Helix++: A platform for efficiently securing software

The open-source Helix++ project improves the security posture of computing platforms by applying cutting-edge cybersecurity techniques to diversify and harden software automatically. A distinguishing feature of Helix++ is that it does not require source code or build artifacts; it operates directly on software in binary form--even stripped executables and libraries. This feature is key as rebuilding applications from source is a time-consuming and often frustrating process. Diversification breaks the software monoculture and makes attacks harder to execute as information needed for a successful attack will have changed unpredictably. Diversification also forces attackers to customize an attack for each target instead of attackers crafting an exploit that works reliably on all similarly configured targets. Hardening directly targets key attack classes. The combination of diversity and hardening provides defense-in-depth, as well as a moving target defense, to secure the Nation's cyber infrastructure.Comment: 4 pages, 1 figure, white pape

Same Coverage, Less Bloat: Accelerating Binary-only Fuzzing with Coverage-preserving Coverage-guided Tracing

Coverage-guided fuzzing's aggressive, high-volume testing has helped reveal tens of thousands of software security flaws. While executing billions of test cases mandates fast code coverage tracing, the nature of binary-only targets leads to reduced tracing performance. A recent advancement in binary fuzzing performance is Coverage-guided Tracing (CGT), which brings orders-of-magnitude gains in throughput by restricting the expense of coverage tracing to only when new coverage is guaranteed. Unfortunately, CGT suits only a basic block coverage granularity -- yet most fuzzers require finer-grain coverage metrics: edge coverage and hit counts. It is this limitation which prohibits nearly all of today's state-of-the-art fuzzers from attaining the performance benefits of CGT. This paper tackles the challenges of adapting CGT to fuzzing's most ubiquitous coverage metrics. We introduce and implement a suite of enhancements that expand CGT's introspection to fuzzing's most common code coverage metrics, while maintaining its orders-of-magnitude speedup over conventional always-on coverage tracing. We evaluate their trade-offs with respect to fuzzing performance and effectiveness across 12 diverse real-world binaries (8 open- and 4 closed-source). On average, our coverage-preserving CGT attains near-identical speed to the present block-coverage-only CGT, UnTracer; and outperforms leading binary- and source-level coverage tracers QEMU, Dyninst, RetroWrite, and AFL-Clang by 2-24x, finding more bugs in less time.Comment: CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Securit

Multiple myeloma presenting with high-output heart failure and improving with anti-angiogenesis therapy: two case reports and a review of the literature

<p>Abstract</p> <p>Introduction</p> <p>Common manifestations of multiple myeloma include osteolytic lesions, cytopenias, hypercalcemia, and renal insufficiency. Patients may also exhibit heart failure which is often associated with either past therapy or cardiac amyloidosis. A less recognized mechanism is high-output heart failure. Diuretic therapy in this setting has little efficacy in treating the congested state. Furthermore, effective pharmacotherapy has not been established. We report two patients with multiple myeloma and high-output heart failure who failed diuretic therapy. The patients were given dexamethasone in conjunction with lenalidomide and thalidomide, respectively. Shortly thereafter, each patient demonstrated a significant improvement in symptoms. This is the first report of successful treatment of multiple myeloma-induced high-output failure via the utilization of these agents.</p> <p>Case presentation</p> <p>Two patients with multiple myeloma were evaluated for volume overload. The first was a 50-year-old man with refractory disease. Magnetic resonance imaging demonstrated diffuse marrow replacement throughout the pelvis. Cardiac catheterization conveyed elevated filling pressures and a cardiac output of 15 liters/minute. He quickly decompensated and required mechanical ventilation. The second patient was a 61-year-old man recently diagnosed with multiple myeloma and volume overload. Skeletal survey demonstrated numerous lytic lesions throughout the pelvis. His cardiac catheterization also conveyed elevated filling pressures and a cardiac output of 10 liters/minute. Neither patient responded to diuretic therapy and they were subsequently started on dexamethasone plus lenalidomide and thalidomide, respectively. The first patient's brisk diuresis allowed for extubation within 48 hours after the first dose. He had a net negative fluid balance of 15 liters over 10 days. The second patient also quickly diuresed and on repeat cardiac catheterization, his cardiac output had normalized to 4.7 liters/minute.</p> <p>Conclusion</p> <p>Multiple myeloma can cause high-output failure. The mechanism is likely extensive bony involvement causing innumerable intramedullary arteriovenous fistulas. Diuretic therapy is not effective in treating this condition. Lenalidomide and thalidomide, both of which inhibit angiogenesis, seem to be viable treatment options. Based on the rapid and effective results seen in these two patients, a potential novel mechanism of 'pharmacologic fistula ligation' with these agents may be the most effective way to treat this presentation.</p

