Synthesizing Program Input Grammars

We present an algorithm for synthesizing a context-free grammar encoding the language of valid program inputs from a set of input examples and blackbox access to the program. Our algorithm addresses shortcomings of existing grammar inference algorithms, which both severely overgeneralize and are prohibitively slow. Our implementation, GLADE, leverages the grammar synthesized by our algorithm to fuzz test programs with structured inputs. We show that GLADE substantially increases the incremental coverage on valid inputs compared to two baseline fuzzers

Compatibility of Breeding Techniques in Organic Systems

Introduction The rapid development of genetic engineering techniques is leading to a level of genetic disruption never experienced before. In order to safeguard organic integrity and to ensure organic food will continue to meet the highest consumer expectations in this challenging situation, IFOAM - Organics International is proposing a number of measures to be put in place to further fortify and enhance the organic sector’s available genetic resources. This position paper provides clarity and transparency on the criteria used by the organic sector as to what breeding techniques are compatible with organic systems, which techniques to exclude, and definitions on what should be considered as genetic engineering and genetically modified organisms (GMOs). We further differentiate between the criteria relevant for organic breeding as defined in the IFOAM – Organics International norms, versus the criteria for cultivars and breeds derived from nonorganic breeding programs regarding their compatibility for the use in commercial organic production and processing. The following experts are members of the IFOAM Working Group on New Plant Breeding Techniques: Michael Glos, Monika Messmer, Gebhard Rossmanith, Gunter Backes, Michael Sligh, Adrian Rodriguez-Burruezo, Heli Matilainen, Andre Leu, Louise Luttikholt, Helen Jensen, Eric Gall, Chito Medina, Krishna Prasad, Kirsten Arp

ANCHOR: logically-centralized security for Software-Defined Networks

While the centralization of SDN brought advantages such as a faster pace of innovation, it also disrupted some of the natural defenses of traditional architectures against different threats. The literature on SDN has mostly been concerned with the functional side, despite some specific works concerning non-functional properties like 'security' or 'dependability'. Though addressing the latter in an ad-hoc, piecemeal way, may work, it will most likely lead to efficiency and effectiveness problems. We claim that the enforcement of non-functional properties as a pillar of SDN robustness calls for a systemic approach. As a general concept, we propose ANCHOR, a subsystem architecture that promotes the logical centralization of non-functional properties. To show the effectiveness of the concept, we focus on 'security' in this paper: we identify the current security gaps in SDNs and we populate the architecture middleware with the appropriate security mechanisms, in a global and consistent manner. Essential security mechanisms provided by anchor include reliable entropy and resilient pseudo-random generators, and protocols for secure registration and association of SDN devices. We claim and justify in the paper that centralizing such mechanisms is key for their effectiveness, by allowing us to: define and enforce global policies for those properties; reduce the complexity of controllers and forwarding devices; ensure higher levels of robustness for critical services; foster interoperability of the non-functional property enforcement mechanisms; and promote the security and resilience of the architecture itself. We discuss design and implementation aspects, and we prove and evaluate our algorithms and mechanisms, including the formalisation of the main protocols and the verification of their core security properties using the Tamarin prover.Comment: 42 pages, 4 figures, 3 tables, 5 algorithms, 139 reference

Socio-economic impact of GMOs on African consumers

The debate surrounding genetically modified organisms (GMOs) remains an important one for consumers and consumer organisations the world over, and is characterized by strong views for, and against the technology. The debate is of particular interest to Africa, where the countries are yet to embrace the new technology and where food security challenges tend to amplify the dilemma faced by decision-makers. Consumers, represented through the work of consumer organizations, are a very active and vocal constituency in this debate, as it unfolds in Africa.The objective of this paper is to inform the reader on how the consumer movement has contributed to the GMO debate in Africa in the past few years and to highlight the potential socio-economic impacts on African consumers. Firstly, the paper summarises the consumer movement and its work with the Joint Advocacy Project on GMOs; and secondly looks at the potential social, ethical and cultural impacts. Economic and environmental impacts are also discussed. The Socio-Economic Impact Assessment tool is highlighted as one of several tools to guide bio-safety decision-making policy. A few recommendations and policy implications are given at the end of the paper

A Covert Data Transport Protocol

Both enterprise and national firewalls filter network connections. For data forensics and botnet removal applications, it is important to establish the information source. In this paper, we describe a data transport layer which allows a client to transfer encrypted data that provides no discernible information regarding the data source. We use a domain generation algorithm (DGA) to encode AES encrypted data into domain names that current tools are unable to reliably differentiate from valid domain names. The domain names are registered using (free) dynamic DNS services. The data transmission format is not vulnerable to Deep Packet Inspection (DPI).Comment: 8 pages, 10 figures, conferenc