viruses con t
play

Viruses cont 1 Changelog Corrections made in this version not in - PowerPoint PPT Presentation

Aug 16, 2022 •116 likes •1.24k views

Viruses cont 1 Changelog Corrections made in this version not in fjrst posting: 6 Feb 2017: slide 62: mov %ebp, %esp corrected to mov %esp, %ebp 1 ASM assignment is out 2 anonymous feedback Please make the homeworks due at midnight

  1. dynamic linking cavity NULL --- end of linker info ................ 600fe8 00000000 00000000 00000000 00000000 ................ 600fd8 00000000 00000000 00000000 00000000 ................ 600fc8 00000000 00000000 00000000 00000000 ................ 600fb8 00000000 00000000 00000000 00000000 unused! (and below) ................ 600fa8 00000000 00000000 00000000 00000000 ................ .dynamic section — data structure used by 600f98 00000000 00000000 00000000 00000000 VERSYM (required library version info at) 0x400356 ...o....V.@..... 600f88 f0ffff6f 00000000 56034000 00000000 ... several non-empty entries ... ................ 600e28 01000000 00000000 01000000 00000000 Contents of section .dynamic: terminated by type == 0 entry format: list of 8-byte type, 8-byte value dynamic linker: 35

  2. is there enough empty space? cavities look awfully small really small viruses? solution: chain cavities together 36

  3. case study: CIH (1) original executable virus startup code virus code locs virus code part 1 virus code part 2 virus code part 3 37

  4. case study: CIH (2) virus startup code virus code locs virus code part 1 virus code part 2 virus code part 3 in memory: virus code part 1 virus code part 2 virus code part 3 38

  5. CIH cavities gaps between sections probably means kilobytes of cavity in typical binary normal Linux linker doesn’t do this smaller executables but less convenient for linker+loader reassembling: unsplit multibyte instructions 39 common Windows linker aligned sections (align = start on address multiple of N , e.g. 4096 )

  6. where to put code: options one or more of: replacing executable code after executable code (Vienna) in unused executable code inside OS code in memory 40

  7. boot process processor reset BIOS/EFI (chip on motherboard) bootloader operating system very CPU/motherboard-specifjc code fjxed location on disk code that understands fjles fjles in a fjlesystem 41

  8. boot process processor reset BIOS/EFI (chip on motherboard) bootloader operating system very CPU/motherboard-specifjc code fjxed location on disk code that understands fjles fjles in a fjlesystem 41

  9. bootloaders in the DOS era used to be common to boot from fmoppies default to booting from fmoppy if present even if hard drive to boot from applications distributed as bootable fmoppies so bootloaders on all devices were a target for viruses 42

  10. historic bootloader layout bootloader in fjrst sector (512 bytes) of device (along with partition information) code in BIOS to copy bootloader into RAM, start running bootloader responsible for disk I/O etc. some library-like functionality in BIOS for I/O 43

  11. bootloader viruses example: Stoned data here??? partition table bootloader partition table virus code saved bootloader partition table (unused) 44

  12. bootloader viruses example: Stoned data here??? partition table bootloader partition table virus code saved bootloader partition table (unused) 44

  13. data here??? might be data there — risk some unused space after partition table/boot loader common (allegedly) also be fjlesystem metadata not used on smaller fmoppies/disks but could be wrong — oops 45

  14. modern bootloaders — UEFI BIOS-based boot is going away (slowly) new thing: UEFI (Universal Extensible Firmware Interface) like BIOS: library functionality for bootloaders loads initial code from disk/DVD/etc. unlike BIOS: much more understanding of fjle systems much more modern set of library calls 46

  15. modern bootloaders — secure boot “Secure Boot” is a common feature of modern bootloaders idea: UEFI/BIOS code checks bootloader code, fails if not okay requires user intervention to use not-okay code 47

  16. Secure Boot and keys Secure Boot relies on cryptographic signatures idea: accept only “legitimate” bootloaders legitimate: known authority vouched for them user control of their own systems? in theory: can add own keys what about changing OS instead of bootloader? need smart bootloader 48

