QUIC on the Highway: Evaluating Performance on High-rate Links

QUIC is a new protocol standardized in 2021 designed to improve on the widely used TCP / TLS stack. The main goal is to speed up web traffic via HTTP, but it is also used in other areas like tunneling. Based on UDP it offers features like reliable in-order delivery, flow and congestion control, streambased multiplexing, and always-on encryption using TLS 1.3. Other than with TCP, QUIC implements all these features in user space, only requiring kernel interaction for UDP. While running in user space provides more flexibility, it profits less from efficiency and optimization within the kernel. Multiple implementations exist, differing in programming language, architecture, and design choices. This paper presents an extension to the QUIC Interop Runner, a framework for testing interoperability of QUIC implementations. Our contribution enables reproducible QUIC benchmarks on dedicated hardware. We provide baseline results on 10G links, including multiple implementations, evaluate how OS features like buffer sizes and NIC offloading impact QUIC performance, and show which data rates can be achieved with QUIC compared to TCP. Our results show that QUIC performance varies widely between client and server implementations from 90 Mbit/s to 4900 Mbit/s. We show that the OS generally sets the default buffer size too small, which should be increased by at least an order of magnitude based on our findings. Furthermore, QUIC benefits less from NIC offloading and AES NI hardware acceleration while both features improve the goodput of TCP to around 8000 Mbit/s. Our framework can be applied to evaluate the effects of future improvements to the protocol or the OS.Comment: Presented at the 2023 IFIP Networking Conference (IFIP Networking

Rusty Clusters? Dusting an IPv6 Research Foundation

The long-running IPv6 Hitlist service is an important foundation for IPv6 measurement studies. It helps to overcome infeasible, complete address space scans by collecting valuable, unbiased IPv6 address candidates and regularly testing their responsiveness. However, the Internet itself is a quickly changing ecosystem that can affect longrunning services, potentially inducing biases and obscurities into ongoing data collection means. Frequent analyses but also updates are necessary to enable a valuable service to the community. In this paper, we show that the existing hitlist is highly impacted by the Great Firewall of China, and we offer a cleaned view on the development of responsive addresses. While the accumulated input shows an increasing bias towards some networks, the cleaned set of responsive addresses is well distributed and shows a steady increase. Although it is a best practice to remove aliased prefixes from IPv6 hitlists, we show that this also removes major content delivery networks. More than 98% of all IPv6 addresses announced by Fastly were labeled as aliased and Cloudflare prefixes hosting more than 10M domains were excluded. Depending on the hitlist usage, e.g., higher layer protocol scans, inclusion of addresses from these providers can be valuable. Lastly, we evaluate different new address candidate sources, including target generation algorithms to improve the coverage of the current IPv6 Hitlist. We show that a combination of different methodologies is able to identify 5.6M new, responsive addresses. This accounts for an increase by 174% and combined with the current IPv6 Hitlist, we identify 8.8M responsive addresses

Evaluating the Benefits: Quantifying the Effects of TCP Options, QUIC, and CDNs on Throughput

To keep up with increasing demands on quality of experience, assessing and understanding the performance of network connections is crucial for web service providers. While different measures, like TCP options, alternative transport layer protocols like QUIC, or the hosting of services in CDNs, are expected to improve connection performance, no studies are quantifying such impacts on connections on the Internet. This paper introduces an active Internet measurement approach to assess the impacts of mentioned measures on connection performance. We conduct downloads from public web servers considering different vantage points, extract performance indicators like throughput, RTT, and retransmission rate, and survey speed-ups due to TCP option usage. Further, we compare the performance of QUIC-based downloads to TCP-based downloads considering different option configurations. Next to significant throughput improvements due to TCP option usage, in particular TCP window scaling, and QUIC, our study shows significantly increased performance for connections to domains hosted by different giant CDNs.Comment: Presented at the ACM/IRTF Applied Networking Research Workshop 2023 (ANRW23

Packed to the Brim: Investigating the Impact of Highly Responsive Prefixes on Internet-wide Measurement Campaigns

