BGP Hijacking Classification

Recent reports show that BGP hijacking has increased substantially. BGP hijacking allows malicious ASes to obtain IP prefixes for spamming as well as intercepting or blackholing traffic. While systems to prevent hijacks are hard to deploy and require the cooperation of many other organizations, techniques to detect hijacks have been a popular area of study. In this paper, we classify detected hijack events in order to document BGP detectors output and understand the nature of reported events. We introduce four categories of BGP hijack: typos, prepending mistakes, origin changes, and forged AS paths. We leverage AS hegemony-a measure of dependency in AS relationship-to identify forged AS paths in a fast and efficient way. Besides, we utilize heuristic approaches to find common operators\u27 mistakes such as typos and AS prepending mistakes. The proposed approach classifies our collected ground truth into four categories with 95.71% accuracy. We characterize publicly reported alarms (e.g. BGPMon) with our trained classifier and find 4%, 1%, and 2% of typos, prepend mistakes, and BGP hijacking with a forged AS path, respectively

Managing Risk of IT Disruptions in Healthcare Settings: A Continuity of Operations Planning Process

Over the last few decades, a rapid adoption of information technologies in nearly every facet of patient care in healthcare settings has taken place; the recent U.S. government emphasis on the utilization of IT in healthcare will only serve to increase the dependency of care providers on IT. As IT becomes increasingly central to clinical and business practice, health care institutions must become increasingly vigilant about preparations for continuity of operations when normal IT functions are disrupted. In this paper we describe the development and use of a process designed to manage the risk to patient safety and clinical operations due to IT and communications failures; this process includes identifying critical applications and formulating plans for organizational and departmental responses in cases of IT and communication failures. Lessons learned will be discussed in the context of enabling other healthcare organizations to use this process

An experimental comparison of hypothesis management approaches for process query systems

A Process Query System (PQS) is a generic software system that can be used in tracking applications across a variety of domains. As in most other tracking systems, multiple hypotheses about which reports are assigned to which tracks must be maintained. Since the number of hypotheses that are possible can be exponential in the number of reports, some technique for managing a pool of the best candidate hypotheses must be used. In this paper, we compare a genetic algorithm approach and a hypothesis clustering approach with the basic top-H pruning policy. Metrics for comparison include performance accuracy and computational requirements. Simulations show positive results for both of these approaches and suggest that the clustering approach has the best overall performance. Other experiments indicate that the genetic algorithm technique can converge over time to the ground truth

Alcohol-drinking during later life by C57BL/6J mice induces sex- and age-dependent changes in hippocampal and prefrontal cortex expression of glutamate receptors and neuropathology markers

Heavy drinking can induce early-onset dementia and increase the likelihood of the progression and severity of Alzheimer's Disease and related dementias (ADRD). Recently, we showed that alcohol-drinking by mature adult C57BL/6J mice induces more signs of cognitive impairment in females versus males without worsening age-related cognitive decline in aged mice. Here, we immunoblotted for glutamate receptors and protein markers of ADRD-related neuropathology within the hippocampus and prefrontal cortex (PFC) of these mice after three weeks of alcohol withdrawal to determine protein correlates of alcohol-induced cognitive decline. Irrespective of alcohol history, age-related changes in protein expression included a male-specific decline in hippocampal glutamate receptors and an increase in the expression of a beta-site amyloid precursor protein cleaving enzyme (BACE) isoform in the PFC as well as a sex-independent increase in hippocampal amyloid precursor protein. Alcohol-drinking was associated with altered expression of glutamate receptors in the hippocampus in a sex-dependent manner, while all glutamate receptor proteins exhibited significant alcohol-related increases in the PFC of both sexes. Expression of BACE isoforms and phosphorylated tau varied in the PFC and hippocampus based on age, sex, and drinking history. The results of this study indicate that withdrawal from a history of alcohol-drinking during later life induces sex- and age-selective effects on glutamate receptor expression and protein markers of ADRD-related neuropathology within the hippocampus and PFC of potential relevance to the etiology, treatment and prevention of alcohol-induced dementia and Alzheimer's Disease

Down the Black Hole: {D}ismantling Operational Practices of {BGP} Blackholing at {IXPs}

Large Distributed Denial-of-Service (DDoS) attacks pose a major threat not only to end systems but also to the Internet infrastructure as a whole. Remote Triggered Black Hole filtering (RTBH) has been established as a tool to mitigate inter-domain DDoS attacks by discarding unwanted traffic early in the network, e.g., at Internet eXchange Points (IXPs). As of today, little is known about the kind and effectiveness of its use, and about the need for more fine-grained filtering. In this paper, we present the first in-depth statistical analysis of all RTBH events at a large European IXP by correlating measurements of the data and the control plane for a period of 104 days. We identify a surprising practise that significantly deviates from the expected mitigation use patterns. First, we show that only one third of all 34k visible RTBH events correlate with indicators of DDoS attacks. Second, we witness over 2000 blackhole events announced for prefixes not of servers but of clients situated in DSL networks. Third, we find that blackholing on average causes dropping of only 50% of the unwanted traffic and is hence a much less reliable tool for mitigating DDoS attacks than expected. Our analysis gives also rise to first estimates of the collateral damage caused by RTBH-based DDoS mitigation

Each patient is a research biorepository: informatics-enabled research on surplus clinical specimens via the living BioBank.

The ability to analyze human specimens is the pillar of modern-day translational research. To enhance the research availability of relevant clinical specimens, we developed the Living BioBank (LBB) solution, which allows for just-in-time capture and delivery of phenotyped surplus laboratory medicine specimens. The LBB is a system-of-systems integrating research feasibility databases in i2b2, a real-time clinical data warehouse, and an informatics system for institutional research services management (SPARC). LBB delivers deidentified clinical data and laboratory specimens. We further present an extension to our solution, the Living µBiome Bank, that allows the user to request and receive phenotyped specimen microbiome data. We discuss the details of the implementation of the LBB system and the necessary regulatory oversight for this solution. The conducted institutional focus group of translational investigators indicates an overall positive sentiment towards potential scientific results generated with the use of LBB. Reference implementation of LBB is available at https://LivingBioBank.musc.edu