A First Look at QUIC in the Wild

For the first time since the establishment of TCP and UDP, the Internet transport layer is subject to a major change by the introduction of QUIC. Initiated by Google in 2012, QUIC provides a reliable, connection-oriented low-latency and fully encrypted transport. In this paper, we provide the first broad assessment of QUIC usage in the wild. We monitor the entire IPv4 address space since August 2016 and about 46% of the DNS namespace to detected QUIC-capable infrastructures. Our scans show that the number of QUIC-capable IPs has more than tripled since then to over 617.59 K. We find around 161K domains hosted on QUIC-enabled infrastructure, but only 15K of them present valid certificates over QUIC. Second, we analyze one year of traffic traces provided by MAWI, one day of a major European tier-1 ISP and from a large IXP to understand the dominance of QUIC in the Internet traffic mix. We find QUIC to account for 2.6% to 9.1% of the current Internet traffic, depending on the vantage point. This share is dominated by Google pushing up to 42.1% of its traffic via QUIC

DDoS Never Dies? An IXP Perspective on DDoS Amplification Attacks

DDoS attacks remain a major security threat to the continuous operation of Internet edge infrastructures, web services, and cloud platforms. While a large body of research focuses on DDoS detection and protection, to date we ultimately failed to eradicate DDoS altogether. Yet, the landscape of DDoS attack mechanisms is even evolving, demanding an updated perspective on DDoS attacks in the wild. In this paper, we identify up to 2608 DDoS amplification attacks at a single day by analyzing multiple Tbps of traffic flows at a major IXP with a rich ecosystem of different networks. We observe the prevalence of well-known amplification attack protocols (e.g., NTP, CLDAP), which should no longer exist given the established mitigation strategies. Nevertheless, they pose the largest fraction on DDoS amplification attacks within our observation and we witness the emergence of DDoS attacks using recently discovered amplification protocols (e.g., OpenVPN, ARMS, Ubiquity Discovery Protocol). By analyzing the impact of DDoS on core Internet infrastructure, we show that DDoS can overload backbone-capacity and that filtering approaches in prior work omit 97% of the attack traffic.Comment: To appear at PAM 202

Stellar: Network Attack Mitigation using Advanced Blackholing

© ACM 2018. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in Proceedings of the 14th International Conference on Emerging Networking EXperiments and Technologies - CoNEXT ’18, http://dx.doi.org/10.1145/3281411.3281413.Network attacks, including Distributed Denial-of-Service (DDoS), continuously increase in terms of bandwidth along with damage (recent attacks exceed 1.7 Tbps) and have a devastating impact on the targeted companies/governments. Over the years, mitigation techniques, ranging from blackholing to policy-based filtering at routers, and on to traffic scrubbing, have been added to the network operator’s toolbox. Even though these mitigation techniques pro- vide some protection, they either yield severe collateral damage, e.g., dropping legitimate traffic (blackholing), are cost-intensive, or do not scale well for Tbps level attacks (ACL filltering, traffic scrubbing), or require cooperation and sharing of resources (Flowspec). In this paper, we propose Advanced Blackholing and its system realization Stellar. Advanced blackholing builds upon the scalability of blackholing while limiting collateral damage by increasing its granularity. Moreover, Stellar reduces the required level of cooperation to enhance mitigation effectiveness. We show that fine-grained blackholing can be realized, e.g., at a major IXP, by combining available hardware filters with novel signaling mechanisms. We evaluate the scalability and performance of Stellar at a large IXP that interconnects more than 800 networks, exchanges more than 6 Tbps tra c, and witnesses many network attacks every day. Our results show that network attacks, e.g., DDoS amplification attacks, can be successfully mitigated while the networks and services under attack continue to operate untroubled.EC/H2020/679158/EU/Resolving the Tussle in the Internet: Mapping, Architecture, and Policy Making/ResolutioNetDFG, FE 570/4-1, Gottfried Wilhelm Leibniz-Preis 201

Simulation of the distribution of chromosome targets in cell nuclei under topological constraints