  17. boot process processor reset BIOS/EFI (chip on motherboard) bootloader operating system very CPU/motherboard-specifjc code fjxed location on disk code that understands fjles fjles in a fjlesystem 49

  18. BIOS/UEFI implants infrequent BIOS/UEFI update may require physical access BIOS/UEFI code may require cryptographic signatures reports of BIOS/UEFI-infecting “implants” sold by Hacking Team (Milan-based malware company) listed in leaked NSA Tailored Access Group catalog 50 BIOS/UEFI code is very non-portable …but very hard to remove — “persist” other malware

  19. boot process processor reset BIOS/EFI (chip on motherboard) bootloader operating system very CPU/motherboard-specifjc code fjxed location on disk code that understands fjles fjles in a fjlesystem 51

  20. system fjles simpliest strategy: stufg that runs when you start your computer add a new startup program, run in the background easy to blend in alternatively, infect one of many system programs automatically run 52

  21. memory residence malware wants to keep doing stufg one option — background process (easy on modern OSs) also stealthy options: insert self into OS code insert self into other running programs more commonly, OS code used for hiding malware topic for later 53

  22. 54

  23. virus choices where to put code how to get code ran 55

  24. invoking virus code: options boot loader change starting location alternative approaches: “entry point obscuring” edit code that’s going to run anyways replace a function pointer (or similar) … 56

  25. invoking virus code: options boot loader change starting location alternative approaches: “entry point obscuring” edit code that’s going to run anyways replace a function pointer (or similar) … 56

  26. starting locations /bin/ls: file format elf64-x86-64 /bin/ls architecture: i386:x86-64, flags 0x00000112: EXEC_P, HAS_SYMS, D_PAGED modern executable formats have ‘starting address’ fjeld just change it, insert jump to old address after virus code 57 start address 0x00000000004049a0

  27. invoking virus code: options boot loader change starting location alternative approaches: “entry point obscuring” edit code that’s going to run anyways replace a function pointer (or similar) … 58

  28. run anyways? add code at start of program (Vienna) any random place in program? YYYYYYY jmpq e9 XX XX XX XX 404a01: replace with 0x0(%rax) nopl 0f 1f 40 00 404a02: retq c3 404a01: return with padding after it: 59 just not in the middle of instruction

  29. challenge: valid locations x86: probably don’t want a full instruction parser x86: might be non-instruction stufg mixed in with code: do_some_floating_point_stuff: movss float_one(%rip), %xmm0 ... retq float_one: .float 1 fmoating point value one ( 00 00 80 3f ) is not valid machine code disassembler might lose track of instruction boundaries 60

  30. fjnding function calls one idea: replace calls normal x86 call FOO: E8 (32-bit value: PC - address of foo) probably even if one excludes out-of-range addresses 61 could look for E8 in code — lots of false positives

  31. really fjnding function calls e.g. some popular compilers started x86-32 functions with foo: push % ebp // push old frame pointer // 0x55 mov % esp , % ebp // set frame pointer to stack pointer // 0x89 0xec use to identify when e8 refers to real function (full version: also have some other function start patterns) 62

  32. remember stubs? e8 XX XX XX XX in known location (particular section of executable) 4003f0 <_init+0x28> jmpq e9 e0 ff ff ff 40040b: $0x0 pushq 68 00 00 00 00 400406: nop 90 400405: jmpq virus_code 400400: 0000000000400400 <puts@plt>: replace with: 4003f0 <_init+0x28> jmpq e9 e0 ff ff ff 40040b: $0x0 pushq 68 00 00 00 00 400406: /* 0x200c12+RIP = _GLOBAL_OFFSET_TABLE_+0x18 */ *0x200c12(%rip) jmpq ff 25 12 0c 20 00 400400: 63

  33. invoking virus code: options boot loader change starting location alternative approaches: “entry point obscuring” edit code that’s going to run anyways replace a function pointer (or similar) … 64