Internet-wide scans are an important tool to evaluate the deployment of services. To enable large-scale application layer scans, a fast, stateless port scan (e.g., using ZMap) is often performed ahead of time to collect responsive targets. It is a common expectation that port scans on the entire IPv4 address space provide a relatively unbiased view as they cover the complete address space. Previous work, however, has found prefixes where all addresses share particular properties. In IPv6, aliased prefixes and fully responsive prefixes, i.e., prefixes where all addresses are responsive, are a well-known phenomenon. However, there is no such in-depth analysis for prefixes with these responsiveness patterns in IPv4. This paper delves into the underlying factors of this phenomenon in the context of IPv4 and evaluates port scans on a total of 161 ports (142 TCP & 19 UDP ports) from three different vantage points. To account for packet loss and other scanning artifacts, we propose the notion of a new category of prefixes, which we call highly responsive prefixes (HRPs). Our findings show that the share of HRPs can make up 70 % of responsive addresses on selected ports. Regarding specific ports, we observe that CDNs contribute to the largest fraction of HRPs on TCP/80 and TCP/443, while TCP proxies emerge as the primary cause of HRPs on other ports. Our analysis also reveals that application layer handshakes to targets outside HRPs are, depending on the chosen service, up to three times more likely to be successful compared to handshakes with targets located in HRPs. To improve future scanning campaigns conducted by the research community, we make our study's data publicly available and provide a tool for detecting HRPs. Furthermore, we propose an approach for a more efficient, ethical, and sustainable application layer target selection

Sinusoidal Obstruction Syndrome Following Myeloablative Therapy and Tranexamic Acid Treatment for Hemorrhage in Two Patients with Neuroblastoma

Adverse thromboembolic events following administration of the anti-fibrinolytic agent tranexamic acid (TA), used to prevent/treat excessive blood loss, are rare. We present the clinical course of two young patients (22 and 56 months) receiving busulfan/melphalan (Bu/Mel) high-dose chemotherapy with autologous hematopoietic stem cell transplantation (HSCT) to treat high-risk neuroblastoma, who developed hepatic sinusoidal obstruction syndrome (SOS) within 48 h after systemic TA treatment for a hemodynamically relevant hemorrhage. Defibrotide treatment resolved hepatic SOS, but the short time between TA administration and SOS onset suggests a causal association

CD171- and GD2-specific CAR-T cells potently target retinoblastoma cells in preclinical in vitro testing

BACKGROUND: Chimeric antigen receptor (CAR)-based T cell therapy is in early clinical trials to target the neuroectodermal tumor, neuroblastoma. No preclinical or clinical efficacy data are available for retinoblastoma to date. Whereas unilateral intraocular retinoblastoma is cured by enucleation of the eye, infiltration of the optic nerve indicates potential diffuse scattering and tumor spread leading to a major therapeutic challenge. CAR-T cell therapy could improve the currently limited therapeutic strategies for metastasized retinoblastoma by simultaneously killing both primary tumor and metastasizing malignant cells and by reducing chemotherapy-related late effects. METHODS: CD171 and GD2 expression was flow cytometrically analyzed in 11 retinoblastoma cell lines. CD171 expression and T cell infiltration (CD3+) was immunohistochemically assessed in retrospectively collected primary retinoblastomas. The efficacy of CAR-T cells targeting the CD171 and GD2 tumor-associated antigens was preclinically tested against three antigen-expressing retinoblastoma cell lines. CAR-T cell activation and exhaustion were assessed by cytokine release assays and flow cytometric detection of cell surface markers, and killing ability was assessed in cytotoxic assays. CAR constructs harboring different extracellular spacer lengths (short/long) and intracellular co-stimulatory domains (CD28/4-1BB) were compared to select the most potent constructs. RESULTS: All retinoblastoma cell lines investigated expressed CD171 and GD2. CD171 was expressed in 15/30 primary retinoblastomas. Retinoblastoma cell encounter strongly activated both CD171-specific and GD2-specific CAR-T cells. Targeting either CD171 or GD2 effectively killed all retinoblastoma cell lines examined. Similar activation and killing ability for either target was achieved by all CAR constructs irrespective of the length of the extracellular spacers and the co-stimulatory domain. Cell lines differentially lost tumor antigen expression upon CAR-T cell encounter, with CD171 being completely lost by all tested cell lines and GD2 further down-regulated in cell lines expressing low GD2 levels before CAR-T cell challenge. Alternating the CAR-T cell target in sequential challenges enhanced retinoblastoma cell killing. CONCLUSION: Both CD171 and GD2 are effective targets on human retinoblastoma cell lines, and CAR-T cell therapy is highly effective against retinoblastoma in vitro. Targeting of two different antigens by sequential CAR-T cell applications enhanced tumor cell killing and preempted tumor antigen loss in preclinical testing

