Monthly Archives: July 2016

Further the analysis of microbial genomes

The Cloud Infrastructure for Microbial Bioinformatics (or CLIMB project) is a resource for the UK’s medical microbiology community and international partners. It will support their research by providing free cloud-based computing, storage, and analysis tools.

CLIMB is a collaboration between academic and computing staff at the University of Warwick and the Universities of Bath, Birmingham, Cardiff and Swansea.

Professor Mark Pallen iof Microbial Genomics at the University of Warwick is the principal investigator on the project. He said: “CLIMB represents a user-friendly, one-stop shop for sharing software and data between medical microbiologists in the academic and clinical arenas.

“Using the cloud means that rather than dozens, or even hundreds, of research groups across the country having to set up and maintain their own servers, users can access shared pre-configured computational resources on demand.”

Key to the set-up is the concept of virtualisation, which allows users to work in a simulated computer environment populated by virtual machines (VMs), which sit on top of the physical hardware, but look to the user just like conventional servers. Four of the universities involved each has the same equipment installed, which will work as an integrated system. It offers researchers huge data storage capabilities, very high-memory research servers for maximum performance and integration with relevant biological databases.

The project is funded by the UK’s Medical Research Council and is supported by three world-class medical research fellows and two newly refurbished bioinformatics facilities at the Universities of Warwick and Swansea.

With improvements in sequencing technologies, generating genomic data sets has become much easier. However, many academics don’t have the access to the resources that they need to perform the subsequent bioinformatics analyses.

CLIMB will provide them with the ability to do this and to share scripts and pipelines. There are also plans for workshops and meetings to train, share knowledge and develop the microbial bioinformatics community.

Nick Loman, CLIMB research fellow at the University of Birmingham said: “We have already used CLIMB to analyse and share data from the Ebola outbreak in West Africa. This represents a step-change in collaborative working, particularly when faced with public health emergencies.”

Professor Pallen added: “We see CLIMB as more than an academic facility; instead, we hope it will act as a bridge between academics and public health professionals, facilitating sharing of skills, knowledge and approaches between the two communities, as well as exchange of software and data.”

Model of adware and other unwanted software

Few computer users have been spared the nuisance of unwanted software: Following what appears to be a legitimate software update or download, a barrage of advertisements overruns the screen, or a flashing pop-up warns of the presence of malware, demanding the purchase of what is often fraudulent antivirus software. On other occasions, the system’s default browser is hijacked, redirecting to ad-laden pages.

Despite the prevalence of such unwanted software — Google tracks more than 60 million attempted installs per week, three times the number of malware attempts — the source of these installs and the business model underlying the practice were not well understood. The researchers from Google and New York University Tandon School of Engineering conducted the first analysis of the link between commercial pay-per-install (PPI) practices and the distribution of unwanted software.

Kurt Thomas, a research scientist at Google, and Damon McCoy, an assistant professor of computer science and engineering at NYU Tandon, led a team of researchers from Safe Browsing and Chrome Security to investigate commercial PPI schemes as a main vehicle for moving unwanted software from developers to unwitting installers. Their paper, Investigating Commercial Pay-Per-Install and the Distribution of Unwanted Software, will be presented at the USENIX Security Symposium, a top computer security conference, in Austin, Texas, next week.

Commercial PPI is a monetization scheme wherein third-party applications — often consisting of unwanted software such as adware, scareware, and browser hijacking programs — are bundled with legitimate applications in exchange for payment to the legitimate software company. When users install the package, they get the desired piece of software as well as a stream of unwanted programs riding stowaway. Thomas, McCoy, and their colleagues cite reports indicating that commercial PPI is a highly lucrative global business, with one outfit reporting $460 million in revenue in 2014 alone. It should be noted that this revenue reflects a mix of both legitimate as well as unwanted software downloads.

“If you’ve ever downloaded a screen saver or other similar feature for your laptop, you’ve seen a ‘terms and conditions’ page pop up where you consent to the installation,” McCoy explained. “Buried in the text that nobody reads is information about the bundle of unwanted software programs in the package you’re about to download.” The presence of a consent form allows businesses to operate legally, but McCoy classifies the extra applications as “treading a fine line between malware and unwanted software.”

The report explains that PPI businesses operate through a network of affiliates — brokers who forge the deals that bundle advertisements (often unwanted software) with popular software applications, then place download offers on well-trafficked sites where they’re likely to be clicked on. Parties are paid separately — meaning some legitimate developers do not know their products are being bundled with unwanted software — and they are paid as much as two dollars per install.

To better understand the install process, the researchers gained access to four PPI affiliates by routinely downloading the software packages and analyzing the components. Among their more important discoveries was the degree to which such downloaders are personalized to maximize the chances that their payload will be delivered.

When an installer runs, the user’s computer is “fingerprinted” to determine which adware is available to run on that particular machine. Additionally, the downloader searches for antivirus protection, factoring in the presence or absence of such protections in its approach. “They do their best to bypass antivirus, so the program will intentionally inject those elements — whether it’s adware or scareware — that are likeliest to evade whichever antivirus program is running,” McCoy said.

Google has long tracked web pages known to harbor unwanted software offers and continuously updates the Safe Browsing protection in its Chrome browser to warn users when they visit such pages. Yet research shows that PPI affiliates are also adjusting their tactics in an attempt to dodge Safe Browsing detection.