  34. stubs again 40040b: originally: pointer 0x400406 ; new — virus code stored in data section of executable _GLOBAL_OFFSET_TABLE don’t edit stub — edit initial value of 4003f0 <_init+0x28> jmpq e9 e0 ff ff ff $0x0 0000000000400400 <puts@plt>: pushq 68 00 00 00 00 400406: /* 0x200c12+RIP = _GLOBAL_OFFSET_TABLE_+0x18 */ *0x200c12(%rip) jmpq ff 25 12 0c 20 00 400400: 65

  35. relocations? 0000000000601018 R_X86_64_JUMP_SLOT but…same idea works on shared library itself Linux — need to link with -rdynamic table) (symbols from debugger/disassembler are a difgerent dynamic symbol table tricky — usually no symbols from executable in __libc_start_main@GLIBC_2.2.5 0000000000601020 R_X86_64_JUMP_SLOT _start + offset_of_virus replace with: hello.exe: puts@GLIBC_2.2.5 0000000000601018 R_X86_64_JUMP_SLOT __gmon_start__ 0000000000600ff8 R_X86_64_GLOB_DAT VALUE TYPE OFFSET DYNAMIC RELOCATION RECORDS file format elf64-x86-64 66

  36. relocations? 0000000000601018 R_X86_64_JUMP_SLOT but…same idea works on shared library itself Linux — need to link with -rdynamic table) (symbols from debugger/disassembler are a difgerent dynamic symbol table tricky — usually no symbols from executable in __libc_start_main@GLIBC_2.2.5 0000000000601020 R_X86_64_JUMP_SLOT _start + offset_of_virus replace with: hello.exe: puts@GLIBC_2.2.5 0000000000601018 R_X86_64_JUMP_SLOT __gmon_start__ 0000000000600ff8 R_X86_64_GLOB_DAT VALUE TYPE OFFSET DYNAMIC RELOCATION RECORDS file format elf64-x86-64 66

  37. infecting shared libraries kernel32.dll header symbol table GetFileAttributesA … kernel32.dll header symbol table virus code GetFileAttributesA … 67

  38. summary how to hide: separate executable append existing “unused” space compression how to run: change entry point or “entry point obscuring”: change some code (requires care!) change library 68

  39. anti-malware strategies antivirus goals: prevent malware from running prevent malware from spreading undo the efgects of malware 69

  40. malware detection important part: detecting malware simple way: have a copy of a malicious executable compare every program to it how big? every executable infected with every virus? when? how fast? 70

  41. malware detection important part: detecting malware simple way: have a copy of a malicious executable compare every program to it how big? every executable infected with every virus? when? how fast? 70

  42. malware detection important part: detecting malware simple way: have a copy of a malicious executable compare every program to it how big? every executable infected with every virus? when? how fast? 70

  43. malware “signatures” antivirus vendor have “signatures” for known malware many options to represent signatures thought process: signature for Vienna? 71

  44. exercise: signatures for Vienna mov $0x288, %cx ret xor %di, %di push %di mov $0x0100 %di xor %dx, %dx xor %bx, %bx xor %ax, %ax pop %cx ... int 0x21 sub $0x1f9, %dx mov $si, $dx mov $0x40 % ah ... jmp 0x0700 mov %cx, (%di) sub $0x1f7, %di mov %si, %di add $0x2f9, %cx ... ... rep movsb mov $3, %cx mov $0x0100, %di ... mov $0x8f9, %si push %cx ... mov $0x9e4e, %si 72

  45. simple signature all the code Vienna copies … except changed mov to %si virus doesn’t change it to relocate includes infection code — defjnitely malicious 73

  46. signature generality the Vienna virus was copied a bunch of times small changes, “payloads” added print messages, do malicious things, … this signature will not detect any variants can we do better? 74

  47. simple signature (2) Vienna infection code scans directory, fjnds fjles likely to stay the same in variants… …except that virus writer’s will change it 75

  48. Anti- Virus Anti- Virus Virus Virus d d n n a a

  49. signature checking how fast is signature checking? clever trick: only read end of fjle (where virus code will be) very fast 77

  50. generalizing the signature another possibility: detect writing to 0x100 0x100 was DOS program entry code — no program should do this problem: how to represent this 78

