Monitoring the DNS Infrastructure for Proactive Botnet Detection

Botnets enable many cyber-criminal activities, such as DDoS attacks, banking fraud and cyberespionage. Botmasters use various techniques to create, maintain and hide their complex C&C infrastructures. First, they use P2P techniques and domain fast-flux to increase the resilience against take-down actions. Second, botnets encrypt their communication payload to prevent signature based detection. However, botnets often use the domain name system (DNS), e.g., to ﬿nd peers and register malicious domains. Since, botmasters manage a large distributed overlay network, but have limited personal resources, they tend to automate domain registration, e.g. using domain name generation algorithms (DGAs). Such automatically generated domains share similarities and appear to be registered in close temporal distance. Such characteristics can be used for bot detection, while their deployment is still in preparation. Hence, the goal of this research is early detection of botnets to facilitate proactive mitigation strategies. Using such a proactive approach prevents botnets from evolving their full size and attack power. As many end users are unable to detect and clean infected machines, we favour a provider-based approach, involving ISPs and DNS registrars. This approach bene﬿ts from its overview of the network that allows to discover behavioural similarities of different connected systems. The bene﬿t of tackling distributed large-scale attacks at provider level has been discussed and demonstrated in previous studies by others. Further, initiatives to incentive ISPs centred botnet mitigation are already ongoing. Previous research already addressed the domain registration behaviour of spammers and demonstrated DGA based malware detection. In contrast, our approach includes the detection of malicious DNS registration behaviour, which we currently analyse for the .com, .net and .org top level domains. These domains represent half of the registered Internet domains. By combining DNS registration behaviour analysis with passive monitoring of DNS requests and IP flows, we are able to tackle botnets throughout their whole life-cycle

How to Achieve Early Botnet Detection at the Provider Level?

Botnets are an enabler for many cyber-criminal activities and often responsible for DDoS attacks, banking fraud, cyber-espionage and extortion. Botnets are controlled by a botmaster that uses various advanced techniques to create, maintain and hide their complex and distributed C&C infrastructures. First, they use P2P techniques and domain fast-flux to increase the resilience against take-down actions. Second, botnets encrypt their communication payload to prevent signature based detection. Both, the actions to increase the resilience and the prevention of signature based detection are counteractions against detection techniques. In contrast to existing approaches, our novel approach includes DNS registration behaviour, which we currently analyse for the .com, .net and .org domains, representing half of registered domains on the Internet. Hence, the goal of this PhD research is to enable early detection of the deployment and operation of botnets to facilitate proactive mitigation strategies, whereas current approaches usually detect botnets while these are already in active use. Consequently, this proactive approach prevents botnets to fully evolve their size and attack power. Moreover, as many end users are unable to detect and clean infected machines, our approach tackles the botnet phenomenon without requiring any end user involvement, by incorporating ISPs and domain name registrars. In addition, this will enable the discovery of similar behaviour of different connected systems, which allows detection in cases where bots are registered under domains that are not willing to cooperate

Proactive Botnet Detection and Defense at Internet scale

Botnets provide the basis for various cyber-threats. However, setting up a complex botnet infrastructure often involves registration of domain names in the domain name system (DNS). Active as well as passive monitoring approaches can be used in the detection of domains that are registered for botnets and other malicious activities. We present a novel architecture for proactive botent detection and defense based on large-scale DNS measurement and smart pattern recognition using machine learning

Mudanças tecnológicas e Agenda 2030 para o Desenvolvimento Sustentável : o papel das instituições de ensino superior para o desenvolvimento regional

