Master of puppets: analyzing and attacking a botnet for fun and profit

A botnet is a network of compromised machines (bots), under the control of an attacker. Many of these machines are infected without their owners’ knowledge, and botnets are the driving force behind several misuses and criminal activities on the Internet (for example spam emails). Depending on its topology, a botnet can have zero or more command and control (C&C) servers, which are centralized machines controlled by the cybercriminal that issue commands and receive reports back from the co-opted bots. In this paper, we present a comprehensive analysis of the command and control infrastructure of one of the world’s largest proprietary spamming botnets between 2007 and 2012: Cutwail/Pushdo. We identify the key functionalities needed by a spamming botnet to operate effectively. We then develop a number of attacks against the command and control logic of Cutwail that target those functionalities, and make the spamming operations of the botnet less effective. This analysis was made possible by having access to the source code of the C&C software, as well as setting up our own Cutwail C&C server, and by implementing a clone of the Cutwail bot. With the help of this tool, we were able to enumerate the number of bots currently registered with the C&C server, impersonate an existing bot to report false information to the C&C server, and manipulate spamming statistics of an arbitrary bot stored in the C&C database. Furthermore, we were able to make the control server inaccessible by conducting a distributed denial of service (DDoS) attack. Our results may be used by law enforcement and practitioners to develop better techniques to mitigate and cripple other botnets, since many of findings are generic and are due to the workflow of C&C communication in general.First author draf

Master of Puppets: Analyzing And Attacking A Botnet For Fun And Profit

A botnet is a network of compromised machines (bots), under the control of an attacker. Many of these machines are infected without their owners' knowledge, and botnets are the driving force behind several misuses and criminal activities on the Internet (for example spam emails). Depending on its topology, a botnet can have zero or more command and control (C&C) servers, which are centralized machines controlled by the cybercriminal that issue commands and receive reports back from the co-opted bots. In this paper, we present a comprehensive analysis of the command and control infrastructure of one of the world's largest proprietary spamming botnets between 2007 and 2012: Cutwail/Pushdo. We identify the key functionalities needed by a spamming botnet to operate effectively. We then develop a number of attacks against the command and control logic of Cutwail that target those functionalities, and make the spamming operations of the botnet less effective. This analysis was made possible by having access to the source code of the C&C software, as well as setting up our own Cutwail C&C server, and by implementing a clone of the Cutwail bot. With the help of this tool, we were able to enumerate the number of bots currently registered with the C&C server, impersonate an existing bot to report false information to the C&C server, and manipulate spamming statistics of an arbitrary bot stored in the C&C database. Furthermore, we were able to make the control server inaccessible by conducting a distributed denial of service (DDoS) attack. Our results may be used by law enforcement and practitioners to develop better techniques to mitigate and cripple other botnets, since many of findings are generic and are due to the workflow of C&C communication in general

Transitions between homophilic and heterophilic modes of cooperation

Cooperation is ubiquitous in biological and social systems. Previous studies revealed that a preference toward similar appearance promotes cooperation, a phenomenon called tag-mediated cooperation or communitarian cooperation. This effect is enhanced when a spatial structure is incorporated, because space allows agents sharing an identical tag to regroup to form locally cooperative clusters. In spatially distributed settings, one can also consider migration of organisms, which has a potential to further promote evolution of cooperation by facilitating spatial clustering. However, it has not yet been considered in spatial tag-mediated cooperation models. Here we show, using computer simulations of a spatial model of evolutionary games with organismal migration, that tag-based segregation and homophilic cooperation arise for a wide range of parameters. In the meantime, our results also show another evolutionarily stable outcome, where a high level of heterophilic cooperation is maintained in spatially well-mixed patterns. We found that these two different forms of tag-mediated cooperation appear alternately as the parameter for temptation to defect is increased.Comment: 16 pages, 7 figure

Adaptive long-range migration promotes cooperation under tempting conditions

Migration is a fundamental trait in humans and animals. Recent studies investigated the effect of migration on the evolution of cooperation, showing that contingent migration favors cooperation in spatial structures. In those studies, only local migration to immediate neighbors was considered, while long-range migration has not been considered yet, partly because the long-range migration has been generally regarded as harmful for cooperation as it would bring the population to a well-mixed state that favors defection. Here, we studied the effects of adaptive long-range migration on the evolution of cooperation through agent-based simulations of a spatial Prisoner's Dilemma game where individuals can jump to a farther site if they are surrounded by more defectors. Our results show that adaptive long-range migration strongly promotes cooperation, especially under conditions where the temptation to defect is considerably high. These findings demonstrate the significance of adaptive long-range migration for the evolution of cooperation.Comment: 7 pages, 9 figure

Estimating the dopant distribution in Ca-doped alpha-SiAlON: statistical HAADF-STEM analysis and large-scale atomic modeling

We investigated the dopant distribution in Ca-doped alpha-SiAlON by using high-angle annular dark-field scanning transmission electron microscopy and a multi-slice image simulation. Our results showed that the electron wave propagated by hopping to adjacent Si(Al) and N(O) columns. The image intensities of the Ca columns had wider dispersions than other columns. To estimate the Ca distribution in the bulk material, we performed a Monte Carlo atomic simulation of the alpha-SiAlON with Ca dopants. A model including a short-range Coulomb-like repulsive force between adjacent Ca atoms reproduced the dispersion of the intensity distribution of the Ca column in the experimental image