  51. regular expressions one method of representing patterns like this: regular expressions (regexes) restricted language allows very fast implementations especially when there’s a long list of patterns to look for homework assignment next week more next class along with other anti-virus techniques 79

  52. anti-virus: essential or worthless? ungraded homework assignment watch Hanno Böck’s talk “In Search of Evidence-Based IT Security” a rant mostly about antivirus-like software 80

  53. Case Study: Vienna Virus Vienna: virus from the 1980s This version: published in Ralf Burger, “Computer Viruses: a high-tech disease” (1988) targetted COM-format executables on DOS 81

  54. Diversion: .COM fjles .COM is a very simple executable format no header, no segments, no sections fjle contents loaded at fjxed address 0x0100 execution starts at 0x0100 everything is read/write/execute (no virtual memory) 82

  55. Vienna: infection 0x0700: infected ... .bytes 0xb9 0x28 0x4f 0x0903: ... ret xor %di, %di push %di mov $0x0100, %di ... rep movsb mov $3, %cx mov $0x100, %di push %cx ... 0x0100: push %ds mov $0x4f28, %cx /* b9 28 4f */ 0x0103: mov $0x9e4e, %si /* be 4e 9e */ mov %si, %di /* more normal 0x0103: mov $0x9e4e, %si program code */ .... 0x0700: /* end */ uninfected 0x0100: jmp 0x0700 83 ... // %si ← 0x903

  56. Vienna: “fjxup” mov $3, %cx // bytes changed 0x903: .byte 0xb9 .byte 0x28 .byte 0x4f // saved copy of original application code ... ... rep movsb /* copy %cx bytes from (%si) to (%di) */ mov $0x100, %di // target address 0x0700: add $0xa, %si // offset of saved code in data // can't use another register // movsb uses %si, so mov %si, %dx // save %si push %cx // initial value of %cx matters?? 84 mov $0x8fd, %si // %si ← beginning of data

  57. Vienna: “fjxup” mov $3, %cx // bytes changed // saved copy of original application code ... ... rep movsb /* copy %cx bytes from (%si) to (%di) */ mov $0x100, %di // target address 0x0700: add $0xa, %si // offset of saved code in data // can't use another register // movsb uses %si, so mov %si, %dx // save %si push %cx // initial value of %cx matters?? 84 mov $0x8fd, %si // %si ← beginning of data 0x903: .byte 0xb9 .byte 0x28 .byte 0x4f

  58. Vienna: “fjxup” mov $3, %cx // bytes changed 0x903: .byte 0xb9 .byte 0x28 .byte 0x4f // saved copy of original application code ... ... rep movsb /* copy %cx bytes from (%si) to (%di) */ mov $0x100, %di // target address 0x0700: add $0xa, %si // offset of saved code in data // can't use another register // movsb uses %si, so mov %si, %dx // save %si push %cx // initial value of %cx matters?? 84 mov $0x8fd, %si // %si ← beginning of data

  59. Vienna: return 0x08e7: pop %cx // restore initial value of %cx, %sp xor %bx, %bx xor %dx, %dx xor %si, %si // push 0x0100 mov $0x0100, %di push %di // pop 0x0100 from stack // jmp to 0x0100 ret question: why not just jmp 0x0100 ? 85 xor %ax, %ax // %ax ← 0 xor %di, %di // %di ← 0

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Polymorphic &amp; Metamorphic Viruses CS4440/7440 Spring 2015 Evolution of Polymorphic Viruses

Polymorphic &amp; Metamorphic Viruses CS4440/7440 Spring 2015 Evolution of Polymorphic Viruses

Polymorphic &amp; Metamorphic Viruses CS4440/7440 Spring 2015 Evolution of Polymorphic Viruses (1) } Why polymorphism? } Anti-virus scanners detect viruses by looking for signatures (snippets of known virus code) } Virus writers

641 views • 40 slides
VIRUSES &amp; PRIONS Infect perorally, shed in feces TRANSMITTED VIA FOOD AND WATER

