Helix++: A platform for efficiently securing software

The open-source Helix++ project improves the security posture of computing platforms by applying cutting-edge cybersecurity techniques to diversify and harden software automatically. A distinguishing feature of Helix++ is that it does not require source code or build artifacts; it operates directly on software in binary form--even stripped executables and libraries. This feature is key as rebuilding applications from source is a time-consuming and often frustrating process. Diversification breaks the software monoculture and makes attacks harder to execute as information needed for a successful attack will have changed unpredictably. Diversification also forces attackers to customize an attack for each target instead of attackers crafting an exploit that works reliably on all similarly configured targets. Hardening directly targets key attack classes. The combination of diversity and hardening provides defense-in-depth, as well as a moving target defense, to secure the Nation's cyber infrastructure.Comment: 4 pages, 1 figure, white pape

The contributions of snow, fog, and dry deposition to the summer flux of anions and cations at Summit, Greenland

Experiments were performed during the period May–July of 1993 at Summit, Greenland. Aerosol mass size distributions as well as daily average concentrations of several anionic and cationic species were measured. Dry deposition velocities for SO42− were estimated using surrogate surfaces (symmetric airfoils) as well as impactor data. Real-time concentrations of particles greater than 0.5 μm and greater than 0.01 μm were measured. Snow and fog samples from nearly all of the events occurring during the field season were collected. Filter sampler results indicate that SO42− is the dominant aerosol anion species, with Na+, NH4+, and Ca2+being the dominant cations. Impactor results indicate that MSA and SO42− have similar mass size distributions. Furthermore, MSA and SO42− have mass in both the accumulation and coarse modes. A limited number of samples for NH4+ indicate that it exists in the accumulation mode. Na, K, Mg, and Ca exist primarily in the coarse mode. Dry deposition velocities estimated from impactor samples and a theory for dry deposition to snow range from 0.017 cm/s +/− 0.011 cm/s for NH4+ to 0.110 cm/s +/− 0.021 cm/s for Ca. SO42− dry deposition velocity estimates using airfoils are in the range 0.023 cm/s to 0.062 cm/s, as much as 60% greater than values calculated using the airborne size distribution data. The rough agreement between the airfoil and impactor-estimated dry deposition velocities suggests that the airfoils may be used to approximate the dry deposition to the snow surface. Laser particle counter (LPC) results show that particles \u3e 0.5 μm in diameter efficiently serve as nuclei to form fog droplets. Condensation nuclei (CN) measurements indicate that particles \u3c 0.5 μm are not as greatly affected by fog. Furthermore, impactor measurements suggest that from 50% to 80% of the aerosol SO42−serves as nuclei for fog droplets. Snow deposition is the dominant mechanism transporting chemicals to the ice sheet. For NO3−, a species that apparently exists primarily in the gas phase as HNO3(g), 93% of the seasonal inventory (mass of a deposited chemical species per unit area during the season) is due to snow deposition, which suggests efficient scavenging of HNO3(g) by snowflakes. The contribution of snow deposition to the seasonal inventories of aerosols ranges from 45% for MSA to 76% for NH4+. The contribution of fog to the seasonal inventories ranges from 13% for Na+ and Ca2+ to 26% and 32% for SO42− and MSA. The dry deposition contribution to the seasonal inventories of the aerosol species is as low as 5% for NH4+ and as high as 23% for MSA. The seasonal inventory estimations do not take into consideration the spatial variability caused by blowing and drifting snow. Overall, results indicate that snow deposition of chemical species is the dominant flux mechanism during the summer at Summit and that all three deposition processes should be considered when estimating atmospheric concentrations based on ice core chemical signals

Same Coverage, Less Bloat: Accelerating Binary-only Fuzzing with Coverage-preserving Coverage-guided Tracing

