6 research outputs found
Using Honeybuckets to Characterize Cloud Storage Scanning in the Wild
In this work, we analyze to what extent actors target poorly-secured cloud
storage buckets for attack. We deployed hundreds of AWS S3 honeybuckets with
different names and content to lure and measure different scanning strategies.
Actors exhibited clear preferences for scanning buckets that appeared to belong
to organizations, especially commercial entities in the technology sector with
a vulnerability disclosure program. Actors continuously engaged with the
content of buckets by downloading, uploading, and deleting files. Most
alarmingly, we recorded multiple instances in which malicious actors
downloaded, read, and understood a document from our honeybucket, leading them
to attempt to gain unauthorized server access
Democratizing LEO Satellite Network Measurement
Low Earth Orbit (LEO) satellite networks are quickly gaining traction with
promises of impressively low latency, high bandwidth, and global reach.
However, the research community knows relatively little about their operation
and performance in practice. The obscurity is largely due to the high barrier
of entry for measuring LEO networks, which requires deploying specialized
hardware or recruiting large numbers of satellite Internet customers. In this
paper, we introduce HitchHiking, a methodology that democratizes global
visibility into LEO satellite networks. HitchHiking builds on the observation
that Internet-exposed services that use LEO Internet can reveal satellite
network architecture and performance, bypassing the need for specialized
hardware. We evaluate HitchHiking against ground truth measurements and prior
methods, showing that it provides more coverage and accuracy. With HitchHiking,
we complete the largest study to date of Starlink network latency, measuring
over 2,400 users across 13 countries. We uncover unexpected patterns in latency
that surface how LEO routing is more complex than previously understood.
Finally, we conclude with recommendations for future research on LEO networks.Comment: Pre-Prin
The molecular epidemiology of multiple zoonotic origins of SARS-CoV-2
Understanding the circumstances that lead to pandemics is important for their prevention. Here, we analyze the genomic diversity of severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2) early in the coronavirus disease 2019 (COVID-19) pandemic. We show that SARS-CoV-2 genomic diversity before February 2020 likely comprised only two distinct viral lineages, denoted A and B. Phylodynamic rooting methods, coupled with epidemic simulations, reveal that these lineages were the result of at least two separate cross-species transmission events into humans. The first zoonotic transmission likely involved lineage B viruses around 18 November 2019 (23 October–8 December), while the separate introduction of lineage A likely occurred within weeks of this event. These findings indicate that it is unlikely that SARS-CoV-2 circulated widely in humans prior to November 2019 and define the narrow window between when SARS-CoV-2 first jumped into humans and when the first cases of COVID-19 were reported. As with other coronaviruses, SARS-CoV-2 emergence likely resulted from multiple zoonotic events
Recommended from our members
Using Honeybuckets to Characterize Cloud Storage Scanning in the Wild
In this thesis, we analyze to what extent actors target poorly-secured cloud storage bucketsfor attack. We deployed hundreds of AWS S3 honeybuckets with different names and content to
lure and measure different scanning strategies. Actors exhibited clear preferences for scanning
buckets that appeared to belong to organizations, especially commercial entities in the technology
sector with a vulnerability disclosure program. Actors continuously engaged with the content of
buckets by downloading, uploading, and deleting files. Most alarmingly, we recorded multiple
instances in which malicious actors downloaded, read, and understood a document from our
honeybucket, leading them to attempt to gain unauthorized server access
Recommended from our members
The molecular epidemiology of multiple zoonotic origins of SARS-CoV-2.
Understanding the circumstances that lead to pandemics is important for their prevention. We analyzed the genomic diversity of severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2) early in the coronavirus disease 2019 (COVID-19) pandemic. We show that SARS-CoV-2 genomic diversity before February 2020 likely comprised only two distinct viral lineages, denoted "A" and "B." Phylodynamic rooting methods, coupled with epidemic simulations, reveal that these lineages were the result of at least two separate cross-species transmission events into humans. The first zoonotic transmission likely involved lineage B viruses around 18 November 2019 (23 October to 8 December), and the separate introduction of lineage A likely occurred within weeks of this event. These findings indicate that it is unlikely that SARS-CoV-2 circulated widely in humans before November 2019 and define the narrow window between when SARS-CoV-2 first jumped into humans and when the first cases of COVID-19 were reported. As with other coronaviruses, SARS-CoV-2 emergence likely resulted from multiple zoonotic events