HyperLink: Virtual Machine Introspection and Memory Forensic Analysis without Kernel Source Code

Virtual Machine Introspection (VMI) is an approach to inspecting and analyzing the software running inside a virtual machine from the hypervisor. Similarly, memory forensics analyzes the memory snapshots or dumps to understand the runtime state of a physical or virtual machine. The existing VMI and memory forensic tools rely on up-to-date kernel information of the target operating system (OS) to work properly, which often requires the availability of the kernel source code. This requirement prevents these tools from being widely deployed in real cloud environments. In this paper, we present a VMI tool called HyperLink that partially retrieves running process information from a guest virtual machine without its source code. While current introspection and memory forensic solutions support only one or a limited number of kernel versions of the target OS, HyperLink is a one-for-many introspection and forensic tool, i.e., it supports most, if not all, popular OSes regardless of their versions. We implement both online and offline versions of HyperLink.We validate the efficacy of HyperLink under different versions of Linux, Windows, FreeBSD, and Mac OS X. For all the OSes we tested, HyperLink can successfully retrieve the process information in one minute or several seconds. Through online and offline analyses, we demonstrate that HyperLink can help users detect real-world kernel rootkits and play an important role in intrusion detection. Due to its version-agnostic property, HyperLink could become the first introspection and forensic tool that works well in autonomic cloud computing environments

COMS: Customer Oriented Migration Service

Virtual machine live migration has been studied for more than a decade, and this technique has been implemented in various commercial hypervisors. However, currently in the cloud environment, virtual machine migration is initiated by system administrators. Cloud customers have no say on this: They can not initiate a migration, and they do not even know whether or not their virtual machines have been migrated. In this paper, we propose the COMS framework, which is short for Customer Oriented Migration Service . COMS gives more control to cloud customers so that migration becomes a service option and customers are more aware of the migration process. We have implemented a suite of modules in our COMS framework. Our evaluation results show that these modules could either bring performance benefit to cloud customers, or mitigate security threats in the cloud environment

GLM-130B: An Open Bilingual Pre-trained Model

We introduce GLM-130B, a bilingual (English and Chinese) pre-trained language model with 130 billion parameters. It is an attempt to open-source a 100B-scale model at least as good as GPT-3 (davinci) and unveil how models of such a scale can be successfully pre-trained. Over the course of this effort, we face numerous unexpected technical and engineering challenges, particularly on loss spikes and divergence. In this paper, we introduce the training process of GLM-130B including its design choices, training strategies for both efficiency and stability, and engineering efforts. The resultant GLM-130B model offers significant outperformance over GPT-3 175B (davinci) on a wide range of popular English benchmarks while the performance advantage is not observed in OPT-175B and BLOOM-176B. It also consistently and significantly outperforms ERNIE TITAN 3.0 260B -- the largest Chinese language model -- across related benchmarks. Finally, we leverage a unique scaling property of GLM-130B to reach INT4 quantization without post training, with almost no performance loss, making it the first among 100B-scale models and more importantly, allowing its effective inference on 4$\times$RTX 3090 (24G) or 8$\times$RTX 2080 Ti (11G) GPUs, the most affordable GPUs required for using 100B-scale models. The GLM-130B model weights are publicly accessible and its code, training logs, related toolkit, and lessons learned are open-sourced at \url{https://github.com/THUDM/GLM-130B/}.Comment: Accepted to ICLR 202

Ion-beam Assisted Sputtering of Titanium Nitride Thin Films

Titanium nitride is a material of interest for many superconducting devices such as nanowire microwave resonators and photon detectors. Thus, controlling the growth of TiN thin films with desirable properties is of high importance. In previous work on niobium nitride, ion beam-assisted sputtering (IBAS) reduced nitrogen sensitivity during deposition in tandem with an increase in nominal critical temperature. We have deposited thin films of titanium nitride by both, the conventional method of DC reactive magnetron sputtering and the IBAS method and compare their superconducting critical temperatures Tc as functions of thickness, sheet resistance, and nitrogen flow rate. We perform electrical and structural characterizations by electric transport and X-ray diffraction measurements. Compared to the conventional method of reactive sputtering, the IBAS technique has demonstrated a 10% increase in nominal critical temperature and 33% reduced sensitivity to nitrogen flow, without noticeable variation in the lattice structure. Additionally, we explore the behavior of superconducting Tc in ultra-thin films. Trends in films grown at high nitrogen concentrations follow predictions of mean-field theory in disordered films and show suppression of superconducting Tc due to geometric effects, while nitride films grown at low nitrogen concentrations strongly deviate from the theoretical models