Coverage-guided fuzzing's aggressive, high-volume testing has helped reveal tens of thousands of software security flaws. While executing billions of test cases mandates fast code coverage tracing, the nature of binary-only targets leads to reduced tracing performance. A recent advancement in binary fuzzing performance is Coverage-guided Tracing (CGT), which brings orders-of-magnitude gains in throughput by restricting the expense of coverage tracing to only when new coverage is guaranteed. Unfortunately, CGT suits only a basic block coverage granularity -- yet most fuzzers require finer-grain coverage metrics: edge coverage and hit counts. It is this limitation which prohibits nearly all of today's state-of-the-art fuzzers from attaining the performance benefits of CGT. This paper tackles the challenges of adapting CGT to fuzzing's most ubiquitous coverage metrics. We introduce and implement a suite of enhancements that expand CGT's introspection to fuzzing's most common code coverage metrics, while maintaining its orders-of-magnitude speedup over conventional always-on coverage tracing. We evaluate their trade-offs with respect to fuzzing performance and effectiveness across 12 diverse real-world binaries (8 open- and 4 closed-source). On average, our coverage-preserving CGT attains near-identical speed to the present block-coverage-only CGT, UnTracer; and outperforms leading binary- and source-level coverage tracers QEMU, Dyninst, RetroWrite, and AFL-Clang by 2-24x, finding more bugs in less time.Comment: CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Securit

A multimerizing transcription factor of sea urchin embryos capable of looping DNA

SpGCF1 is a recently cloned sea urchin transcription factor that recognizes target sites in several different sea urchin genes. We find that in gel-shift experiments this factor is able to multimerize. A quantitative simulation of the gel-shift results suggests that SpGCF1 molecules that are bound to DNA target sites may also bind to one another, thus associating several DNA probe molecules. SpGCF1 might therefore be able to loop DNA molecules bearing its target sites at distant locations. We demonstrate this prediction by electron microscopy, and using the well-characterized cis-regulatory domain of the CyIIIa cytoskeletal actin gene, we show that the loop conformations predicted from the known SpGCF1 target site locations are actually formed in vitro. We speculate that the multimerization of this factor in vivo may function to bring distant regions of extended regulatory domains into immediate proximity so that they can interact with one another

The business of cultural heritage tourism: critical success factors

This paper explores critical success factors (CSFs) required for cultural heritage tourism (CHT) operation and how these relate to commercial focus. The literature indicates tension between conservation of authenticity and commercial focus as it is seen to undermine authenticity, potentially degrading its quality and ultimate success as a tourism product. A list of nine key CHT business success factors was devised based on the published literature. Managers and operators of a range of Australian CHT operations were interviewed regarding achievement of CSFs. The operations were broadly categorised according to the level of commercial focus. The level of commercial focus was cross tabulated with the number of CHT business CSFs achieved. While all places in this study had addressed authenticity, CHT places presenting highly commercialised products tended to meet the criteria for achieving a greater number of CSFs than their less commercialised counter-parts. This has implications for sustainable CHT operation practices

Seesaw mechanism in the sneutrino sector and its consequences

The seesaw-extended MSSM provides a framework in which the observed light neutrino masses and mixing angles can be generated in the context of a natural theory for the TeV-scale. Sneutrino-mixing phenomena provide valuable tools for connecting the physics of neutrinos and supersymmetry. We examine the theoretical structure of the seesaw-extended MSSM, retaining the full complexity of three generations of neutrinos and sneutrinos. In this general framework, new flavor-changing and CP-violating sneutrino processes are allowed, and are parameterized in terms of two $3\times 3$ matrices that respectively preserve and violate lepton number. The elements of these matrices can be bounded by analyzing the rate for rare flavor-changing decays of charged leptons and the one-loop contribution to neutrino masses. In the former case, new contributions arise in the seesaw extended model which are not present in the ordinary MSSM. In the latter case, sneutrino--antisneutrino mixing generates the leading correction at one-loop to neutrino masses, and could provide the origin of the observed texture of the light neutrino mass matrix. Finally, we derive general formulae for sneutrino--antisneutrino oscillations and sneutrino flavor-oscillations. Unfortunately, neither oscillation phenomena is likely to be observable at future colliders.Comment: 69 pages, 5 figures, uses axodraw.sty. Version accepted for publication in JHEP: some comments and one more Appendix with additional discussion added, references update