VIRUSES &amp; PRIONS Infect perorally, shed in feces TRANSMITTED VIA FOOD AND WATER

Food- and waterborne viruses Human enteric viruses Specific for humans VIRUSES &amp; PRIONS Infect perorally, shed in feces TRANSMITTED VIA FOOD AND WATER Classification: size, nucleic acid type, appearance Dean O. Cliver

479 views • 17 slides
Immunity to Viruses Patricia Fitzgerald-Bocarsly September 25, 2008 The Immune System Deals with

Immunity to Viruses Patricia Fitzgerald-Bocarsly September 25, 2008 The Immune System Deals with

Immunity to Viruses Patricia Fitzgerald-Bocarsly September 25, 2008 The Immune System Deals with a Huge Range of Pathogens Roitt, 2003 Immune Responses to Viruses Viruses are dependent on the host cell genetic material to replicate

598 views • 31 slides
VIRUSES AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses

VIRUSES AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses

VIRUSES AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses Intrusion detection Behavioral detection Firewalls Virus/antivirus Application firewalls coevolution paper discussed

551 views • 40 slides
Relationships of Viruses &amp; Bacteria to Disease Virtual Science University 1 Relationships

Relationships of Viruses &amp; Bacteria to Disease Virtual Science University 1 Relationships

Relationships of Viruses &amp; Bacteria to Disease Virtual Science University 1 Relationships of Viruses &amp; Bacteria to Disease Texas TEK B.4 (C) Student will compare the structures and functions of viruses to cells and describe the role

584 views • 34 slides
influenza 18.2 Viral Structure and Reproduction TEKS 4C KEY CONCEPT Viruses exist in a variety

influenza 18.2 Viral Structure and Reproduction TEKS 4C KEY CONCEPT Viruses exist in a variety

18.2 Viral Structure and Reproduction TEKS 4C The student is expected to: 4C Compare the structures of viruses to cells, describe viral reproduction, and describe the role of viruses in causing diseases such as human immunodeficiency virus

457 views • 17 slides
Viruses in Cam ellias Sim on W . Scott Clem son University 1 I n plants all viruses are

Viruses in Cam ellias Sim on W . Scott Clem son University 1 I n plants all viruses are

Viruses in Cam ellias Sim on W . Scott Clem son University 1 I n plants all viruses are graft-transm issible agents but Not all graft-transm issible agents are viruses 2 As you are all w ell aw are cam ellias are perennial plants, have

432 views • 25 slides
Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses, diseases Online viruses, worms Fashion Adoption of technologies Behavior Ideas Example: Ebola virus First emerged in Zaire

621 views • 29 slides
Viruses, Cells, and Diseases (CIOC5125Q) Retrovirus (Raymond B. Birge, PhD) October 9th, 2008

Viruses, Cells, and Diseases (CIOC5125Q) Retrovirus (Raymond B. Birge, PhD) October 9th, 2008

Viruses, Cells, and Diseases (CIOC5125Q) Retrovirus (Raymond B. Birge, PhD) October 9th, 2008 Oncogenic Viruses Definition: A virus that is able to take residence in a cell and alter cellular growth and give properties of neoplasia. These

777 views • 54 slides
Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses, diseases Online viruses, worms Fashion Adoption of technologies Behavior Ideas Example: Ebola virus First emerged in

519 views • 26 slides
Computer Viruses in Urban Indian Telecenters: Characterizing an Unsolved Problem Prasanta

Computer Viruses in Urban Indian Telecenters: Characterizing an Unsolved Problem Prasanta

Computer Viruses in Urban Indian Telecenters: Characterizing an Unsolved Problem Prasanta Bhattacharya and Bill Thies Microsoft Research India NSDR 2011 Computer Viruses in the Developing World Cited as a major problem In Ghana [Best

372 views • 18 slides
AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses

AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses

VIRUSES, WORMS, AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses Intrusion detection Behavioral detection Firewalls Virus/antivirus Application firewalls coevolution paper discussed

915 views • 56 slides
VIRUSES The word virus is derived from the Latin language and means a poisonous liquid or