Abstract. Several models for the distribution of subchromosomal targets under topological constraints were developed which take into account that chromosomes occupy distinct, mutually exclusive territories in the cell nucleus. Nuclei and two pairs of chromosome territories of various size were modeled by spheres or ellipsoids under the simplified assumption that the entire set of chromosome territories present in a diploid cell nucleus completely fills the nuclear interior and that each territory occupies a fraction of the nuclear volume proportional to its DNA content. Monte Carlo simulations of the distribution of the territory gravity centers were performed taking into account the constraint of territory extension by the nuclear boundary and the constraint of territory self avoidance, i.e. territories should not intersect each other. In addition, various assumptions were made with regard to the location of point-like targets either within or at the surface of two 'homologous' model territories. For each assumption the distance between the two point-like targets and between each target and the center of the model nucleus was calculated in Monte Carlo simulations and in part also analytically. The distribution of point-like targets in model nuclei under the influence of these topological constraints depends on the shape of the model nucleus and shows strong deviations from a model often applied in previous studies. In this model the random distribution of point-like targets was described under the assumption that such targets are distributed uniformly and independently from each other within the nuclear space without any constraints except for the nuclear boundary. All models were applied to experimentally measured distributions of chromosomal subregions delineated by fluorescence in situ hybridization with subregion specific probes. We demonstrate that a neglect of geometrical constraints in the simulation of target distributions can lead to erroneous conclusions of whether experimental target distributions occur in a random manner or not

3D-Voronoi Diagramme zur quantitativen Bildanalyse in der Interphase-Cytogenetik

Um die Anordnung von Chromosomen in Zellkernen der Interphase zu untersuchen, wurde ein Verfahren aus der Computergeometrie adaptiert. Dieser Ansatz basiert auf der Zerlegung von dreidimensionalen Bildvolumen mithilfe des Voronoi-Diagramms in konvexe Polyeder. Die graphenorientierte, geometrische Struktur dieses Verfahrens ermöglicht sowohl eine schnelle Extraktion von Objekten im Bildraum als auch die Berechnung morphologischer Parameter wie Volumina, Oberflächen und Rundheitsfaktoren. In diesem Beitrag wird exemplarisch die dreidimensionale Morphologie von XChromosomen in weiblichen Interphasezellkernen mithilfe dieser drei Parameter untersucht. Um diese Zellkerne mit lichtoptischen Methoden zu untersuchen, wurden die Territorien der X-Chromosomen mit einem molekularcytogenetischen Verfahren fluoreszierend dargestellt. Zur Unterscheidung des aktiven und inaktiven X-Chromosoms wurde das Barr-Körperchen zusätzlich markiert und mithilfe eines Epifluoreszenzmikroskops, ausgerüstet mit einer CCD-Kamera, aufgenommen. Anschließend wurden 1 2 - 2 5 äquidistante, lichtoptische Schnitte der X-Chromosomenterritorien mit einem konfokalen Laser Scanning Mikroskop (CLSM) aufgenommen. Diese lichtoptischen Schnitte wurden mithilfe des Voronoi-Verfahrens segmentiert und analysiert. Methoden aus der Computergraphik wurden zur Visualisierung der Ergebnisse eingesetzt. Es konnte gezeigt werden, daß mithilfe des Voronoi-Verfahrens Chromosomen- Territorien anhand der morphologischen Parameter zuverlässig beschrieben werden können

Inferring BGP blackholing activity in the Internet

The Border Gateway Protocol (BGP) has been used for decades as the de facto protocol to exchange reachability information among networks in the Internet. However, little is known about how this protocol is used to restrict reachability to selected destinations, e.g., that are under attack. While such a feature, BGP blackholing, has been available for some time, we lack a systematic study of its Internet-wide adoption, practices, and network efficacy, as well as the profile of blackholed destinations. In this paper, we develop and evaluate a methodology to automatically detect BGP blackholing activity in the wild. We apply our method to both public and private BGP datasets. We find that hundreds of networks, including large transit providers, as well as about 50 Internet exchange points (IXPs) offer blackholing service to their customers, peers, and members. Between 2014-2017, the number of blackholed prefixes increased by a factor of 6, peaking at 5K concurrently blackholed prefixes by up to 400 Autonomous Systems. We assess the effect of blackholing on the data plane using both targeted active measurements as well as passive datasets, finding that blackholing is indeed highly effective in dropping traffic before it reaches its destination, though it also discards legitimate traffic. We augment our findings with an analysis of the target IP addresses of blackholing. Our tools and insights are relevant for operators considering offering or using BGP blackholing services as well as for researchers studying DDoS mitigation in the Internet

