Isolation of malicious external inputs in a security focused adaptive execution environment

pre-printReliable isolation of malicious application inputs is necessary for preventing the future success of an observed novel attack after the initial incident. In this paper we describe, measure and analyze, Input-Reduction, a technique that can quickly isolate malicious external inputs that embody unforeseen and potentially novel attacks, from other benign application inputs. The Input-Reduction technique is integrated into an advanced, security-focused, and adaptive execution environment that automates diagnosis and repair. In experiments we show that Input-Reduction is highly accurate and efficient in isolating attack inputs and determining casual relations between inputs. We also measure and show that the cost incurred by key services that support reliable reproduction and fast attack isolation is reasonable in the adaptive execution environment

General Terms

In this paper, we describe the prevention-focused and adaptive middleware mechanisms implemented as part of the Advanced Adaptive Applications (A3) Environment that we are developing as a near-application and application-focused cyber-defense technology under the DARPA Clean-slate design of Resilient, Adaptive, Secure Hosts (CRASH) program

Mapping local patterns of childhood overweight and wasting in low- and middle-income countries between 2000 and 2017

A double burden of malnutrition occurs when individuals, household members or communities experience both undernutrition and overweight. Here, we show geospatial estimates of overweight and wasting prevalence among children under 5 years of age in 105 low- and middle-income countries (LMICs) from 2000 to 2017 and aggregate these to policy-relevant administrative units. Wasting decreased overall across LMICs between 2000 and 2017, from 8.4% (62.3 (55.1–70.8) million) to 6.4% (58.3 (47.6–70.7) million), but is predicted to remain above the World Health Organization’s Global Nutrition Target of <5% in over half of LMICs by 2025. Prevalence of overweight increased from 5.2% (30 (22.8–38.5) million) in 2000 to 6.0% (55.5 (44.8–67.9) million) children aged under 5 years in 2017. Areas most affected by double burden of malnutrition were located in Indonesia, Thailand, southeastern China, Botswana, Cameroon and central Nigeria. Our estimates provide a new perspective to researchers, policy makers and public health agencies in their efforts to address this global childhood syndemic

Mapping inequalities in exclusive breastfeeding in low- and middle-income countries, 2000–2018

Exclusive breastfeeding (EBF)—giving infants only breast-milk for the first 6 months of life—is a component of optimal breastfeeding practices effective in preventing child morbidity and mortality. EBF practices are known to vary by population and comparable subnational estimates of prevalence and progress across low- and middle-income countries (LMICs) are required for planning policy and interventions. Here we present a geospatial analysis of EBF prevalence estimates from 2000 to 2018 across 94 LMICs mapped to policy-relevant administrative units (for example, districts), quantify subnational inequalities and their changes over time, and estimate probabilities of meeting the World Health Organization’s Global Nutrition Target (WHO GNT) of ≥70% EBF prevalence by 2030. While six LMICs are projected to meet the WHO GNT of ≥70% EBF prevalence at a national scale, only three are predicted to meet the target in all their district-level units by 2030

End-to-End Consistency of Multi-Tier Operations Across Mixed Replicated and Unreplicated Components ∗ ABSTRACT

While distributed applications need replication for the purposes of fault-tolerance, realistic and feasible deployments cannot afford to replicate every single component within the system. Potentially, over the lifecycle of such deployments, the consistency and fault-tolerant properties might be compromised when replicated and unreplicated components interact. We describe some of the challenges in providing endto-end fault-tolerance under the mixed semantics. Our approach facilitates communication between the unreplicated and replicated components of a distributed client-server application, without compromising the consistency of the replicated servers and without restricting any concurrent TCP semantics that unreplicated clients expect. We describe the resulting architectural and implementation enhancements to the MEAD system and provide an empirical evaluation of our new mechanisms. 1

End-to-End Consistency of Multi-Tier Operations Across Mixed Replicated and Unreplicated Components

While distributed applications need replication for the purposes of fault-tolerance, realistic and feasible deployments cannot afford to replicate every single component within the system. Potentially, over the lifecycle of such deployments, the consistency and fault-tolerant properties might be com- promised when replicated and unreplicated components interact. We describe some of the challenges in providing end- to-end fault-tolerance under the mixed semantics. Our approach facilitates communication between the unreplicated and replicated components of a distributed client-server application, without compromising the consistency of the replicated servers and without restricting any concurrent TCP semantics that unreplicated clients expect. We describe the resulting architectural and implementation enhancements to the MEAD system and provide an empirical evaluation of our new mechanisms