117 research outputs found
Network security mechanisms and implementations for the next generation reliable fast data transfer protocol - UDT
University of Technology, Sydney. Faculty of Engineering and Information Technology.TCP protocol variants (such as FAST, BiC, XCP, Scalable and High Speed) have
demonstrated improved performance in simulation and in several limited
network experiments. However, practical use of these protocols is still very
limited because of implementation and installation difficulties. Users who
require to transfer bulk data (e.g., in Cloud/GRID computing) usually turn to
application level solutions where these variants do not fair well. Among protocols
considered in the application level are User Datagram Protocol (UDP)-based
protocols, such as UDT (UDP-based Data Transport Protocol). UDT is one of the
most recently developed new transport protocols with congestion control
algorithms. It was developed to support next generation high-speed networks,
including wide area optical networks. It is considered a state-of-the-art protocol,
addressing infrastructure requirements for transmitting data in high-speed
networks. Its development, however, creates new vulnerabilities because like
many other protocols, it relies solely on the existing security mechanisms for
current protocols such as the Transmission Control Protocol (TCP) and UDP.
Certainly, both UDT and the decades-old TCP/UDP lack a well-thought-out
security architecture that addresses problems in today’s networks. In this
dissertation, we focus on investigating UDT security issues and offer important
contributions to the field of network security. The choice of UDT is significant for
several reasons: UDT as a newly designed next generation protocol is considered
one of the most promising and fastest protocols ever created that operates on top
of the UDP protocol. It is a reliable UDP-based application-level data-transport
protocol intended for distributing data intensive applications over wide area
high-speed networks. It can transfer data in a highly configurable framework and
can accommodate various congestion control algorithms. Its proven success at
transferring terabytes of data gathered from outer space across long distances is
a testament to its significant commercial promise. In this work, our objective is to
examine a range of security methods used on existing mature protocols such as
TCP and UDP and evaluate their viability for UDT. We highlight the security
limitations of UDT and determine the threshold of feasible security schemes
within the constraints under which UDT was designed and developed.
Subsequently, we provide ways of securing applications and traffic using UDT
protocol, and offer recommendations for securing UDT. We create security
mechanisms tailored for UDT and propose a new security architecture that can
assist network designers, security investigators, and users who want to
incorporate security when implementing UDT across wide area networks.
We then conduct practical experiments on UDT using our security mechanisms
and explore the use of other existing security mechanisms used on TCP/UDP for
UDT. To analyse the security mechanisms, we carry out a formal proof of
correctness to assist us in determining their applicability by using Protocol
Composition Logic (PCL). This approach is modular, comprising a separate proof
of each protocol section and providing insight into the network environment in
which each section can be reliably employed. Moreover, the proof holds for a
variety of failure recovery strategies and other implementation and configuration
options. We derive our technique from the PCL on TLS and Kerberos in the
literature. We maintain, however, the novelty of our work for UDT particularly
our newly developed mechanisms such as UDT-AO, UDT-DTLS, UDT-Kerberos
(GSS-API) specifically for UDT, which all now form our proposed UDT security
architecture.
We further analyse this architecture using rewrite systems and automata. We
outline and use symbolic analysis approach to effectively verify our proposed
architecture. This approach allows dataflow replication in the implementation of
selected mechanisms that are integrated into the proposed architecture. We
consider this approach effective by utilising the properties of the rewrite systems
to represent specific flows within the architecture to present a theoretical and
reliable method to perform the analysis. We introduce abstract representations of
the components that compose the architecture and conduct our investigation,
through structural, semantics and query analyses.
The result of this work, which is first in the literature, is a more robust
theoretical and practical representation of a security architecture of UDT, viable
to work with other high speed network protocols
A pragmatic approach: Achieving acceptable security mechanisms for high speed data transfer protocol-UDT
The development of next generation protocols, such as UDT (UDP-based data transfer), promptly addresses various infrastructure requirements for transmitting data in high speed networks. However, this development creates new vulnerabilities when these protocols are designed to solely rely on existing security solutions of existing protocols such as TCP and UDP. It is clear that not all security protocols (such as TLS) can be used to protect UDT, just as security solutions devised for wired networks cannot be used to protect the unwired ones. The development of UDT, similarly in the development of TCP/UDP many years ago, lacked a well-thought security architecture to address the problems that networks are presently experiencing. This paper proposes and analyses practical security mechanisms for UDT
Introduction and analysis of SDN and NFV security architecture (SN-SECA)
© 2015 IEEE. There have been a few literature published about the security risks expected on the implementations of SDN and NFV (SN), however, no formal Security Architecture with practical attributes was proposed until recently. The first of its kind SN-Security Architecture (SN-SECA) was presented as an IETF draft. This draft presents the architecture with specific ascription to ensure effective security evaluation and integration on the SDN/NVF designs and implementations. This paper briefly introduces the proposed architecture and employs methods to analyze and verify its underlying security attributes. A unified method to review SN-SECA through symbolic analysis previews traffic process flow behavior across an infrastructure with SDN and NFV frameworks. The result of this work highlights the fundamental but important role of each attribute and its flow, and overall viability of the proposed architecture for SDN and NFV that protractedly useful to security practitioners
Synchronous collecting duct carcinoma and papillary renal cell carcinoma: A case report and review of the literature
The coexistence of multiple and synchronous primary neoplasms in the same organ (including kidney) has only rarely been described in the literature. We herein present a case of collecting duct carcinoma (CDC) combined with papillary renal carcinoma (RCC) having a 57-month disease-free survival. CDC is a rather rare and aggressive neoplasm of the kidney. Sharing probably the same embryological origin, synchronous or metachronous association with in situ or papillary transitional cell carcinoma (TCC) may be found; association with RCC has been only once reported in the literature. The high incidence of c-erbB-2 oncogene amplification in CDC further characterizes this tumor as a separate entity from renal cell carcinoma, and shows some genetic characteristics in common with TCC. The histohgical diagnosis of Bellini CDC can be confirmed by the positive immuno-histochemical staining with a collecting duct marker and distal tubule marker and negative staining with a proximal tubule marker
A frequentist framework of inductive reasoning
Reacting against the limitation of statistics to decision procedures, R. A.
