CARVE: Practical Security-Focused Software Debloating Using Simple Feature Set Mappings

Software debloating is an emerging field of study aimed at improving the security and performance of software by removing excess library code and features that are not needed by the end user (called bloat). Software bloat is pervasive, and several debloating techniques have been proposed to address this problem. While these techniques are effective at reducing bloat, they are not practical for the average user, risk creating unsound programs and introducing vulnerabilities, and are not well suited for debloating complex software such as network protocol implementations. In this paper, we propose CARVE, a simple yet effective security-focused debloating technique that overcomes these limitations. CARVE employs static source code annotation to map software features source code, eliminating the need for advanced software analysis during debloating and reducing the overall level of technical sophistication required by the user. CARVE surpasses existing techniques by introducing debloating with replacement, a technique capable of preserving software interoperability and mitigating the risk of creating an unsound program or introducing a vulnerability. We evaluate CARVE in 12 debloating scenarios and demonstrate security and performance improvements that meet or exceed those of existing techniques.Comment: 8 pages, 4 figures, 2 tables, 1 appendi

Effective Cache Apportioning for Performance Isolation Under Compiler Guidance

With a growing number of cores in modern high-performance servers, effective sharing of the last level cache (LLC) is more critical than ever. The primary agenda of such systems is to maximize performance by efficiently supporting multi-tenancy of diverse workloads. However, this could be particularly challenging to achieve in practice, because modern workloads exhibit dynamic phase behaviour, which causes their cache requirements & sensitivities to vary at finer granularities during execution. Unfortunately, existing systems are oblivious to the application phase behavior, and are unable to detect and react quickly enough to these rapidly changing cache requirements, often incurring significant performance degradation. In this paper, we propose Com-CAS, a new apportioning system that provides dynamic cache allocations for co-executing applications. Com-CAS differs from the existing cache partitioning systems by adapting to the dynamic cache requirements of applications just-in-time, as opposed to reacting, without any hardware modifications. The front-end of Com-CAS consists of compiler-analysis equipped with machine learning mechanisms to predict cache requirements, while the back-end consists of proactive scheduler that dynamically apportions LLC amongst co-executing applications leveraging Intel Cache Allocation Technology (CAT). Com-CAS's partitioning scheme utilizes the compiler-generated information across finer granularities to predict the rapidly changing dynamic application behaviors, while simultaneously maintaining data locality. Our experiments show that Com-CAS improves average weighted throughput by 15% over unpartitioned cache system, and outperforms state-of-the-art partitioning system KPart by 20%, while maintaining the worst individual application completion time degradation to meet various Service-Level Agreement (SLA) requirements

Combined Static Analysis and Machine Learning Prediction for Application Debloating

Software debloating can effectively thwart certain code reuse attacks by reducing attack surfaces to break gadget chains. Approaches based on static analysis enable a reduced set of functions reachable at a callsite for execution by leveraging static properties of the callgraph. This achieves low runtime overhead, but the function set is conservatively computed, negatively affecting reduction. In contrast, approaches based on machine learning (ML) have much better precision and can sharply reduce function sets, leading to significant improvement in attack surface. Nevertheless, mispredictions occur in ML-based approaches. These cause overheads, and worse, there is no clear way to distinguish between mispredictions and actual attacks. In this work, we contend that a software debloating approach that incorporates ML-based predictions at runtime is realistic in a whole application setting, and that it can achieve significant attack surface reductions beyond the state of the art. We develop a framework, Predictive Debloat with Static Guarantees (PDSG). PDSG is fully sound and works on application source code. At runtime it predicts the dynamic callee set emanating from a callsite, and to resolve mispredictions, it employs a lightweight audit based on static invariants of call chains. We deduce the invariants offline and assert that they hold at runtime when there is a misprediction. To the best of our knowledge, it achieves the highest gadget reductions among similar techniques on SPEC CPU 2017, reducing 82.5% of the total gadgets on average. It triggers misprediction checks on only 3.8% of the total predictions invoked at runtime, and it leverages Datalog to verify dynamic call sequences conform to the static call relations. It has an overhead of 8.9%, which makes the scheme attractive for practical deployments

Role of hysterolaparoscopy for the evaluation of primary infertility: An experience from a tertiary care hospital

