated Rb (ppRb) displayed high levels of pRb and ppRb in both RB1(+/+) and RB1(+/-) tumors with MYCN amplification compared to no expression of these proteins in a classic RB1(-/-) , MYCN-low tumor. These results establish that high MYCN amplification can be present in retinoblastoma with or without coding sequence mutations in the RB1 gene. The functional state of pRb is inferred to be inactive due to phosphorylation of pRb in the MYCN-amplified retinoblastoma without coding sequence mutations. This makes inactivation of RB1 by gene mutation or its protein product, pRb, by protein phosphorylation, a necessary condition for initiating retinoblastoma tumorigenesis, independent of MYCN amplification
- …