Antibiotic susceptibility of Escherichia coli isolated from neonates admitted to neonatal intensive care units across China from 2015 to 2020

BackgroundEscherichia coli is one of the most common pathogens causing neonatal infections. Recently, the incidence and drug resistance of E. coli have increased, posing a major threat to neonatal health. The aim of this study was to describe and analyze the antibiotic resistance and multilocus sequence typing (MLST) characteristics of E. coli derived from infants admitted to neonatal intensive care units (NICUs) across China.MethodsIn this study, 370 strains of E. coli from neonates were collected. E. coli isolated from these specimens were subjected to antimicrobial susceptibility testing (by broth microdilution method) and MLST.ResultsThe overall resistance rate was 82.68%, with the highest rate of methicillin/sulfamethoxazole (55.68%) followed by cefotaxime (46.22%). Multiple resistance rate was 36.74%, 132 strains (35.68%) had extended-spectrum β-lactamase (ESBL) phenotype and 5 strains (1.35%) had insensitivity to the tested carbapenem antibiotics. The resistance of E. coli isolated from different pathogenicity and different sites of infections varied, strains derived from sputum were significantly more resistant to β-lactams and tetracyclines. Currently, the prevalence spectrum in NICUs was dominated by ST1193, ST95, ST73, ST69 and ST131 across China. And the multidrug resistance of ST410 was the most severe. ST410 had the highest resistance rate to cefotaxime (86.67%), and its most common multidrug resistance pattern was β-lactams + aminoglycosides + quinolones + tetracyclines + sulfonamides.ConclusionsSubstantial proportions of neonatal E. coli isolates were severely resistant to commonly administered antibiotics. MLST results can suggest the prevalent characteristics of antibiotic resistance in E. coli with different ST types

Investment Case for a Comprehensive Package of Interventions Against Hepatitis B in China: Applied Modeling to Help National Strategy Planning.

BACKGROUND content: In 2016, the first global viral hepatitis elimination targets were endorsed. An estimated one-third of the world's population of individuals with chronic hepatitis B virus (HBV) infection live in China and liver cancer is the sixth leading cause of mortality, but coverage of first-line antiviral treatment was low. In 2015, China was one of the first countries to initiate a consultative process for a renewed approach to viral hepatitis. We present the investment case for the scale-up of a comprehensive package of HBV interventions. METHODS content: A dynamic simulation model of HBV was developed and used to simulate the Chinese HBV epidemic. We evaluated the impact, costs, and return on investment of a comprehensive package of prevention and treatment interventions from a societal perspective, incorporating costs of management of end-stage liver disease and lost productivity costs. RESULTS content: Despite the successes of historical vaccination scale-up since 1992, there will be a projected 60 million people still living with HBV in 2030 and 10 million HBV-related deaths, including 5.7 million HBV-related cancer deaths between 2015 and 2030. This could be reduced by 2.1 million by highly active case-finding and optimal antiviral treatment regimens. The package of interventions is likely to have a positive return on investment to society of US$1.57 per US dollar invested. CONCLUSIONS content: Increases in HBV-related deaths for the next few decades pose a major public health threat in China. Active case-finding and access to optimal antiviral treatment are required to mitigate this risk. This investment case approach provides a real-world example of how applied modeling can support national dialog and inform policy planning

Development of an adjoint for a complex atmospheric model, the ARPS, using TAF

Summary. Large-scale scientific computer models, such as operational weather predictions models, pose challenges on the applicability of AD tools. We report the application of TAF to the development of the adjoint model and tangent linear model of a complex atmospheric model, ARPS. Strategies to overcome the problems encountered during the development process are discussed. A rigorous verification procedure of the adjoint model is presented. Simple experiments are carried out for sensitivity study, and the results confirm the correctness of the generated models. Key words: automatic differentiation, adjoint model, tangent linear model, sensitivity analysis, ARPS, TAF

Update-efficient Indexing of Moving Objects in Road Networks

Recent advances in wireless sensor networks and positioning technologies have boosted new applications that manage moving objects. In such applications, a dynamic index is often built to expedite evaluation of spatial queries. However, development of efficient indexes is a challenge due to frequent object movement. In this paper, we propose a new update-efficient index method for moving objects in road networks. We introduce a dynamic data structure, called adaptive unit, to group neighboring objects with similar movement patterns. To reduce updates, an adaptive unit captures the movement bounds of the objects based on a prediction method, which considers the road-network constraints and stochastic traffic behavior. A spatial index (e.g., R-tree) for the road network is then built over the adaptive unit structures. Simulation experiments, carried on two different datasets, show that an adaptive-unit based index is efficient for both updating and querying performance