Deceptive Self-Attack for Cyber-Defense

The asymmetry between cyber-defense and cyber-offense is well-known; defenders must perfectly protect their systems, while attackers need only find one flaw. Defensive cyber-deception has been proposed as a way to mitigate this problem, by using various techniques designed to require attackers to defend themselves from misdirection, false data, and counter-attack. In this paper, we propose a new cyber-deception technique: deceptive self-attack (DSA). DSA modifies network and systems to give the appearance that an unknown third party is also at work attacking the same systems. It is our contention that the presence of this (deceptive) adversary pressures real adversaries in novel ways useful to cyber-defense; and discuss these effects. As a study in DSA, we present and evaluate SoundTheAlarm, a SMT-solver based system for generating deceptive self-attack network traffic. SoundTheAlarm uses public attack signatures from the Suricata intrusion detection system to automatically generate network traffic consistent with a particular cyber-attack signature

Invasion of the Botnet Snatchers: A Case Study in Applied Malware Cyberdeception

In this paper, we provide the initial steps towards a botnet deception mechanism, which we call 2face. 2face provides deception capabilities in both directions – upward, to the command and control (CnC) server, and downward, towards the botnet nodes – to provide administrators with the tools they need to discover and eradicate an infestation within their network without alerting the botnet owner that they have been discovered. The key to 2face is a set of mechanisms for rapidly reverse engineering the protocols used within a botnet. The resulting protocol descriptions can then be used with the 2face network deception tool to generate high-quality deceptive messaging, against the attacker. As context for our work, we show how 2face can be used to help reverse engineer and then generate deceptive traffic for the Mirai protocol. We also discuss how this work could be extended to address future threats

Draft Genome Sequencing of Three Glutaraldehyde-Tolerant Bacteria from Produced Water from Hydraulic Fracturing

Here, we report the draft genome sequence of three glutaraldehyde-resistant isolates from produced water from hydraulic fracturing operations. The three strains were identified as sp. strain G11, sp. strain G15, and sp. strain G16. The genome sequences of these isolates will provide insights into biocide resistance in hydraulic fracturing operations

Psychological sequelae of colonic resections

Aim The prevalence of anxiety, depression and post‐traumatic stress disorder (PTSD) in the general population has been estimated to be 5.9, 3.3 and 4.4% respectively. The aim of this study was to determine whether psychological problems are more prevalent following colorectal surgery. Method Patients who had undergone colorectal resection in a 2‐year period across 4 centres were asked to complete validated screening questionnaires for anxiety, depression and PTSD (GAD‐7, PHQ‐9, PCL‐5) 12‐48 months after surgery. Risk factors were identified using multiple linear regression analysis. Results After excluding those who had died or received palliative diagnoses, questionnaires were sent to 1150 patients. 371 responded (32.3% response rate); median age 67 (20‐99) years, 51% were male. 58% of patients underwent surgery for cancer, 23% had emergency surgery. 28% of patients screened positive for at least one psychological condition, with 20% screening positive for anxiety, 22% for depression and 14% for PTSD. Patients who were younger, female, had surgery as an emergency, for benign conditions, had stomas and critical care stay were more likely to have poorer psychological outcomes. Multiple linear regression found that only younger age (p=0.000) and female gender (p=0.048) were significant risk factors. Conclusion The prevalence of anxiety, depression and PTSD appears to be high in patients who have undergone colorectal surgery. Younger patients and women are particularly at risk. Further work is needed to determine how best to prevent, detect and treat people with adverse psychological outcomes following colorectal surgery

Effective Population Size, Gene Flow, and Species Status in a Narrow Endemic Sunflower, Helianthus neglectus, Compared to Its Widespread Sister Species, H. petiolaris

Species delimitation has long been a difficult and controversial process, and different operational criteria often lead to different results. In particular, investigators using phenotypic vs. molecular data to delineate species may recognize different boundaries, especially if morphologically or ecologically differentiated populations have only recently diverged. Here we examine the genetic relationship between the widespread sunflower species Helianthus petiolaris and its narrowly distributed sand dune endemic sister species H. neglectus using sequence data from nine nuclear loci. The two species were initially described as distinct based on a number of minor morphological differences, somewhat different ecological tolerances, and at least one chromosomal rearrangement distinguishing them; but detailed molecular data has not been available until now. We find that, consistent with previous work, H. petiolaris is exceptionally genetically diverse. Surprisingly, H. neglectus harbors very similar levels of genetic diversity (average diversity across loci is actually slightly higher in H. neglectus). It is extremely unlikely that such a geographically restricted species could maintain these levels of genetic variation in isolation. In addition, the two species show very little evidence of any genetic divergence, and estimates of interspecific gene flow are comparable to gene flow estimates among regions within H. petiolaris. These results indicate that H. petiolaris and H. neglectus likely do not represent two distinct, isolated gene pools; H. neglectus is probably more accurately thought of as a geographically restricted, morphologically and ecologically distinct subspecies of H. petiolaris rather than a separate species

Estimating population extinction thresholds with categorical classification trees for Louisiana black bears.

Monitoring vulnerable species is critical for their conservation. Thresholds or tipping points are commonly used to indicate when populations become vulnerable to extinction and to trigger changes in conservation actions. However, quantitative methods to determine such thresholds have not been well explored. The Louisiana black bear (Ursus americanus luteolus) was removed from the list of threatened and endangered species under the U.S. Endangered Species Act in 2016 and our objectives were to determine the most appropriate parameters and thresholds for monitoring and management action. Capture mark recapture (CMR) data from 2006 to 2012 were used to estimate population parameters and variances. We used stochastic population simulations and conditional classification trees to identify demographic rates for monitoring that would be most indicative of heighted extinction risk. We then identified thresholds that would be reliable predictors of population viability. Conditional classification trees indicated that annual apparent survival rates for adult females averaged over 5 years ([Formula: see text]) was the best predictor of population persistence. Specifically, population persistence was estimated to be ≥95% over 100 years when [Formula: see text], suggesting that this statistic can be used as threshold to trigger management intervention. Our evaluation produced monitoring protocols that reliably predicted population persistence and was cost-effective. We conclude that population projections and conditional classification trees can be valuable tools for identifying extinction thresholds used in monitoring programs