145 research outputs found
No NAT'd User left Behind: Fingerprinting Users behind NAT from NetFlow Records alone
It is generally recognized that the traffic generated by an individual
connected to a network acts as his biometric signature. Several tools exploit
this fact to fingerprint and monitor users. Often, though, these tools assume
to access the entire traffic, including IP addresses and payloads. This is not
feasible on the grounds that both performance and privacy would be negatively
affected. In reality, most ISPs convert user traffic into NetFlow records for a
concise representation that does not include, for instance, any payloads. More
importantly, large and distributed networks are usually NAT'd, thus a few IP
addresses may be associated to thousands of users. We devised a new
fingerprinting framework that overcomes these hurdles. Our system is able to
analyze a huge amount of network traffic represented as NetFlows, with the
intent to track people. It does so by accurately inferring when users are
connected to the network and which IP addresses they are using, even though
thousands of users are hidden behind NAT. Our prototype implementation was
deployed and tested within an existing large metropolitan WiFi network serving
about 200,000 users, with an average load of more than 1,000 users
simultaneously connected behind 2 NAT'd IP addresses only. Our solution turned
out to be very effective, with an accuracy greater than 90%. We also devised
new tools and refined existing ones that may be applied to other contexts
related to NetFlow analysis
Reliability issues in the design of distributed object-based architectures
PhD ThesisThis thesis is aimed at enhancing the existing set of techniques for building
distributed systems, specifically from the point of view of fault-tolerant com-
puting.
Reliability is of fundamental importance in the design and operation of dis-
tributed systems, as an increasing number of computers are employed in the
automation of various essential services. In the past decade, much research
effort has been concerned with the object-based methodology for the design
and implementation of reliable distributed systems.
This thesis describes three contributions to this effort. First, it is shown
that object-based programming features can in fact be introduced into pro-
cedural languages provided that these languages are endowed with certain
facilities. Then, work is discussed which illustrates the relationship
between distributed object-based architectures and an apparently different
form of distributed architectures based on processes. This work puts the
notion of object-based architectures into a new perspective, which shows
that the object-based philosophy and the process-based philosophy are the
dual of each other.
Finally, an important aspect of the design of an object-based distributed
architecture is investigated, that of automatic garbage collection. A distri-
buted garbage collection scheme is described that handles fault tolerance by
an extension of the technique commonly employed to detect unwanted com-
putations in distributed architectures. The scheme proposed can also be
seen as yet a further illustration of the link between object-based and
process-based architectures.Royal Signals and Radar Establishment of the U.K.
Ministry of Defence.
Italian Consiglio Nazionale delle Ricerch
A Novel Stealthy Attack to Gather SDN Configuration-Information
Software Defined Networking (SDN) is a recent network architecture based on the separation of forwarding functions from network logic, and provides high flexibility in the management of the network. In this paper, we show how an attacker can exploit SDN programmability to obtain detailed knowledge about the network behaviour. In particular, we introduce a novel attack, named Know Your Enemy (KYE), which allows an attacker to gather vital information about the configuration of the network. Through the KYE attack, an attacker can obtain information ranging from the configuration of security tools, such as attack detection thresholds for network scanning, to general network policies like QoS and network virtualization. Additionally, we show that the KYE attack can be performed in a stealthy fashion, allowing an attacker to learn configuration secrets without being detected. We underline that the vulnerability exploited by the KYE attack is proper of SDN and is not present in legacy networks. Finally, we address the KYE attack by proposing an active defense countermeasure based on network flows obfuscation, which considerably increases the complexity for a successful attack. Our solution offers provable security guarantees that can be tailored to the needs of the specific network under consideration
An Overview of Stepped Hull Performance Evaluation: Sea Trial Data vs Full-Scale CFD Simulation