Combination of GD2-directed bispecific trifunctional antibody therapy with Pd-1 immune checkpoint blockade induces anti-neuroblastoma immunity in a syngeneic mouse model

Introduction: Despite advances in treating high-risk neuroblastoma, 50-60% of patients still suffer relapse, necessitating new treatment options. Bispecific trifunctional antibodies (trAbs) are a promising new class of immunotherapy. TrAbs are heterodimeric IgG-like molecules that bind CD3 and a tumor-associated antigen simultaneously, whereby inducing a TCR-independent anti-cancer T cell response. Moreover, via their functional Fc region they recruit and activate cells of the innate immune system like antigen-presenting cells potentially enhancing induction of adaptive tumor-specific immune responses. Methods: We used the SUREK trAb, which is bispecific for GD2 and murine Cd3. Tumor-blind trAb and the monoclonal ch14.18 antibody were used as controls. A co-culture model of murine dendritic cells (DCs), T cells and a neuroblastoma cell line was established to evaluate the cytotoxic effect and the T cell effector function in vitro. Expression of immune checkpoint molecules on tumor-infiltrating T cells and the induction of an anti-neuroblastoma immune response using a combination of whole cell vaccination and trAb therapy was investigated in a syngeneic immunocompetent neuroblastoma mouse model (NXS2 in A/J background). Finally, vaccinated mice were assessed for the presence of neuroblastoma-directed antibodies. We show that SUREK trAb-mediated effective killing of NXS2 cells in vitro was strictly dependent on the combined presence of DCs and T cells. Results: Using a syngeneic neuroblastoma mouse model, we showed that vaccination with irradiated tumor cells combined with SUREK trAb treatment significantly prolonged survival of tumor challenged mice and partially prevent tumor outgrowth compared to tumor vaccination alone. Treatment led to upregulation of programmed cell death protein 1 (Pd-1) on tumor infiltrating T cells and combination with anti-Pd-1 checkpoint inhibition enhanced the NXS2-directed humoral immune response. Conclusion: Here, we provide first preclinical evidence that a tumor vaccination combined with SUREK trAb therapy induces an endogenous anti-neuroblastoma immune response reducing tumor recurrence. Furthermore, a combination with anti-Pd-1 immune checkpoint blockade might even further improve this promising immunotherapeutic concept in order to prevent relapse in high-risk neuroblastoma patients

GD2-directed bispecific trifunctional antibody outperforms dinutuximab beta in a murine model for aggressive metastasized neuroblastoma

