NGBPA Next Generation BotNet Protocol Analysis

Abstract The command & control (c&c) protocols of botnets are moving away from plaintext IRC communicationt towards encrypted and obfuscated protocols. In gen-eral, these protocols are proprietary. Therefore, standard network monitoring tools are not able to extract the commands from the collected traffic. However, if we want to monitor these new botnets, we need to know how their protocol decryption works. In this paper we present a novel approach in malware analysis for locating the en-cryption and decryption functions in botnet programs. This information can be used to extract these functions for c&c protocols. We illustrate the applicability of our approach by a sample from the Kraken botnet. Using our approach, we were able to identify the encryption routine within minutes. We then extracted the c&c protocol encryption and decryption. Both are presented in this paper.

Worm Epidemics in Wireless Adhoc Networks

A dramatic increase in the number of computing devices with wireless communication capability has resulted in the emergence of a new class of computer worms which specifically target such devices. The most striking feature of these worms is that they do not require Internet connectivity for their propagation but can spread directly from device to device using a short-range radio communication technology, such as WiFi or Bluetooth. In this paper, we develop a new model for epidemic spreading of these worms and investigate their spreading in wireless ad hoc networks via extensive Monte Carlo simulations. Our studies show that the threshold behaviour and dynamics of worm epidemics in these networks are greatly affected by a combination of spatial and temporal correlations which characterize these networks, and are significantly different from the previously studied epidemics in the Internet

Simulation-Based Graph Similarity

We present symmetric and asymmetric similarity measures for labeled directed rooted graphs that are inspired by the simulation and bisimulation relations on labeled transition systems. Computation of the similarity measures has close connections to discounted Markov decision processes in the asymmetric case and to perfect-information stochastic games in the symmetric case. For the symmetric case, we also give a polynomial-time algorithm that approximates the similarity to any desired precision

Botnets for scalable management

International audienceWith an increasing number of devices that must be managed, the scalability of network and service management is a real challenge. A similar challenge seems to be solved by botnets which are the major security threats in today's Internet where a botmaster can control several thousands of computers around the world. This is done although many hindernesses like firewalls, intrusion detection systems and other deployed security appliances to protect current networks. From a technical point of view, such an efficiency can be a benefit for network and service management. This paper describes a new management middleware based on botnets, evaluates its performances and shows its potential impact based on a parametric analytical model

Static Magnetic Field Therapy: A Critical Review of Treatment Parameters

Static magnetic field (SMF) therapy, applied via a permanent magnet attached to the skin, is used by people worldwide for self-care. Despite a lack of established SMF dosage and treatment regimens, multiple studies are conducted to evaluate SMF therapy effectiveness. Our objectives in conducting this review are to:(i) summarize SMF research conducted in humans; (ii) critically evaluate reporting quality of SMF dosages and treatment parameters and (iii) propose a set of criteria for reporting SMF treatment parameters in future clinical trials. We searched 27 electronic databases and reference lists. Only English language human studies were included. Excluded were studies of electromagnetic fields, transcranial magnetic stimulation, magnets placed on acupuncture points, animal studies, abstracts, posters and editorials. Data were extracted on clinical indication, study design and 10 essential SMF parameters. Three reviewers assessed quality of reporting and calculated a quality assessment score for each of the 10 treatment parameters. Fifty-six studies were reviewed, 42 conducted in patient populations and 14 in healthy volunteers. The SMF treatment parameters most often and most completely described were site of application, magnet support device and frequency and duration of application. Least often and least completely described were characteristics of the SMF: magnet dimensions, measured field strength and estimated distance of the magnet from the target tissue. Thirty-four (61%) of studies failed to provide enough detail about SMF dosage to permit protocol replication by other investigators. Our findings highlight the need to optimize SMF dosing parameters for individual clinical conditions before proceeding to a full-scale clinical trial

The Leeds Assessment of Neuropathic Symptoms and Signs Scale (LANSS) is not an adequate outcome measure of pressure ulcer-related neuropathic pain

Background: Few pain assessment scales have been used in Pressure Ulcer (PU) research and none developed or validated for people with PUs. We examined the Leeds Assessment of Neuropathic Symptoms and Signs (LANSS) scale to determine its utility as an outcome measure for people with pressure-area related pain. Methods: LANSS data from 728 participants underwent psychometric analyses: traditional tests for data quality, scaling assumptions, reliability and validity and a Rasch analysis including tests of fit, spread and targeting of item locations, response dependency, person separation index (reliability) and differential item functioning. Results: Our findings offer support for a unidimensional scale; confirmatory factor analysis indicated a non-significant Chi-Square test of model fit ((df =14) 23.48, p= 0.053). However, some misfit was identified at the overall scale and individual item levels, and internal construct validity of the LANSS as an outcome measure for neuropathic pain in people with pressure-area related pain was not supported; low to moderate item-total correlations (Chi Square (df = 28) 55.546, p = 0.002) and inter-item correlations (mean 0.117 and range from 0.063 - 0.415); and low Cronbach’s alpha (0.549) and Person Separation Index (0.334). Conclusions: Requirements for reliable and valid measurement do not support the use of the LANSS as an outcome measure in people with PUs at the individual level or as a generalised measurement scale of neuropathic pain across ulcer severity groups. Expanding the number of items to aid differentiation between neuropathic pain levels and improving scale reliability is recommended