A MADYMO STUDY OF PELVIC AND LOWER EXTREMITY INJURY IN FRONTAL CRASHES

ABSTRACT Recent studies suggest that there is increased risk to the pelvis and lower extremities for unbelted, front seat occupants when airbags deploy in frontal collisions. Among belted drivers, women and small adults are more likely to experience fractures of the knee-thigh-hip complex and lower leg. The occupant kinematics and impact mechanics for varying sized drivers under belted and unbelted conditions, with a deploying airbag, have not been well-investigated. The present study used occupant kinematic computer software (MADYMO) to investigate injury likelihood for the pelvis, femur and lower leg in simulations of FMVSS 208 test conditions (30 mph, rigid barrier, frontal crash) for a mid-size sedan with airbag deployment. The pelvic force criterion (PFC), femur force criterion (FFC), and Tibia index (TI) were calculated as injury predictors for 50 th percentile male and 5 th percentile female drivers, belted and unbelted, with variations in instrument panel angle and stiffness as well as hip abduction. The results indicated, most notably, that the unbelted 5 th percentile female submarined beneath the airbag and experienced TI values that exceeded the current tolerance in nearly every unbelted simulation. Injury scores for the left leg were generally higher for both dummies, due to leg entrapment and the intruding floor pan. Hip abduction of 20 degrees led to excessive hip forces in the 50 th percentile male. Seatbelts were effective at reducing injury measures in both dummies, most notably the TI score of the 5 th percentile female

Toward the Elucidation of Cytoplasmic Diversity in North American Grape Breeding Programs

Plants have an intriguing tripartite genetic system: Nuclear genome 9 Mitochondria 9 Plastids and their interactions may impact germplasm breeding. In grapevine, the study of cytoplasmic genomes has been limited, and their role with respect to grapevine germplasm diversity has yet to be elucidated. In the present study, the results of an analysis of the cytoplasmic diversity among 6073 individuals (comprising cultivars, interspecific hybrids and segregating progenies) are presented. Genotyping by sequencing (GBS) was used to elucidate plastid and mitochondrial DNA sequences, and results were analyzed using multivariate techniques. Single nucleotide polymorphism (SNP) effects were annotated in reference to plastid and mitochondrial genome sequences. The cytoplasmic diversity identified was structured according to synthetic domestication groups (wine and raisin/table gr.ape types) and interspecific-hybridization-driven groups with introgression from North American Vitis species, identifying five cytoplasmic groups and four major clusters. Fifty-two SNP markers were used to describe the diversity of the germplasm. Ten organelle genes showed distinct SNP annotations and effect predictions, of which six were chloroplast-derived and three were mitochondrial genes, in addition to one mitochondrial SNP affecting a nonannotated open reading frame. The results suggest that the application of GBS will aid in the study of cytoplasmic genomes in grapevine, which will enable further studies on the role of cytoplasmic genomes in grapevine germplasm, and then allow the exploitation of these sources of diversity in breeding

RBM47 regulates intestinal injury and tumorigenesis by modifying proliferation, oxidative response, and inflammatory pathways

RNA-binding protein 47 (RBM47) is required for embryonic endoderm development, but a role in adult intestine is unknown. We studied intestine-specific Rbm47-knockout mice (Rbm47-IKO) following intestinal injury and made crosses into ApcMin/+ mice to examine alterations in intestinal proliferation, response to injury, and tumorigenesis. We also interrogated human colorectal polyps and colon carcinoma tissue. Rbm47-IKO mice exhibited increased proliferation and abnormal villus morphology and cellularity, with corresponding changes in Rbm47-IKO organoids. Rbm47-IKO mice adapted to radiation injury and were protected against chemical-induced colitis, with Rbm47-IKO intestine showing upregulation of antioxidant and Wnt signaling pathways as well as stem cell and developmental genes. Furthermore, Rbm47-IKO mice were protected against colitis-associated cancer. By contrast, aged Rbm47-IKO mice developed spontaneous polyposis, and Rbm47-IKO ApcMin/+ mice manifested an increased intestinal polyp burden. RBM47 mRNA was decreased in human colorectal cancer versus paired normal tissue, along with alternative splicing of tight junction protein 1 mRNA. Public databases revealed stage-specific reduction in RBM47 expression in colorectal cancer associated independently with decreased overall survival. These findings implicate RBM47 as a cell-intrinsic modifier of intestinal growth, inflammatory, and tumorigenic pathways

Using a New Odour-Baited Device to Explore Options for Luring and Killing Outdoor-Biting Malaria Vectors: A Report on Design and Field Evaluation of the Mosquito Landing Box.