Collective Chasing Behavior between Cooperators and Defectors in the Spatial Prisoner’s Dilemma

Cooperation is one of the essential factors for all biological organisms in major evolutionary transitions. Recent studies have investigated the effect of migration for the evolution of cooperation. However, little is known about whether and how an individuals’ cooperativeness coevolves with mobility. One possibility is that mobility enhances cooperation by enabling cooperators to escape from defectors and form clusters; the other possibility is that mobility inhibits cooperation by helping the defectors to catch and exploit the groups of cooperators. In this study we investigate the coevolutionary dynamics by using the prisoner’s dilemma game model on a lattice structure. The computer simulations demonstrate that natural selection maintains cooperation in the form of evolutionary chasing between the cooperators and defectors. First, cooperative groups grow and collectively move in the same direction. Then, mutant defectors emerge and invade the cooperative groups, after which the defectors exploit the cooperators. Then other cooperative groups emerge due to mutation and the cycle is repeated. Here, it is worth noting that, as a result of natural selection, the mobility evolves towards directional migration, but not to random or completely fixed migration. Furthermore, with directional migration, the rate of global population extinction is lower when compared with other cases without the evolution of mobility (i.e., when mobility is preset to random or fixed). These findings illustrate the coevolutionary dynamics of cooperation and mobility through the directional chasing between cooperators and defectors

Anion ordering enables fast H¯ conduction at low temperatures

H¯イオンの低温高速伝導を実現. 京都大学プレスリリース. 2021-06-03.Bringing order to hydrogen energy devices. 京都大学プレスリリース. 2021-06-03.The introduction of chemical disorder by substitutional chemistry into ionic conductors is the most commonly used strategy to stabilize high-symmetric phases while maintaining ionic conductivity at lower temperatures. In recent years, hydride materials have received much attention owing to their potential for new energy applications, but there remains room for development in ionic conductivity below 300°C. Here, we show that layered anion-ordered Ba2−δH3−2δX (X = Cl, Br, and I) exhibit a remarkable conductivity, reaching 1 mS cm⁻¹ at 200°C, with low activation barriers allowing H⁻ conduction even at room temperature. In contrast to structurally related BaH2 (i.e., Ba2H4), the layered anion order in Ba2−δH3−2δX, along with Schottky defects, likely suppresses a structural transition, rather than the traditional chemical disorder, while retaining a highly symmetric hexagonal lattice. This discovery could open a new direction in electrochemical use of hydrogen in synthetic processes and energy devices

Solution plasma synthesis of Si nanoparticles

Silicon nanoparticles (Si-NPs) were directly synthesized from a Si bar electrode via a solution plasma. In order to produce smaller Si-NPs, the effects of different electrolytes and applied voltages on the product were investigated in the experiments detailed in this paper. The results demonstrated that the use of an acidic solution of 0.1 M HCl or HNO3 produced Si-NPs without SiO2 formation. According to the transmission electron microscopy and electron energy-loss spectroscopy, the obtained Si-NPs contained both amorphous and polycrystalline Si particles, among which the smaller Si-NPs tended to be amorphous. When an alkaline solution of K2CO3 was used instead, amorphous SiO2 particles were synthesized owing to the corrosion of Si in the high-temperature environment. The pH values of KCl and KNO3 increased during electrolysis, and the products were partially oxidized in the alkaline solutions. The particle size increased with an increasing applied voltage because the excitation temperature of the plasma increased

Synthesis of ZnO nanoflowers by solution plasma

We synthesized ZnO nanoflowers using a solution plasma. We examined the effects of the applied voltage and the concentration of the electrolyte on the morphology of the products. In the experiments, the zinc wire (cathode) was immersed in an electrolysis solution of K2CO3 (concentration: 0.01 to 5.00 M) and was electrically melted by a glow discharge at different voltages ranging from 42 to 200 V. The results revealed that the products were nanoflowers having many nanorods (size: <100 nm). The ZnO nanoflowers had a wurtzite structure with the [0001] orientation in the growth direction. The product morphology changed with a change in the concentration of the electrolyte, C, and the applied voltage, V; that is, nanoflowers were generated under the limited conditions of (C, V) = (1.0 M, 66 V), (0.5 M, 80 V), and (0.1 M, 105 V)

A facile solution combustion synthesis of nanosized amorphous iron oxide incorporated in a carbon matrix for use as a high-performance lithium ion battery anode material

An amorphous iron oxide-carbon composite has been fabricated through an effective, inexpensive, and scalable method employing solution combustion synthesis. Amorphous iron oxide nanoparticles with diameters of about 5 nm were synthesized and uniformly embedded in a dense carbon matrix. The synthesized composite exhibits enhanced cyclability and rate capability, showing a high reversible capacity of 687 mA h g(1) after 200 discharge/charge cycles at a current rate of 0.5 A g (1), compared to the 400 mA h g (1) observed for Fe2O3 nanoparticles. This enhanced performance was retained despite more demanding conditions, delivering a high capacity of about 525 mA h g (1) and a nearly perfect coulombic efficiency even after 400 cycles at 1 A g (1). The easy production and superior electrochemical properties of this composite suggest that it is a promising material for use as an anode material in high performance lithium ion batteries