A malware instruction set for behavior-based analysis

We introduce a new representation for monitored behavior of malicious software called Malware Instruction Set (MIST). The representation is optimized for effective and efficient analysis of behavior using data mining and machine learning techniques. It can be obtained automatically during analysis of malware with a behavior monitoring tool or by converting existing behavior reports. The representation is not restricted to a particular monitoring tool and thus can also be used as a meta language to unify behavior reports of different sources

Musterbasiertes Filtern von Schadprogrammen und Spam

In der vorliegenden Arbeit werden sprachbasierte Filter für Schadprogramme und Spam-Nachrichten vorgestellt. Die Filter basieren auf eigens dafür entwickelten, kontextfreien Grammatiken, anhand derer sich das Verhalten von Programmen und der Aufbau von Spam-Nachrichten beschreiben lassen. Zum Filtern werden die Grammatiken um spezifische Verhaltensmuster beziehungsweise Spam-Inhalte erweitert. Die Evaluierung der Schadprogramm- und Spam-Filter erfolgt an realen Datensätzen und liefert für beide Filtersysteme sehr gute Ergebnisse

Blacklisting Malicious Websites using Peer-to-Peer Technology

The misuse of websites to serve exploit code to compromise hosts on the Internet has increased drastically in the recent years. With new methods like Fast- or Domain Fluxing the attackers have found ways to generate thousands of links leading to malicious webservers in a very short time. With the help of the distributed blacklist solution we propose in this paper we are able to quickly respond to new threats and have the ability to involve different sources to collect information about malicious websites. It is therefore possible to protect networks from threats that they have not even been targeted for yet, by sharing attack information globally

Kiri Karl Morgensternile, Hasenpoth

http://tartu.ester.ee/record=b1777547~S1*es

Human-Mediated Emergence as a Weed and Invasive Radiation in the Wild of the CD Genome Allotetraploid Rice Species (Oryza, Poaceae) in the Neotropics

BACKGROUND: The genus Oryza is being used as a model in plant genomic studies although there are several issues still to be resolved regarding the spatio-temporal evolution of this ancient genus. Particularly contentious is whether undated transoceanic natural dispersal or recent human interference has been the principal agent determining its present distribution and differentiation. In this context, we studied the origin and distribution history of the allotetraploid CD rice genome. It is endemic to the Neotropics but the genus is thought to have originated in the Paleotropics, and there is relatively little genetic divergence between some orthologous sequences of the C genome component and their Old World counterparts. METHODOLOGY/PRINCIPAL FINDINGS: Because of its allotetraploidy, there are several potential pitfalls in trying to date the formation of the CD genome using molecular data and this could lead to erroneous estimates. Therefore, we rather chose to rely on historical evidence to determine whether or not the CD genome was present in the Neotropics before the arrival of Columbus. We searched early collections of herbarium specimens and studied the reports of explorers of the tropical Americas for references to rice. In spite of numerous collectors traveling inland and collecting Oryza, plants determined as CD genome species were not observed away from cultivated rice fields until 1869. Various arguments suggest that they only consisted of weedy forms until that time. CONCLUSIONS/SIGNIFICANCE: The spatio-temporal distribution of herbarium collections fits a simple biogeographical scenario for the emergence in cultivated rice fields followed by radiation in the wild of the CD genome in the Neotropics during the last four centuries. This probably occurred from species introduced to the Americas by humans and we found no evidence that the CD genome pre-existed in the Old World. We therefore propose a new evolutionary hypothesis for such a recent origin of the CD genome. Moreover, we exemplify how an historical approach can provide potentially important information and help to disentangle the timing of evolutionary events in the history of the Oryza genomes