It is well known that the dynamic of the stepped hull in real scale is rather complex and it’s not easy to predict that using empirical or mathematical approaches, and by the numerical and experimental way as well. Moreover, there is a huge lack in the literature of data related to sea trials of the stepped hull. Furthermore, the reliability of full-scale CFD simulations is not widely proven and validated especially for high speed and planing hull. For these several reasons, in this paper, the authors are focused on the comparison of the results carried out from model experimental tests performed in the model basin, full-scale CFD simulations, and sea trial tests. The performed simulations in full-scale have been compared to the extrapolated experimental tests and the sea-trial results. Moreover, the dynamic trim angle and the dynamic wetted surface have been taken into account to assess the reliability of the full-scale simulation performed. The stepped hull considered is a Mito 31 outboard Rigid Inflatable Boat (RIB) built by MV Marine Srl Company
An Intraoperative Detecting Probe For Radio-Guided Surgery in Tumour Resection
The development of the based radio-guided surgery aims to extend
the technique to those tumours where surgery is the only possible treatment and
the assessment of the resection would most profit from the low background
around the lesion, as for brain tumours. Feasibility studies on meningioma,
glioma, and neuroendocrine tumors already estimated the potentiality of this
new treatment. To validate the technique, prototypes of the intraoperative
probe required by the technique to detect radiation have been
developed. This paper discusses the design details of the device and the tests
performed in laboratory. In such tests particular care has to be taken to
reproduce the surgical field conditions. The innovative technique to produce
specific phantoms and the dedicated testing protocols is described in detail.Comment: 7 pages, 15 figure
In Vitro Control of Post-Harvest Fruit Rot Fungi by Some Plant Essential Oil Components
Eight substances that are main components of the essential oils from three Mediterranean aromatic plants (Verbena officinalis, Thymus vulgaris and Origanum vulgare), previously found active against some phytopathogenic Fungi and Stramenopila, have been tested in vitro against five etiological agents of post-harvest fruit decay, Botrytis cinerea, Penicillium italicum, P. expansum, Phytophthora citrophthora and Rhizopus stolonifer. The tested compounds were β-fellandrene, β-pinene, camphene, carvacrol, citral, o-cymene, γ-terpinene and thymol. Citral exhibited a fungicidal action against P. citrophthora; carvacrol and thymol showed a fungistatic activity against P. citrophthora and R. stolonifer. Citral and carvacrol at 250 ppm, and thymol at 150 and 250 ppm stopped the growth of B. cinerea. Moreover, thymol showed fungistatic and fungicidal action against P. italicum. Finally, the mycelium growth of P. expansum was inhibited in the presence of 250 ppm of thymol and carvacrol. These results represent an important step toward the goal to use some essential oils or their components as natural preservatives for fruits and foodstuffs, due to their safety for consumer healthy and positive effect on shelf life extension of agricultural fresh products
The Italian National Project of Astrobiology-Life in Space-Origin, Presence, Persistence of Life in Space, from Molecules to Extremophiles
The \u2018\u2018Life in Space\u2019\u2019 project was funded in the wake of
the Italian Space Agency\u2019s proposal for the development
of a network of institutions and laboratories conceived to
implement Italian participation in space astrobiology experiments
Acute Delta Hepatitis in Italy spanning three decades (1991–2019): Evidence for the effectiveness of the hepatitis B vaccination campaign
Updated incidence data of acute Delta virus hepatitis (HDV) are lacking worldwide. Our aim was to evaluate incidence of and risk factors for acute HDV in Italy after the introduction of the compulsory vaccination against hepatitis B virus (HBV) in 1991. Data were obtained from the National Surveillance System of acute viral hepatitis (SEIEVA). Independent predictors of HDV were assessed by logistic-regression analysis. The incidence of acute HDV per 1-million population declined from 3.2 cases in 1987 to 0.04 in 2019, parallel to that of acute HBV per 100,000 from 10.0 to 0.39 cases during the same period. The median age of cases increased from 27 years in the decade 1991-1999 to 44 years in the decade 2010-2019 (p < .001). Over the same period, the male/female ratio decreased from 3.8 to 2.1, the proportion of coinfections increased from 55% to 75% (p = .003) and that of HBsAg positive acute hepatitis tested for by IgM anti-HDV linearly decreased from 50.1% to 34.1% (p < .001). People born abroad accounted for 24.6% of cases in 2004-2010 and 32.1% in 2011-2019. In the period 2010-2019, risky sexual behaviour (O.R. 4.2; 95%CI: 1.4-12.8) was the sole independent predictor of acute HDV; conversely intravenous drug use was no longer associated (O.R. 1.25; 95%CI: 0.15-10.22) with this. In conclusion, HBV vaccination was an effective measure to control acute HDV. Intravenous drug use is no longer an efficient mode of HDV spread. Testing for IgM-anti HDV is a grey area requiring alert. Acute HDV in foreigners should be monitored in the years to come
- …