Background: Neuroblastoma is the most common extracranial solid tumor of childhood. Patients with high-risk disease undergo extremely aggressive therapy and nonetheless have cure rates below 50%. Treatment with the ch14.18 monoclonal antibody (dinutuximab beta), directed against the GD2 disialoganglioside, improved 5-year event-free survival in high-risk patients when administered in postconsolidation therapy and was recently implemented in standard therapy. Relapse still occurred in 57% of these patients, necessitating new therapeutic options. Bispecific trifunctional antibodies (trAbs) are IgG-like molecules directed against T cells and cancer surface antigens, redirecting T cells (via their CD3 specificity) and accessory immune cells (via their functioning Fc-fragment) toward tumor cells. We sought proof-of-concept for GD2/CD3-directed trAb efficacy against neuroblastoma. Methods: We used two GD2-specific trAbs differing only in their CD3-binding specificity: EKTOMUN (GD2/human CD3) and SUREK (GD2/mouse Cd3). This allowed trAb evaluation in human and murine experimental settings. Tumor-blind trAb and the ch14.18 antibody were used as controls. A coculture model of human peripheral blood mononuclear cells (PBMCs) and neuroblastoma cell lines was established to evaluate trAb antitumor efficacy by assessing expression of T-cell surface markers for activation, proinflammatory cytokine release and cytotoxicity assays. Characteristics of tumor-infiltrating T cells and response of neuroblastoma metastases to SUREK treatment were investigated in a syngeneic immunocompetent neuroblastoma mouse model mimicking minimal residual disease. Results: We show that EKTOMUN treatment caused effector cell activation and release of proinflammatory cytokines in coculture with neuroblastoma cell lines. Furthermore, EKTOMUN mediated GD2-dependent cytotoxic effects in human neuroblastoma cell lines in coculture with PBMCs, irrespective of the level of target antigen expression. This effect was dependent on the presence of accessory immune cells. Treatment with SUREK reduced the intratumor Cd4/Cd8 ratio and activated tumor infiltrating T cells in vivo. In a minimal residual disease model for neuroblastoma, we demonstrated that single-agent treatment with SUREK strongly reduced or eliminated neuroblastoma metastases in vivo. SUREK as well as EKTOMUN demonstrated superior tumor control compared with the anti-GD2 antibody, ch14.18. Conclusions: Here we provide proof-of-concept for EKTOMUN preclinical efficacy against neuroblastoma, presenting this bispecific trAb as a promising new agent to fight neuroblastoma

Central memory phenotype drives success of checkpoint inhibition in combination with CAR T cells

The immunosuppressive microenvironment in solid tumors is thought to form a barrier to the entry and efficacy of cell-based therapies such as chimeric antigen receptor (CAR) T cells. Combining CAR T cell therapy with checkpoint inhibitors has been demonstrated to oppose immune escape mechanisms in solid tumors and augment antitumor efficacy. We evaluated PD-1/PD-L1 signaling capacity and the impact of an inhibitor of this checkpoint axis in an in vitro system for cancer cell challenge, the coculture of L1CAM-specific CAR T cells with neuroblastoma cell lines. Fluorescence-activated cell sorting-based analyses and luciferase reporter assays were used to assess PD-1/PD-L1 expression on CAR T and tumor cells as well as CAR T cell ability to kill neuroblastoma cells. Coculturing neuroblastoma cell lines with L1CAM-CAR T cells upregulated PD-L1 expression on neuroblastoma cells, confirming adaptive immune resistance. Exposure to neuroblastoma cells also upregulated the expression of the PD-1/PD-L1 axis in CAR T cells. The checkpoint inhibitor, nivolumab, enhanced L1CAM-CAR T cell-directed killing. However, nivolumab-enhanced L1CAM-CAR T cell killing did not strictly correlate with PD-L1 expression on neuroblastoma cells. In fact, checkpoint inhibitor success relied on strong PD-1/PD-L1 axis expression in the CAR T cells, which in turn depended on costimulatory domains within the CAR construct, and more importantly, on the subset of T cells selected for CAR T cell generation. Thus, T cell subset selection for CAR T cell generation and CAR T cell prescreening for PD-1/PD-L1 expression could help determine when combination therapy with checkpoint inhibitors could improve treatment efficacy

Towards a Tectonic Traffic Shift? Investigating Apple's New Relay Network

Apple recently published its first Beta of the iCloud Private Relay, a privacy protection service with promises resembling the ones of VPNs. The architecture consists of two layers (ingress and egress), operated by disjoint providers. The service is directly integrated into Apple's operating systems and therefore provides a low entry level barrier for a large user base. It seems to be set up for major adoption with its relatively moderate entry-level price. This paper analyzes the iCloud Private Relay from a network perspective and its effect on the Internet and future measurement-based research. We perform EDNS0 Client Subnet DNS queries to collect ingress relay addresses and find 1586 IPv4 addresses. Supplementary RIPE Atlas DNS measurements reveal 1575 IPv6 addresses. Knowledge about these addresses helps to passively detect clients communicating through the relay network. According to our scans, from January through April, ingress addresses grew by 20%. The analysis of our scans through the relay network verifies Apple's claim of rotating egress addresses. Nevertheless, it reveals that ingress and egress relays can be located in the same autonomous system, thus sharing similar routes, potentially allowing traffic correlation