Know Your Enemy: Stealth Configuration-Information Gathering in SDN

Software Defined Networking (SDN) is a network architecture that aims at providing high flexibility through the separation of the network logic from the forwarding functions. The industry has already widely adopted SDN and researchers thoroughly analyzed its vulnerabilities, proposing solutions to improve its security. However, we believe important security aspects of SDN are still left uninvestigated. In this paper, we raise the concern of the possibility for an attacker to obtain knowledge about an SDN network. In particular, we introduce a novel attack, named Know Your Enemy (KYE), by means of which an attacker can gather vital information about the configuration of the network. This information ranges from the configuration of security tools, such as attack detection thresholds for network scanning, to general network policies like QoS and network virtualization. Additionally, we show that an attacker can perform a KYE attack in a stealthy fashion, i.e., without the risk of being detected. We underline that the vulnerability exploited by the KYE attack is proper of SDN and is not present in legacy networks. To address the KYE attack, we also propose an active defense countermeasure based on network flows obfuscation, which considerably increases the complexity for a successful attack. Our solution offers provable security guarantees that can be tailored to the needs of the specific network under consideratio

Unification of X-ray winds in Seyfert galaxies: from ultra-fast outflows to warm absorbers

The existence of ionized X-ray absorbing layers of gas along the line of sight to the nuclei of Seyfert galaxies is a well established observational fact. This material is systematically outflowing and shows a large range in parameters. However, its actual nature and dynamics are still not clear. In order to gain insights into these important issues we performed a literature search for papers reporting the parameters of the soft X-ray warm absorbers (WAs) in 35 type 1 Seyferts and compared their properties to those of the ultra-fast outflows (UFOs) detected in the same sample. The fraction of sources with WAs is >60%, consistent with previous studies. The fraction of sources with UFOs is >34%, >67% of which also show WAs. The large dynamic range obtained when considering all the absorbers together allows us, for the first time, to investigate general relations among them. In particular, we find significant correlations indicating that the closer the absorber is to the central black hole, the higher the ionization, column, outflow velocity and consequently the mechanical power. The absorbers continuously populate the whole parameter space, with the WAs and the UFOs lying always at the two ends of the distribution. This strongly suggest that these absorbers, often considered of different types, could actually represent parts of a single large-scale stratified outflow observed at different locations from the black hole. The observed parameters and correlations are consistent with both radiation pressure through Compton scattering and MHD processes contributing to the outflow acceleration, the latter playing a major role. Most of the absorbers, especially the UFOs, have a sufficiently high mechanical power to significantly contribute to AGN feedback.Comment: Manuscript updated to match the MNRAS published version. Link to the related INAF news: http://www.media.inaf.it/2013/02/05/warm-absorbers

Energy Transition at Home: A Survey on the Data and Practices That Lead to a Change in Household Energy Behavior

Since energy transition depends significantly on reducing the built environment’s energy needs, many regulations and incentives have been implemented globally over the last three decades. Despite some positive results, many scholars suggest that households’ behavioral change could greatly accelerate progress. People’s levels of awareness and willingness to change, as well as the provision of feedback technologies, are important factors affecting the process. In spite of the extent of this body of literature, household consumption keeps rising. Our thesis is that the subject has been investigated without considering some important correlations among factors. Therefore, this study developed a survey to investigate actual consumers’ perspectives on the topic by combining people’s awareness of energy use, interaction with metering devices, and user motivation into a coherent framework. A testing session involving 500 people was held as a validation phase for a future large-scale launch of the questionnaire. The test yielded some early outcomes on how people become more interested in changing as they gain more knowledge and are offered suggestions. However, despite their supposedly advanced knowledge as educators and students, the sample’s level of awareness was low, suggesting that a more user-centered approach is needed for wide-scale progress

The use of building performance simulation to support architectural design: a case study

Abstract Considering the complex interaction between energy performance, lighting, acoustic and thermal comfort in contemporary design, building performance simulation [BPS] shall play a key role in addressing decision making process and technical choices towards optimized configuration during the whole design phase. The paper reports the outcomes of a case study – performed in the framework of Ma Final Design Lab at the Department of Architecture, University of Bologna – where BPS was adopted from the very beginning as a tool to support the design process from the concept validation to the final architectural configuration to fit with passive house standards

Minerva: A File-Based Ransomware Detector

Ransomware is a rapidly evolving type of malware designed to encrypt user files on a device, making them inaccessible in order to exact a ransom. Ransomware attacks resulted in billions of dollars in damages in recent years and are expected to cause hundreds of billions more in the next decade. With current state-of-the-art process-based detectors being heavily susceptible to evasion attacks, no comprehensive solution to this problem is available today. This paper presents Minerva, a new approach to ransomware detection. Unlike current methods focused on identifying ransomware based on process-level behavioral modeling, Minerva detects ransomware by building behavioral profiles of files based on all the operations they receive in a time window. Minerva addresses some of the critical challenges associated with process-based approaches, specifically their vulnerability to complex evasion attacks. Our evaluation of Minerva demonstrates its effectiveness in detecting ransomware attacks, including those that are able to bypass existing defenses. Our results show that Minerva identifies ransomware activity with an average accuracy of 99.45% and an average recall of 99.66%, with 99.97% of ransomware detected within 1 second.Comment: 19 pages, 3 figure

Mosaic structure of the penA gene in the oropharynx of men who have sex with men negative for gonorrhoea

The oropharynx represents a crucial site for the emergence of multi-drug resistance in Neisseria gonorrhoeae. The mosaic penA alleles, associated with decreased susceptibility to cephalosporins, have emerged by DNA recombination with partial penA genes, particularly those from commensal pharyngeal Neisseria species. Here, we investigated the prevalence of the mosaic structure of the penA gene in the oropharynx of men who have sex with men testing negative for pharyngeal gonorrhoea. From January 2016 to June 2018, 351 gonorrhoea-negative men who have sex with men attending a sexually transmitted infection clinic in Italy were enrolled. Pharyngeal swabs underwent a real-time polymerase chain reaction (PCR) for the detection of the mosaic penA gene. In case of positivity, PCR products were sequenced and searched against several sequences of Neisseria strains. Overall, 31 patients (8.8%) were found positive for the presence of the mosaic penA gene. The positivity was significantly associated with previous cases of pharyngeal gonorrhoea (relative risk [RR]: 3.56, 95% confidence interval 1.44\u20138.80) and with recent exposure to beta-lactams (RR: 4.29, 95% confidence interval 2.20\u20138.38). All penA-positive samples showed a high relatedness (90\u201399%) with mosaic-positive Neisseria strains. Our data underline that commensal Neisseria species of the oropharynx may be a significant reservoir for genetic material conferring antimicrobial resistance in N. gonorrhoeae