Prometheus: Analyzing WebInject-based information stealers

Nowadays Information stealers are reaching high levels of sophistication. The number of families and variants observed increased exponentially in the last years. Furthermore, these trojans are sold on underground markets along with automatic frameworks that include web-based administration panels, builders and customization procedures. From a technical point of view such malware is equipped with a functionality, called WebInject, that exploits API hooking techniques to intercept all sensitive data in a browser context and modify web pages on infected hosts. In this paper we propose Prometheus, an automatic system that is able to analyze trojans that base their attack technique on DOM modifications. Prometheus is able to identify the injection operations performed by malware, and generate signatures based on the injection behavior. Furthermore, it is able to extract the WebInject targets by using memory forensic techniques. We evaluated Prometheus against real-world, online websites and a dataset of distinct variants of financial trojans. In our experiments we show that our approach correctly recognizes known variants of WebInject-based malware and successfully extracts the WebInject targets

Laser ablation is superior to TACE in large-sized hepatocellular carcinoma: A pilot case-control study

Background:Limited therapies are available for large ( 6540 mm) unresectable hepatocellular carcinoma (HCC). Currently, the standard treatment with transarterial chemoembolisation (TACE) is unsatisfactory with high recurrence rate and limited effect on survival. Laser Ablation (LA) has emerged as a relatively new technique characterized by high efficacy and good safety. This study is aimed to evaluate the efficacy of LA in comparison to TACE in patients with large HCC. Methods: Eighty-two patients with a single HCC nodule 6540 mm (BCLC stage A or B) were enrolled in this case-control study. Forty-one patients were treated with LA and 41 patients were treated with TACE. Response to therapy was evaluated according to the mRECIST criteria. Survival was calculated with Kaplan-Meier from the time of cancer diagnosis to death with values censored at the date of the last follow-up. Results: Twenty-six (63.4%) and 8 (19.5%) patients had a complete response after LA and TACE, respectively (p < 0.001). Subsequently we stratified the HCCs in 3 categories according to the nodule size: 40-50 mm, 51-60 mm, and > 60 mm. LA resulted superior to TACE especially in nodules ranging between 51 and 60 mm in diameter, with a complete response rate post-LA and post-TACE of 75% and 14.3%, respectively (p = 0.0133). The 36 months cumulative survival rate in patients treated with LA and TACE was 55.4% and 48.8%, respectively. The disease recurrence rates after LA and TACE were 19.5% and 75.0%, respectively. Conclusions: LA is a more effective therapeutic option than TACE in patients with solitary large HCC

P.L.: Recent developments in web usage mining research

Abstract. Web Usage Mining is that area of Web Mining which deals with the extraction of interesting knowledge from logging information produced by web servers. In this paper, we present a survey of the recent developments in this area that is receiving increasing attention from the Data Mining community.

Abstract Mining interesting knowledge from weblogs: a survey

Web Usage Mining is that area of Web Mining which deals with the extraction of interesting knowledge from logging information produced by Web servers. In this paper we present a survey of the recent developments in this area that is receiving increasing attention from the Data Mining community. Ó 2004 Elsevier B.V. All rights reserved

Security evaluation of a banking fraud analysis system

The significant growth of banking fraud, fueled by the underground economy of malware, has raised the need for effective detection systems. Therefore, in the last few years, banks have upgraded their security to protect transactions from fraud. State-of-the-art solutions detect fraud as deviations from customers' spending habits. To the best of our knowledge, almost all existing approaches do not provide an in-depth model's granularity and security analysis against elusive attacks. In this article, we examine Banksealer, a decision support system for banking fraud analysis that evaluates the influence on detection performance of the granularity at which spending habits are modeled and its security against evasive attacks. First, we compare user-centric modeling, which builds a model for each user, with system-centric modeling, which builds a model for the entire system, from the point of view of detection performance. Then, we assess the robustness of Banksealer against malicious attackers that are aware of the structure of the models in use. To this end, we design and implement a proof-of-concept attack tool that performs mimicry attacks, emulating a sophisticated attacker that cloaks frauds to avoid detection. We experimentally confirm the feasibility of such attacks, their cost, and the effort required by an attacker in order to perform them. In addition, we discuss possible countermeasures. We provide a comprehensive evaluation on a large real-world dataset obtained from one of the largest Italian banks

Le condotte punitive dell'art. 73 D.P.R. 309/1990. Le aggravanti e attenuanti

Il capitolo si occupa di analizzare le fattispecie di reato regolate all’interno dell’art. 73 del D.P.R. 309/1990, anche noto come il testo unico in materia di stupefacenti, prendendo le mosse da una prima ricostruzione storica, che ripercorre le tappe fondamentali dallo sviluppo e della modificazione della relativa disciplina, a partire dalla sua introduzione con la legge Iervolino-Vassalli, fino ad individuare un quadro il più possibile dettagliato della regolazione attuale. Si parte dunque da una breve ricognizione del sistema contenuto nell’art. 73, nella sua formulazione originaria, per poi analizzare le modifiche ad esso apportate dalla celebre legge 21 febbraio 2006, n. 49, c.d. Fini-Giovanardi, di conversione del d.l. 30 dicembre 2005, n. 272, che, tra le più importanti novità, eliminava il precedente sistema sanzionatorio a «doppio binario», che distingueva tra condotte illecite aventi ad oggetto droghe leggere ovvero droghe pesanti, e lo sostituiva con un sistema a «binario unico». Segue, poi, una approfondita analisi della sentenza 25 febbraio 2014, n. 32, con cui la Corte Costituzionale ha dichiarato illegittimi gli artt. 4-bis e 4-vices ter della l. 49/2006, con l’effetto di espungere dall’ordinamento le modifiche da essi apportate alla precedente disciplina sui reati in materia di stupefacenti. Si analizzano, dunque, le principali conseguenze scaturite dalla declaratoria di illegittimità, ponendo particolare attenzione alle questioni più complesse, legate ai problemi di diritto intertemporale, connesse alla individuazione del trattamento sanzionatorio applicabile al singolo caso; per questo tipo di indagine si procede prestando peculiare attenzione ai pronunciamenti della giurisprudenza di legittimità sul punto. Conclusa questa prima panoramica storica, il percorso di ricostruzione della disciplina si completa con l’analisi degli ultimi interventi normativi sul tema, tributando particolare enfasi alla l. 2 dicembre 2016, n. 242, in cui il legislatore ha disposto che le varietà di cannabis, c.d. sativa, iscritte nel Catalogo europeo delle varietà delle specie di piante agricole, non rientrano nell’ambito di applicazione del testo unico in materia di stupefacenti e che la coltivazione delle stesse è consentita senza necessità di autorizzazione. La trattazione si cala poi nello studio analitico delle singole fattispecie di reato, quali regolate all’interno dell’art. 73 D.P.R. 309/1990; analizza la disciplina dell’uso esclusivamente personale di sostanze stupefacenti e si preoccupa di precisare il tema dell’uso di gruppo. Si procede, di poi, ad indagare il tema dei fatti di lieve entità, anche in questo caso, prendendo le mosse da una prima ricognizione degli effetti prodotti sulla relativa regolazione dalla sentenza della Corte cost. 32/2014 e dalla successiva giurisprudenza costituzionale. A conclusione del capitolo segue la ricostruzione delle circostanze attenuanti e aggravanti