Este ensaio tem como finalidade principaldemonstrar o forte relacionamento entre osObjetivos de Desenvolvimento Sustentável (ODS),apresentados na Agenda 2030 da Organizaçãodas Nações Unidas (ONU), e o cenário atualde mudanças tecnológicas que o mundo vematravessando. O estudo das transformaçõestecnológicas, ao longo da história, evidencia arelevância destas para o desenvolvimento, que éadaptado à situação de cada momento históricode regiões e países. Nesse contexto, novosconceitos surgem, como é o caso da ecoinovação.Nela, está claramente estabelecida a relação entre sustentabilidade ambiental e tecnologia.O texto conclui e destaca o papel estratégicodas Instituições de Ensino Superior (IES) comoagentes especiais para o desenvolvimento regional,por meio da promoção de inovações no campoambiental (ecoinovações) e vinculadas, portanto, àAgenda 2030.This essay has the main aim of showing the strongrelationship between Sustainable DevelopmentGoals (SDG) - United Nations 2030 Agenda - andthe current scenario of technological changes in theworld. The study of technical changes, during thehistory, has been important for the developmentof regions and countries, adapted to each historicalmomentum. In this context, new concepts appearssuch as eco-innovation, in which it presents a clearrelation between environmental sustainability andtechnology. This text concludes with the strategicrole of higher education institutions as a relevantagent for regional development, through the promotion of innovations in the environmentalfield (eco-innovations) and, therefore, linked to theAgenda 2030

Mudanças tecnológicas e Agenda 2030 para o Desenvolvimento Sustentável : o papel das instituições de ensino superior para o desenvolvimento regional

Este ensaio tem como finalidade principaldemonstrar o forte relacionamento entre osObjetivos de Desenvolvimento Sustentável (ODS),apresentados na Agenda 2030 da Organizaçãodas Nações Unidas (ONU), e o cenário atualde mudanças tecnológicas que o mundo vematravessando. O estudo das transformaçõestecnológicas, ao longo da história, evidencia arelevância destas para o desenvolvimento, que éadaptado à situação de cada momento históricode regiões e países. Nesse contexto, novosconceitos surgem, como é o caso da ecoinovação.Nela, está claramente estabelecida a relação entre sustentabilidade ambiental e tecnologia.O texto conclui e destaca o papel estratégicodas Instituições de Ensino Superior (IES) comoagentes especiais para o desenvolvimento regional,por meio da promoção de inovações no campoambiental (ecoinovações) e vinculadas, portanto, àAgenda 2030.This essay has the main aim of showing the strongrelationship between Sustainable DevelopmentGoals (SDG) - United Nations 2030 Agenda - andthe current scenario of technological changes in theworld. The study of technical changes, during thehistory, has been important for the developmentof regions and countries, adapted to each historicalmomentum. In this context, new concepts appearssuch as eco-innovation, in which it presents a clearrelation between environmental sustainability andtechnology. This text concludes with the strategicrole of higher education institutions as a relevantagent for regional development, through the promotion of innovations in the environmentalfield (eco-innovations) and, therefore, linked to theAgenda 2030

JAK-2 inhibitors and allogeneic transplant in myelofibrosis

7The activation of the JAK1/JAK2 pathway plays a crucial role in the pathogenesis of myelofibrosis. Treatment with the JAK2 inhibitor ruxolitinib demonstrated to reduce splenomegaly and symptoms in patients affected by myelofibrosis, leading to a significant improvement of overall survival in comparison with the supportive therapies. Taking in account this recent therapeutic progress, it is necessary to redefine the role of the allogeneic hematopoietic stem cell transplantation, which has been considered the only curative option for fit myelofibrosis patients up to now. In the era of JAK2 inhibitors, allogeneic transplant is still indicated in patients with intermediate-2 and high-risk myelofibrosis or red blood cell transfusion dependent patients or patients with unfavourable karyotype. There is no direct evidence to recommend which conditioning regimen should be preferentially adopted. Graft failure, relapse and transplant related mortality are still current issues of the allogeneic stem cell transplantation, particularly from unrelated donors. Ruxolitinib can be efficaciously included in the platform of allogeneic transplant. In fact, ruxolitinib treatment for 3-4 months before transplant has demonstrated to reduce spleen and improve performance status in about 30-50% of patients, without impairing the outcome of the subsequent transplant. Ruxolitinib has to stopped the day before conditioning to avoid rebound phenomenon. There are no sufficient data to recommend ruxolitinib administration after transplant with the aim of eradicating minimal residual disease and preventing relapse.openopenPatriarca, F; Sperotto, A; De Marchi, R; Perali, G; Cigana, C; Lazzarotto, D; Fanin, RPatriarca, Francesca; Sperotto, A; De Marchi, R; Perali, G; Cigana, C; Lazzarotto, D; Fanin, Renat