Collaborating Authors

U.S. Finance Sector Hit with Targeted Backdoor Campaign


The financial services sector in the U.S. found itself under a barrage of cyberattacks last month, all bent on delivering a powerful backdoor called Minebridge. The attack chain employed a known method called "VBS Stomping" to avoid detection. According to researchers at FireEye, the campaigns, aimed at enabling further malware infections and espionage efforts, were initiated via phishing emails with attached documents containing malicious macros. The emails were coming from fake domains that were geared to add legitimacy to the messages, resulting in a convincing theme running throughout the proceedings. For instance, the first campaign, initially spotted on Jan. 7, carried a tax theme (subject line: "Tax Return File," with IRS-related text in the message).

EU proposes banning encryption backdoors


The European Union might want it to be easier for police to obtain data, but that doesn't mean it'll be easy for officers to read that data. The European Parliament has proposed amended regulation that would not only require end-to-end encryption when available, but forbid backdoors that offer guaranteed access to law enforcement. EU residents need to know that the "confidentiality and safety" of their data is "guaranteed," according to the draft, and backdoors risk "weakening" that privacy. The proposal has to be approved by Parliament and then reviewed by the EU Council, so there's still a chance that the rules will be softened if and when the amendments pass. If they do clear, though, they could set up a conflict between the EU and countries that aren't so fond of encryption.

Custom developed Dripion backdoor used in highly targeted attacks in Asia, US


A new custom developed backdoor program has been used in highly targeted attacks against organizations from Taiwan, Japan, South Korea and the U.S. over the past year. Malware researchers from Symantec first came across the program, which they've named Dripion, in August 2015. However, due to its custom nature and sparse use, it has managed to fly under the radar since as early as November 2013. When their analysis began, the Symantec researchers believed Dripion was a local threat used against organizations in Taiwan, where most of its victims were found. However, since then, they have found computers infected with the backdoor in other countries as well.

Backdoors into Heterogeneous Classes of SAT and CSP Artificial Intelligence

In this paper we extend the classical notion of strong and weak backdoor sets for SAT and CSP by allowing that different instantiations of the backdoor variables result in instances that belong to different base classes; the union of the base classes forms a heterogeneous base class. Backdoor sets to heterogeneous base classes can be much smaller than backdoor sets to homogeneous ones, hence they are much more desirable but possibly harder to find. We draw a detailed complexity landscape for the problem of detecting strong and weak backdoor sets into heterogeneous base classes for SAT and CSP.

Backdoors to Abduction

AAAI Conferences

Abductive reasoning (or Abduction, for short) is among the most fundamental AI reasoning methods, with a broad range of applications, including fault diagnosis, belief revision, and automated planning. Unfortunately, Abduction is of high computational complexity; even propositional Abduction is Σ 2 P -complete and thus harder than NP and coNP. This complexity barrier rules out the existence of a polynomial transformation to propositional satisfiability (SAT). In this work we use structural properties of the Abduction instance to break this complexity barrier. We utilize the problem structure in terms of small backdoor sets. We present fixed-parameter tractable transformations from Abduction to SAT, which make the power of today's SAT solvers available to Abduction.