Background: Infertility is one of the most common problem for which couple seeks medical attention. The main objective of the study was to assess the role of diagnostic hysterolaparoscopy in the diagnosis and treatment of primary infertility patients.Methods: For this retrospective study, patient with the diagnosis of primary infertility were recruited. Patients admitted between the periods 2014 to 2016 were included. Pertinent data related to infertility were collected from the case records and entered in predesigned performa.Results: Patients with primary infertility 246 (82%) diagnosed to have pelvic pathology. The most common cause of infertility was ovarian 122 (36.63%), Uterine 66 (19.82%), tubal 84 (25.22%) and unexplained infertility in 103 (30.93%) women. Patients with PCOS 76 (22.82%) and endometriosis 46 (13.81%) treated with drilling and endometriotic cystectomy. In 32 (9.60%) of patients hysteroscopic cannulation was done. For distal tubal blockage fimbrioplasty was performed in 38 (11.41%) of women. Pelvic adhesions diagnosed in 26 (7.80%) women. patients diagnosed with uterine septum 42 (12.61%) required hysteroscopic septal resection. During the evaluation of infertility 70 (21%) of women diagnosed to have incidental pelvic pathology treated according to pathology.Conclusions: Hysterolaparoscopy is emerging as a valuable technique for complete assessment of female infertility and also helps in treatment according to the cause

A prospective observational study for the evaluation of maternal and fetal outcome in patient with eclampsia

Background: Eclampsia continues to be a measure health issue in developing country. In order to get a comprehensive data on eclamptic patients we conduct a prospective observational study to address the maternal and fetal complication during pregnancy.Methods: It is a prospective observational study conducted in a tertiary care medical college between the periods September 2016 to February 2017. During the period all patients with eclampsia admitted to the labour room were taken. Any patients with known epilepsy were excluded from the study.Results: During the period 3780 women were admitted to the labour room, out of which 56 women had eclampsia with an incidence of 1.48%. Out this antenatal eclampsia was most common with an incidence of 91.08% followed by intra partum 4 (7.14%) and postpartum eclampsia 1 (1.78%). Majority of patients 54 (96.43%) were unbooked or inadequately supervised. Most of the patient had normalization of blood pressure after oral nifedipine 46 (82.14%), only 10 (17.86%) patient required additional injection labetalol for control of blood pressure. The maternal complications were placental abruption 8 (14.28%), HELLP 6 (10.71%), pulmonary edema 1 (1.78%), acute renal failure 1 (1.78%), DIC 1 (1.78%) and maternal death 2 (3.57%). Out of fifty six babies delivered 42 (75%) had live birth and 14 (25%) had still birth. A total of 17 (40.42%) had IUGR, 17 (40.47%) require SNCU admission post-delivery.Conclusions:Eclampsia still remains the major cause of maternal and fetal morbidity. In low resource countries improvement in health care facility, adequate antenatal supervision, and timely referral will reduce the maternal and fetal complication.

Collaborative research: ITR: global multi-scale kinetic simulations of the earth's magnetosphere using parallel discrete event simulation

Issued as final reportNational Science Foundation (U.S.

Wprowadzenie cewnika techniką retrograde i zamknięcie przetrwałego przewodu tętniczego techniką antegrade za pomocą urządzenia Coccoon Duct Occluder u 6-miesięcznego dziecka

Patent ductus arteriosus (PDA) accounts for up to 10% of all congenital heart disease. Transcatheter closure of PDAs has now become treatment of choice replacing surgery. It is simple, consisting of placement of device or vascular occlusion coils either antegrade from femoral vein or retrograde from femoral artery. Here we report a patient of PDA with vascular anatomy too difficult to be antegradely approached and were closed by a retrograde wiring and antegrade snaring using a customised snare. Then device was deployed by usual antegrade approach over snared wire. This retrograde wire-assisted technique and antegrade snaring could be utilized to overcome PDA of difficult vascular anatomy, which could not be easily fulfilled by conventional antegrade venous approach alone.Przetrwały przewód tętniczy (PDA) stanowi nawet 10% wszystkich wrodzonych wad serca. Przezcewnikowe zamknięciePDA jest obecnie metodą z wyboru, która zastąpiła leczenie chirurgiczne. Zabieg przezcewnikowy jest prosty do przeprowadzenia i polega na umieszczeniu w przewodzie tętniczym specjalnych implantów lub sprężynek wprowadzanychz dostępu przez żyłę udową (technika zstępująca, antegrade) lub przez tętnicę udową (technika wsteczna, retrograde).W niniejszej pracy opisano przypadek pacjenta z PDA, u którego budowa anatomiczna naczyń uniemożliwiała zastosowanie techniki zstępującej, dlatego zabieg wykonano, wsuwając prowadnik przez tętnicę udową (retrograde) i wprowadzając przez żyłę udową (antegrade) pętlę wykonaną specjalnie na potrzeby zabiegu przez operatorów. Następnieimplantowane urządzenie umieszczono na miejscu standardową techniką zstępującą (antegrade), wsuwając je poprowadniku za pomocą pętli. Tę technikę z użyciem prowadnika i pętli można wykorzystać do zamykania PDA u chorychz trudnymi warunkami anatomicznymi uniemożliwiającymi wykonanie zabiegu konwencjonalną metodą — wyłączniez dostępu przez żyłę udową