We have to go back: A Historic IP Attribution Service for Network Measurement

Researchers and practitioners often face the issue of having to attribute anIP address to an organization. For current data this is comparably easy, usingservices like whois or other databases. Similarly, for historic data, severalentities like the RIPE NCC provide websites that provide access to historicrecords. For large-scale network measurement work, though, researchers oftenhave to attribute millions of addresses. For current data, Team Cymru providesa bulk whois service which allows bulk address attribution. However, at thetime of writing, there is no service available that allows historic bulkattribution of IP addresses. Hence, in this paper, we introduce and evaluateour `Back-to-the-Future whois' service, allowing historic bulk attribution ofIP addresses on a daily granularity based on CAIDA Routeviews aggregates. Weprovide this service to the community for free, and also share ourimplementation so researchers can run instances themselves.<br

Testen komplexer digitaler Schaltungen mit Python

Die Verifikation von digitalen Schaltungen nimmt heutzutage einen bedeutenden Stellenwert ein. In diesem Paper wird ein Weg beschrieben, der die Erstellung und Wartung von funktionalen Testbenches für digitale Designs unterstützt. Für viele Projekte übersteigt der zeitliche Aufwand für das Testen den Aufwand für die Implementierung der Schaltung. In vielen Fällen beträgt der Aufwand für das Testen bereits 70% des Entwicklungsaufwands (Bergeron, 2000). Typischerweise wird die Testbench auch in der gewählten Hardwarebeschreibungssprache (VHDL oder Verilog) implementiert. Diese Sprachen stellen jedoch nicht die beste Wahl für Verifikationsbelange dar. Gründe dafür sind darin zu suchen, dass diese Sprachen wichtige Konzepte aus den Softwaresprachen (wie z.B. Objektorientierung) nicht kennen. Weiters stehen komfortable Softwarebibliotheken (Zufallszahlengenerierung, Stringverarbeitung, etc.) den Hardwaresprachen nicht zur Verfügung. In diesem Paper wird der Einsatz der Programmiersprache Python (PythonHomepage, 2003; Beazley, 2001) für die Verifikation vorgeschlagen, um die benötigte Zeit für die Funktionalen Tests zu reduzieren

Hexamerization-enhanced CD20 antibody mediates complement-dependent cytotoxicity in serum genetically deficient in C9

We examined complement-dependent cytotoxicity (CDC) by hexamer formation-enhanced CD20 mAb Hx-7D8 of patient-derived chronic lymphocytic leukemia (CLL) cells that are relatively resistant to CDC. CDC was analyzed in normal human serum (NHS) and serum from an individual genetically deficient for C9. Hx-7D8 was able to kill up to 80% of CLL cells in complete absence of C9. We conclude that the narrow C5b-8 pores formed without C9 are sufficient for CDC due to efficient antibody-mediated hexamer formation. In the absence of C9, we observed transient intracellular increases of Ca2 + during CDC (as assessed with FLUO-4) that were extended in time. This suggests that small C5b-8 pores allow Ca2 + to enter the cell, while dissipation of the fluorescent signal accompanying cell disintegration is delayed. The Ca2 + signal is retained concomitantly with TOPRO-3 (viability dye) staining, thereby confirming that Ca2 + influx represents the most proximate mediator of cell death by CDC

Evasive Malware via Identifier Implanting

To cope with the increasing number of malware attacks that organizations face, anti-malware appliances and sandboxes have become an integral security defense. In particular, appliances have become the de facto standard in the fight against targeted attacks. Yet recent incidents have demonstrated that malware can effectively detect and thus evade sandboxes, resulting in an ongoing arms race between sandbox developers and malware authors. We show how attackers can escape this arms race with what we call customized malware, i.e., malware that only exposes its malicious behavior on a targeted system. We present a web-based reconnaissance strategy, where an actor leaves marks on the target system such that the customized malware can recognize this particular system in a later stage, and only then exposes its malicious behavior. We propose to implant identifiers into the target system, such as unique entries in the browser history, cache, cookies, or the DNS stub resolver cache. We then prototype a customized malware that searches for these implants on the executing environment and denies execution if implants do not exist as expected. This way, sandboxes can be evaded without the need to detect artifacts that witness the existence of sandboxes or a real system environment. Our results show that this prototype remains undetected on commercial malware security appliances, while only exposing its real behavior on the targeted system. To defend against this novel attack, we discuss countermeasures and a responsible disclosure process to allow appliances vendors to prepare for such attacks

Eculizumab treatment: stochastic occurrence of C3 binding to individual PNH erythrocytes

C5 blockade by eculizumab prevents complement-mediated intravascular hemolysis in paroxysmal nocturnal hemoglobinuria (PNH). However, C3-bound PNH red blood cells (RBCs), arising in almost all treated patients, may undergo extravascular hemolysis reducing clinical benefits. Despite the uniform deficiency of CD55 and of CD59, there are always two distinct populations of PNH RBCs, with (C3+) and without (C3-) C3 binding

Single-molecule kinetics of pore assembly by the membrane attack complex

The membrane attack complex (MAC) is a hetero-oligomeric protein assembly that kills pathogens by perforating their cell envelopes. The MAC is formed by sequential assembly of soluble complement proteins C5b, C6, C7, C8 and C9, but little is known about the rate-limiting steps in this process. Here, we use rapid atomic force microscopy (AFM) imaging to show that MAC proteins oligomerize within the membrane, unlike structurally homologous bacterial pore-forming toxins. C5b-7 interacts with the lipid bilayer prior to recruiting C8. We discover that incorporation of the first C9 is the kinetic bottleneck of MAC formation, after which rapid C9 oligomerization completes the pore. This defines the kinetic basis for MAC assembly and provides insight into how human cells are protected from bystander damage by the cell surface receptor CD59, which is offered a maximum temporal window to halt the assembly at the point of C9 insertion