Fisher proposed for inductive reasoning the use of the fiducial distribution, a
parameter-space distribution of epistemological probability transferred
directly from limiting relative frequencies rather than computed according to
the Bayes update rule. The proposal is developed as follows using the
confidence measure of a scalar parameter of interest. (With the restriction to
one-dimensional parameter space, a confidence measure is essentially a fiducial
probability distribution free of complications involving ancillary statistics.)
A betting game establishes a sense in which confidence measures are the only
reliable inferential probability distributions. The equality between the
probabilities encoded in a confidence measure and the coverage rates of the
corresponding confidence intervals ensures that the measure's rule for
assigning confidence levels to hypotheses is uniquely minimax in the game.
Although a confidence measure can be computed without any prior distribution,
previous knowledge can be incorporated into confidence-based reasoning. To
adjust a p-value or confidence interval for prior information, the confidence
measure from the observed data can be combined with one or more independent
confidence measures representing previous agent opinion. (The former confidence
measure may correspond to a posterior distribution with frequentist matching of
coverage probabilities.) The representation of subjective knowledge in terms of
confidence measures rather than prior probability distributions preserves
approximate frequentist validity.Comment: major revisio
Computer vision and machine learning for robust phenotyping in genome-wide studies
Traditional evaluation of crop biotic and abiotic stresses are time-consuming and labor-intensive limiting the ability to dissect the genetic basis of quantitative traits. A machine learning (ML)-enabled image-phenotyping pipeline for the genetic studies of abiotic stress iron deficiency chlorosis (IDC) of soybean is reported. IDC classification and severity for an association panel of 461 diverse plant-introduction accessions was evaluated using an end-to-end phenotyping workflow. The workflow consisted of a multi-stage procedure including: (1) optimized protocols for consistent image capture across plant canopies, (2) canopy identification and registration from cluttered backgrounds, (3) extraction of domain expert informed features from the processed images to accurately represent IDC expression, and (4) supervised ML-based classifiers that linked the automatically extracted features with expert-rating equivalent IDC scores. ML-generated phenotypic data were subsequently utilized for the genome-wide association study and genomic prediction. The results illustrate the reliability and advantage of ML-enabled image-phenotyping pipeline by identifying previously reported locus and a novel locus harboring a gene homolog involved in iron acquisition. This study demonstrates a promising path for integrating the phenotyping pipeline into genomic prediction, and provides a systematic framework enabling robust and quicker phenotyping through ground-based systems
Involvement of PPAR-γ in the neuroprotective and anti-inflammatory effects of angiotensin type 1 receptor inhibition: effects of the receptor antagonist telmisartan and receptor deletion in a mouse MPTP model of Parkinson's disease
<p>Abstract</p> <p>Background</p> <p>Several recent studies have shown that angiotensin type 1 receptor (AT1) antagonists such as candesartan inhibit the microglial inflammatory response and dopaminergic cell loss in animal models of Parkinson's disease. However, the mechanisms involved in the neuroprotective and anti-inflammatory effects of AT1 blockers in the brain have not been clarified. A number of studies have reported that AT1 blockers activate peroxisome proliferator-activated receptor gamma (PPAR γ). PPAR-γ activation inhibits inflammation, and may be responsible for neuroprotective effects, independently of AT1 blocking actions.</p> <p>Methods</p> <p>We have investigated whether oral treatment with telmisartan (the most potent PPAR-γ activator among AT1 blockers) provides neuroprotection against dopaminergic cell death and neuroinflammation, and the possible role of PPAR-γ activation in any such neuroprotection. We used a mouse model of parkinsonism induced by the dopaminergic neurotoxin 1-methyl-4-phenyl-1,2,3,6-tetrahydropyridine (MPTP) and co-administration of the PPAR-γ antagonist GW9662 to study the role of PPAR-γ activation. In addition, we used AT1a-null mice lesioned with MPTP to study whether deletion of AT1 in the absence of any pharmacological effect of AT1 blockers provides neuroprotection, and investigated whether PPAR-γ activation may also be involved in any such effect of AT1 deletion by co-administration of the PPAR-γ antagonist GW9662.</p> <p>Results</p> <p>We observed that telmisartan protects mouse dopaminergic neurons and inhibits the microglial response induced by administration of MPTP. The protective effects of telmisartan on dopaminergic cell death and microglial activation were inhibited by co-administration of GW9662. Dopaminergic cell death and microglial activation were significantly lower in AT1a-null mice treated with MPTP than in mice not subjected to AT1a deletion. Interestingly, the protective effects of AT1 deletion were also inhibited by co-administration of GW9662.