Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor

Gone Rogue: An Analysis of Rogue Security Software Campaigns

In the past few years, Internet miscreants have developed a number of techniques to defraud and make a hefty profit out of their unsuspecting victims. A troubling, recent example of this trend is cyber-criminals distributing rogue security software, that is malicious programs that,by pretending to be legitimate security tools (e.g., anti-virus or anti-spyware), deceive users into paying a substantial amount of money in exchange for little or no protection.While the technical and economical aspects of rogue security software (e.g., its distribution and monetization mechanisms) are relatively well-understood, much less is known about the campaigns through which this type of malware is distributed, that is what are the underlying techniques and coordinated efforts employed by cyber-criminals to spread their malware.In this paper, we present the techniques we used to analyze rogue security software campaigns, with an emphasis on the infrastructure employed in the campaign and the life-cycle of the clients that they infect

Technology and Process Design for Phenols Recovery from Industrial Chicory (Chicorium intybus) Leftovers

Vegetal leftovers from the agro–food industry represent a huge source of primary and secondary metabolites, vitamin, mineral salts and soluble as well as insoluble fibers. Economic reports on the growth in the polyphenol market have driven us to focus our investigation on chicory (Chicorium intybus L.), which is one of the most popular horticultural plants in the world and a rich source of phenolic compounds. Ultrasound-assisted extraction (UAE), microwave-assisted extraction (MAE) and their simultaneous combination, using either ethanol/water or water alone (also sub-critical), have been investigated with the aim of designing a green and efficient extraction process. Higher total-polyphenol yields as well as dramatic reductions in extraction times and solvent consumption have been obtained under these conditions. ANOVA test for analyses of variance followed by the Tukey honestly significant difference (HSD) post-hoc test of multiple comparisons was used in the statistical analysis. MAE experiments performed with sub-critical water, and MW/US experiments with an ethanol solution have shown polyphenol recovery values of up to ~3 g of gallic acid equivalents (GAE) per kg of fresh material in only 15 min, while conventional extraction required 240 min to obtain the same result

optimisation of industrial parts by mesh morphing enabled automatic shape sculpting

n/

Crack Propagation Analysis of Near-Surface Defects with Radial Basis Functions Mesh Morphing

Abstract Fracture mechanics analysis is nowadays adopted in several industrial fields to assess the capability of components to withstand fatigue loads. Finite Element Method (FEM) is a well-established tool for the evaluation of flaw Stress Intensity Factors (SIF) and for the survey of its propagation. Nevertheless the study of the growth of near-surface circular and elliptical cracks is still an arduous task to be faced with FEM. In fact, the interaction of the flaw with free surfaces leads the crack front to assume complex shapes, whose simulation cannot be easily accomplished. A possible answer to deal with such a problem is to use the mesh morphing technique, a nodal relocation methodology, that allows to cover different problems. In fact, with mesh morphing, it is possible to fit the baseline flaw front with the desired shape (generic shape) and to automatically simulate its evolution at a certain number of cycles. In the proposed work this approach is demonstrated exploiting ANSYS Mechanical as FEM tool and RBF Morph ACT Extension as mesh-morpher. The results of the proposed workflow are compared with those available in literature

Synergistic Effects of Active Sites' Nature and Hydrophilicity on Oxygen Reduction Reaction Activity of Pt-Free Catalysts

This work highlights the importance of the hydrophilicity of a catalyst’s active sites on an oxygen reduction reaction (ORR) through an electrochemical and physico-chemical study on catalysts based on nitrogen-modified carbon doped with different metals (Fe, Cu, and a mixture of them). BET, X-ray Powder Diffraction (XRPD), micro-Raman, X-ray Photoelectron Spectroscopy (XPS), Scanning Electron Microscopy (SEM), Scanning Transmission Electron Microscopy (STEM), and hydrophilicity measurements were performed. All synthesized catalysts are characterized not only by a porous structure, with the porosity distribution centered in the mesoporosity range, but also by the presence of carbon nanostructures. In iron-doped materials, these nanostructures are bamboo-like structures typical of nitrogen carbon nanotubes, which are better organized, in a larger amount, and longer than those in the copper-doped material. Electrochemical ORR results highlight that the presence of iron and nitrogen carbon nanotubes is beneficial to the electroactivity of these materials, but also that the hydrophilicity of the active site is an important parameter affecting electrocatalytic properties. The most active material contains a mixture of Fe and Cu

Cerebral hypoperfusion in post-COVID-19 cognitively impaired subjects revealed by arterial spin labeling MRI

Cognitive impairment is one of the most prevalent symptoms of post Severe Acute Respiratory Syndrome COronaVirus 2 (SARS-CoV-2) state, which is known as Long COVID. Advanced neuroimaging techniques may contribute to a better understanding of the pathophysiological brain changes and the underlying mechanisms in post-COVID-19 subjects. We aimed at investigating regional cerebral perfusion alterations in post-COVID-19 subjects who reported a subjective cognitive impairment after a mild SARS-CoV-2 infection, using a non-invasive Arterial Spin Labeling (ASL) MRI technique and analysis. Using MRI-ASL image processing, we investigated the brain perfusion alterations in 24 patients (53.0 ± 14.5 years, 15F/9M) with persistent cognitive complaints in the post COVID-19 period. Voxelwise and region-of-interest analyses were performed to identify statistically significant differences in cerebral blood flow (CBF) maps between post-COVID-19 patients, and age and sex matched healthy controls (54.8 ± 9.1 years, 13F/9M). The results showed a significant hypoperfusion in a widespread cerebral network in the post-COVID-19 group, predominantly affecting the frontal cortex, as well as the parietal and temporal cortex, as identified by a non-parametric permutation testing (p < 0.05, FWE-corrected with TFCE). The hypoperfusion areas identified in the right hemisphere regions were more extensive. These findings support the hypothesis of a large network dysfunction in post-COVID subjects with cognitive complaints. The non-invasive nature of the ASL-MRI method may play an important role in the monitoring and prognosis of post-COVID-19 subjects

Photon-number statistics with Silicon photomultipliers

We present a description of the operation of a multi-pixel detector in the presence of non-negligible dark-count and cross-talk effects. We apply the model to devise self-consistent calibration strategies to be performed on the very light under investigation