Mosquitoes that bite people outdoors can sustain malaria transmission even where effective indoor interventions such as bednets or indoor residual spraying are already widely used. Outdoor tools may therefore complement current indoor measures and improve control. We developed and evaluated a prototype mosquito control device, the 'Mosquito Landing Box' (MLB), which is baited with human odours and treated with mosquitocidal agents. The findings are used to explore technical options and challenges relevant to luring and killing outdoor-biting malaria vectors in endemic settings. Field experiments were conducted in Tanzania to assess if wild host-seeking mosquitoes 1) visited the MLBs, 2) stayed long or left shortly after arrival at the device, 3) visited the devices at times when humans were also outdoors, and 4) could be killed by contaminants applied on the devices. Odours suctioned from volunteer-occupied tents were also evaluated as a potential low-cost bait, by comparing baited and unbaited MLBs. There were significantly more Anopheles arabiensis, An. funestus, Culex and Mansonia mosquitoes visiting baited MLB than unbaited controls (P<=0.028). Increasing sampling frequency from every 120 min to 60 and 30 min led to an increase in vector catches of up to 3.6 fold (P<=0.002), indicating that many mosquitoes visited the device but left shortly afterwards. Outdoor host-seeking activity of malaria vectors peaked between 7:30 and 10:30pm, and between 4:30 and 6:00am, matching durations when locals were also outdoors. Maximum mortality of mosquitoes visiting MLBs sprayed or painted with formulations of candidate mosquitocidal agent (pirimiphos-methyl) was 51%. Odours from volunteer occupied tents attracted significantly more mosquitoes to MLBs than controls (P<0.001). While odour-baited devices such as the MLBs clearly have potential against outdoor-biting mosquitoes in communities where LLINs are used, candidate contaminants must be those that are effective at ultra-low doses even after short contact periods, since important vector species such as An. arabiensis make only brief visits to such devices. Natural human odours suctioned from occupied dwellings could constitute affordable sources of attractants to supplement odour baits for the devices. The killing agents used should be environmentally safe, long lasting, and have different modes of action (other than pyrethroids as used on LLINs), to curb the risk of physiological insecticide resistance

A New Connection between Central Engine Weak Physics and the Dynamics of Gamma-Ray Burst Fireballs

We demonstrate a qualitatively new aspect of the dynamics of Gamma-Ray Burst (GRB) fireballs: the development of a substantial dispersion in the proton component in fireballs in which neutron decoupling occurs and is sufficiently pronounced. This effect depends sensitively on the neutron to proton ratio in the fireball, becoming more dramatic with increasing neutron excess. Simple physical arguments and transport calculations indicate that the dispersion in Lorentz factor of the protons can be of order the final mean Lorentz factor of the fireball. We show how plasma instabilities could play an important role in the evolution of the fireball and how they might ultimately govern the development of such a velocity dispersion in the proton component. The role of these instabilities in setting/diminishing a proton Lorentz factor dispersion represents a new and potentially important venue for the study of plasma instabilities. Significant dispersion in the proton velocities translates into fewer protons attaining the highest Lorentz factors. This is tantamount to a reduction in the total energy required to attain a given Lorentz factor for the highest energy protons. As well, a proton component dispersion can have consequences for the electromagnetic and neutrino signature of GRBs.Comment: Added discussion of plasma instabilities and the requirement of charge neutrality. 6 pages, 4 figure

A proposal for a coordinated effort for the determination of brainwide neuroanatomical connectivity in model organisms at a mesoscopic scale

In this era of complete genomes, our knowledge of neuroanatomical circuitry remains surprisingly sparse. Such knowledge is however critical both for basic and clinical research into brain function. Here we advocate for a concerted effort to fill this gap, through systematic, experimental mapping of neural circuits at a mesoscopic scale of resolution suitable for comprehensive, brain-wide coverage, using injections of tracers or viral vectors. We detail the scientific and medical rationale and briefly review existing knowledge and experimental techniques. We define a set of desiderata, including brain-wide coverage; validated and extensible experimental techniques suitable for standardization and automation; centralized, open access data repository; compatibility with existing resources, and tractability with current informatics technology. We discuss a hypothetical but tractable plan for mouse, additional efforts for the macaque, and technique development for human. We estimate that the mouse connectivity project could be completed within five years with a comparatively modest budget.Comment: 41 page