REWORKED MESOZOIC RADIOLARIANS IN MIOCENE-PLIOCENE FORELAND SEDIMENTS IN THE ZAGROS BELT, IRAN

Micropaleontology can give important insights into the provenance and paleoenvironmental conditions in terrestrial sedimentary archives. For the current study, 84 samples representing a 2.6 km thick sedimentary profile from the SimplyFolded Zagros Mountain Belt were investigated. They span ca. 10.2 my from the late Middle Miocene (Serravallian) to the earliest Pleistocene (Gelasian), and comprised floodplain sediments and saline mudstones with an aeolian contribution. The mudstones revealed a unique Cretaceous radiolarian assemblage comprising largely of cryptothoracic Nassellarians and spherical spumellarians. This record highlights the reworking of sediments derived from Cretaceous Qulqula- Kermanshah radiolarian claystones and radiolarites in the Imbricated Zagros belt into the distal Neogene Zagros foreland sediments in Lurestan (Lurestan Arc). The high abundance of Holocryptocanium barbui (Dumitrica) and other cryptothoracic taxa compared to the Qulqula- Kermanshah radiolarian claystones and radiolarites potentially indicates a preferred erosion of softer units such as the Red Radiolarian Claystone Unit (RRCU) compared to harder radiolarian cherts. The observation of a reworked largely cryptothoracic assemblage might also point to additional sorting effects during fluvial and aeolian transport as well as during redeposition, depending on the morphology and hydrodynamic properties of individual radiolarian taxa

ENDEAVOUR: A Scalable SDN Architecture For Real-World IXPs.

Innovation in interdomain routing has remained stagnant for over a decade. Recently, IXPs have emerged as economically-advantageous interconnection points for reducing path latencies and exchanging ever increasing traffic volumes among, possibly, hundreds of networks. Given their far-reaching implications on interdomain routing, IXPs are the ideal place to foster network innovation and extend the benefits of SDN to the interdomain level. In this paper, we present, evaluate, and demonstrate EN- DEAVOUR, an SDN platform for IXPs. ENDEAVOUR can be deployed on a multi-hop IXP fabric, supports a large number of use cases, and is highly-scalable while avoiding broadcast storms. Our evaluation with real data from one of the largest IXPs, demonstrates the benefits and scalability of our solution: ENDEAVOUR requires around 70% fewer rules than alternative SDN solutions thanks to our rule partitioning mechanism. In addition, by providing an open source solution, we invite ev- eryone from the community to experiment (and improve) our implementation as well as adapt it to new use cases.European Union’s Horizon 2020 research and innovation programme under the ENDEAVOUR project (grant agreement 644960)

Silicon-organic hybrid photonics: Overview of recent advances, electro-optical effects and CMOS-integration concepts

In recent decades, much research effort has been invested in the development of photonic integrated circuits, and silicon-on-insulator technology has been established as a reliable platform for highly scalable silicon-based electro-optical modulators. However, the performance of such devices is restricted by the inherent material properties of silicon. An approach to overcoming these deficiencies is to integrate organic materials with exceptionally high optical nonlinearities into a silicon-on-insulator photonic platform. Silicon–organic hybrid photonics has been shown to overcome the drawbacks of silicon-based modulators in terms of operating speed, bandwidth, and energy consumption. This work reviews recent advances in silicon–organic hybrid photonics and covers the latest improvements to single components and device concepts. Special emphasis is given to the in-device performance of novel electro-optical polymers and the use of different electro-optical effects, such as the linear and quadratic electro-optical effect, as well as the electric-field-induced linear electro-optical effect. Finally, the inherent challenges of implementing non-linear optical polymers on a silicon photonic platform are discussed and a perspective for future directions is given