2,749 research outputs found
On the Reverse Engineering of the Citadel Botnet
Citadel is an advanced information-stealing malware which targets financial
information. This malware poses a real threat against the confidentiality and
integrity of personal and business data. A joint operation was recently
conducted by the FBI and the Microsoft Digital Crimes Unit in order to take
down Citadel command-and-control servers. The operation caused some disruption
in the botnet but has not stopped it completely. Due to the complex structure
and advanced anti-reverse engineering techniques, the Citadel malware analysis
process is both challenging and time-consuming. This allows cyber criminals to
carry on with their attacks while the analysis is still in progress. In this
paper, we present the results of the Citadel reverse engineering and provide
additional insight into the functionality, inner workings, and open source
components of the malware. In order to accelerate the reverse engineering
process, we propose a clone-based analysis methodology. Citadel is an offspring
of a previously analyzed malware called Zeus; thus, using the former as a
reference, we can measure and quantify the similarities and differences of the
new variant. Two types of code analysis techniques are provided in the
methodology, namely assembly to source code matching and binary clone
detection. The methodology can help reduce the number of functions requiring
manual analysis. The analysis results prove that the approach is promising in
Citadel malware analysis. Furthermore, the same approach is applicable to
similar malware analysis scenarios.Comment: 10 pages, 17 figures. This is an updated / edited version of a paper
appeared in FPS 201
A conserved and essential basic region mediates tRNA binding to the Elp1 subunit of the <em>Saccharomyces cerevisiae</em> Elongator complex
Elongator is a conserved, multi-protein complex discovered in Saccharomyces cerevisiae, loss of which confers a range of pleiotropic phenotypes. Elongator in higher eukaryotes is required for normal growth and development and a mutation in the largest subunit of human Elongator (Elp1) causes familial dysautonomia, a severe recessive neuropathy. Elongator promotes addition of mcm(5) and ncm(5) modifications to uridine in the tRNA anticodon ‘wobble’ position in both yeast and higher eukaryotes. Since these modifications are required for the tRNAs to function efficiently, a translation defect caused by hypomodified tRNAs may therefore underlie the variety of phenotypes associated with Elongator dysfunction. The Elp1 carboxy-terminal domain contains a highly conserved arginine/lysine-rich region that resembles a nuclear localization sequence (NLS). Using alanine substitution mutagenesis, we show that this region is essential for Elongator's function in tRNA wobble uridine modification. However, rather than acting to determine the nucleo-cytoplasmic distribution of Elongator, we find that the basic region plays a critical role in a novel interaction between tRNA and the Elp1 carboxy-terminal domain. Thus the conserved basic region in Elp1 may be essential for tRNA wobble uridine modification by acting as tRNA binding motif
The Analysis of Large Order Bessel Functions in Gravitational Wave Signals from Pulsars
In this work, we present the analytic treatment of the large order Bessel
functions that arise in the Fourier Transform (FT) of the Gravitational Wave
(GW) signal from a pulsar. We outline several strategies which employ
asymptotic expansions in evaluation of such Bessel functions which also happen
to have large argument. Large order Bessel functions also arise in the
Peters-Mathews model of binary inspiralling stars emitting GW and several
problems in potential scattering theory. Other applications also arise in a
variety of problems in Applied Mathematics as well as in the Natural Sciences
and present a challenge for High Performance Computing(HPC).Comment: 8 pages, Uses IEEE style files: Ieee.cls, Ieee.clo and floatsty.sty.
Accepted for publication in High Performance Computing Symposium, May 15-18
(HPCS 2005) Guelph, Ontario, Canad
Asymptotic near optimality of the bisection method
Journal ArticleThe bisection method is shown to possess the nearly best rate of convergence for infinitely differentiable functions having zeros of arbitrary multiplicity. If the multiplicity of zeros is bounded, methods are known which have asymptotically at least quadratic rate of convergence
Recommended from our members
Asymptotic Optimality of the Bisection Method
The bisection method is shown to possess the asymptotically best rate of convergence for infinitely differentiable functions having zeros of arbitrary multiplicity. If the multiplicity of zeros is bounded methods are known which have asymptotically at least quadratic rate of convergence
Learning Koopman eigenfunctions of stochastic diffusions with optimal importance sampling and ISOKANN
The dominant eigenfunctions of the Koopman operator characterize the metastabilities and slow-timescale dynamics of stochastic diffusion processes. In the context of molecular dynamics and Markov state modeling, they allow for a description of the location and frequencies of rare transitions, which are hard to obtain by direct simulation alone. In this article, we reformulate the eigenproblem in terms of the ISOKANN framework, an iterative algorithm that learns the eigenfunctions by alternating between short burst simulations and a mixture of machine learning and classical numerics, which naturally leads to a proof of convergence. We furthermore show how the intermediate iterates can be used to reduce the sampling variance by importance sampling and optimal control (enhanced sampling), as well as to select locations for further training (adaptive sampling). We demonstrate the usage of our proposed method in experiments, increasing the approximation accuracy by several orders of magnitude
The extension problem for partial Boolean structures in Quantum Mechanics
Alternative partial Boolean structures, implicit in the discussion of
classical representability of sets of quantum mechanical predictions, are
characterized, with definite general conclusions on the equivalence of the
approaches going back to Bell and Kochen-Specker. An algebraic approach is
presented, allowing for a discussion of partial classical extension, amounting
to reduction of the number of contexts, classical representability arising as a
special case. As a result, known techniques are generalized and some of the
associated computational difficulties overcome. The implications on the
discussion of Boole-Bell inequalities are indicated.Comment: A number of misprints have been corrected and some terminology
changed in order to avoid possible ambiguitie
Anatomy of Malicious Singularities
As well known, the b-boundaries of the closed Friedman world model and of
Schwarzschild solution consist of a single point. We study this phenomenon in a
broader context of differential and structured spaces. We show that it is an
equivalence relation , defined on the Cauchy completed total space
of the frame bundle over a given space-time, that is responsible for
this pathology. A singularity is called malicious if the equivalence class
related to the singularity remains in close contact with all other
equivalence classes, i.e., if for every . We
formulate conditions for which such a situation occurs. The differential
structure of any space-time with malicious singularities consists only of
constant functions which means that, from the topological point of view,
everything collapses to a single point. It was noncommutative geometry that was
especially devised to deal with such situations. A noncommutative algebra on
, which turns out to be a von Neumann algebra of random operators,
allows us to study probabilistic properties (in a generalized sense) of
malicious singularities. Our main result is that, in the noncommutative regime,
even the strongest singularities are probabilistically irrelevant.Comment: 16 pages in LaTe
- …