</p> <p>Conclusion</p> <p>The results suggest that telmisartan provides effective neuroprotection against dopaminergic cell death and that the neuroprotective effect is mediated by PPAR-γ activation. However, the results in AT1-deficient mice show that blockage of AT1, unrelated to the pharmacological properties of AT1 blockers, also protects against dopaminergic cell death and neuroinflammation. Furthermore, the results show that PPAR-γ activation is involved in the anti-inflammatory and neuroprotective effects of AT1 deletion.</p
Multisite Phosphorylation Provides an Effective and Flexible Mechanism for Switch-Like Protein Degradation
Phosphorylation-triggered degradation is a common strategy for elimination of regulatory proteins in many important cell signaling processes. Interesting examples include cyclin-dependent kinase inhibitors such as p27 in human and Sic1 in yeast, which play crucial roles during the G1/S transition in the cell cycle. In this work, we have modeled and analyzed the dynamics of multisite-phosphorylation-triggered protein degradation systematically. Inspired by experimental observations on the Sic1 protein and a previous intriguing theoretical conjecture, we develop a model to examine in detail the degradation dynamics of a protein featuring multiple phosphorylation sites and a threshold site number for elimination in response to a kinase signal. Our model explains the role of multiple phosphorylation sites, compared to a single site, in the regulation of protein degradation. A single-site protein cannot convert a graded input of kinase increase to much sharper output, whereas multisite phosphorylation is capable of generating a highly switch-like temporal profile of the substrate protein with two characteristics: a temporal threshold and rapid decrease beyond the threshold. We introduce a measure termed temporal response coefficient to quantify the extent to which a response in the time domain is switch-like and further investigate how this property is determined by various factors including the kinase input, the total number of sites, the threshold site number for elimination, the order of phosphorylation, the kinetic parameters, and site preference. Some interesting and experimentally verifiable predictions include that the non-degradable fraction of the substrate protein exhibits a more switch-like temporal profile; a sequential system is more switch-like, while a random system has the advantage of increased robustness; all the parameters, including the total number of sites, the threshold site number for elimination and the kinetic parameters synergistically determine the exact extent to which the degradation profile is switch-like. Our results suggest design principles for protein degradation switches which might be a widespread mechanism for precise regulation of cellular processes such as cell cycle progression
Massive-Scale RNA-Seq Analysis of Non Ribosomal Transcriptome in Human Trisomy 21
Hybridization- and tag-based technologies have been successfully used in Down
syndrome to identify genes involved in various aspects of the pathogenesis.
However, these technologies suffer from several limits and drawbacks and, to
date, information about rare, even though relevant, RNA species such as long and
small non-coding RNAs, is completely missing. Indeed, none of published works
has still described the whole transcriptional landscape of Down syndrome.
Although the recent advances in high-throughput RNA sequencing have revealed the
complexity of transcriptomes, most of them rely on polyA enrichment protocols,
able to detect only a small fraction of total RNA content. On the opposite end,
massive-scale RNA sequencing on rRNA-depleted samples allows the survey of the
complete set of coding and non-coding RNA species, now emerging as novel
contributors to pathogenic mechanisms. Hence, in this work we analysed for the
first time the complete transcriptome of human trisomic endothelial progenitor
cells to an unprecedented level of resolution and sensitivity by RNA-sequencing.
Our analysis allowed us to detect differential expression of even low expressed
genes crucial for the pathogenesis, to disclose novel regions of active
transcription outside yet annotated loci, and to investigate a
plethora of non-polyadenilated long as well as short non coding RNAs. Novel
splice isoforms for a large subset of crucial genes, and novel extended
untranslated regions for known genes—possibly novel miRNA targets or
regulatory sites for gene transcription—were also identified in this
study. Coupling the rRNA depletion of samples, followed by high-throughput
RNA-sequencing, to the easy availability of these cells renders this approach
very feasible for transcriptome studies, offering the possibility of
investigating in-depth blood-related pathological features of Down syndrome, as
well as other genetic disorders
- …