VIRUSES The word virus is derived from the Latin language and means a poisonous liquid or

VIRUSES The word virus is derived from the Latin language and means a poisonous liquid or poison. Viruses have been variously defined by scientists and can be regarded as living or non-living. They are the smallest and possibly the

1.09k views • 78 slides
Cancer killing viruses Oncolytic Virotherapeutics Click to edit style Viralytics is a company

Cancer killing viruses Oncolytic Virotherapeutics Click to edit style Viralytics is a company

Cancer killing viruses Oncolytic Virotherapeutics Click to edit style Viralytics is a company developing a portfolio of oncolytic viruses that have the potential not only to provide a more effective treatment of a range of cancers, but also a

298 views • 18 slides
Influenza viruses Holly Shelton holly.shelton@pirbright.ac.uk Preventing and controlling viral

Influenza viruses Holly Shelton holly.shelton@pirbright.ac.uk Preventing and controlling viral

Influenza viruses Holly Shelton holly.shelton@pirbright.ac.uk Preventing and controlling viral diseases Influenza Viruses Orthomyxoviridae Negative sense RNA virus 7 or 8 segments Enveloped 4 Subtypes; A,B, C, D

462 views • 43 slides
File Infection Techniques: File Resident Viruses CS 4440/7440 Malware Analysis &amp; Defense

File Infection Techniques: File Resident Viruses CS 4440/7440 Malware Analysis &amp; Defense

File Infection Techniques: File Resident Viruses CS 4440/7440 Malware Analysis &amp; Defense Bill Harrison Viruses: Online Resources } Symantec Virus Encyclopedia: http://securityresponse.symantec.com/avcenter/ vinfodb.html } McAfee Virus

1.06k views • 31 slides
CDW Corporation Webcast Conference Call May 6, 2020 CDW.com | 800.800.4239 Disclaimers

CDW Corporation Webcast Conference Call May 6, 2020 CDW.com | 800.800.4239 Disclaimers

CDW Corporation Webcast Conference Call May 6, 2020 CDW.com | 800.800.4239 Disclaimers Forward-Looking Statements Statements in this presentation that are not statements of historical fact are forward-looking statements within the meaning of

600 views • 22 slides
CO 445H MALWARE AND VIRUSES Dr. Benjamin Livshits Malware: Different Types 2 Spyware is

CO 445H MALWARE AND VIRUSES Dr. Benjamin Livshits Malware: Different Types 2 Spyware is

CO 445H MALWARE AND VIRUSES Dr. Benjamin Livshits Malware: Different Types 2 Spyware is software that aids in gathering A virus is a computer program that is information about a person or organization capable of making copies of itself

716 views • 56 slides
1 How many radians are subtended by a 0.10 m arc of a circle of radius 0.40 m? Slide 2 / 133 2

1 How many radians are subtended by a 0.10 m arc of a circle of radius 0.40 m? Slide 2 / 133 2

Slide 1 / 133 1 How many radians are subtended by a 0.10 m arc of a circle of radius 0.40 m? Slide 2 / 133 2 How many degrees are subtended by a 0.10 m arc of a circle of radius of 0.40 m? Slide 3 / 133 3 A ball rotates 2 rad in 4.0 s.

1.5k views • 133 slides
Yep, I said it before and Ill say it again. Life moves pretty fast. You dont stop and

Yep, I said it before and Ill say it again. Life moves pretty fast. You dont stop and

Yep, I said it before and Ill say it again. Life moves pretty fast. You dont stop and look around once in a while, you could miss it Ferris Buellers Day Off (1986) A different kind of newsroom. Slow news. Open journalism.

749 views • 19 slides
CSE543 Computer and Network Security Module: Malware Professor Trent Jaeger CSE543 -

CSE543 Computer and Network Security Module: Malware Professor Trent Jaeger CSE543 -

616 views • 33 slides
Office Hours: ESG-CV Notice September 3, 2020 Housekeeping A recording of todays session,

Office Hours: ESG-CV Notice September 3, 2020 Housekeeping A recording of todays session,

Office Hours: ESG-CV Notice September 3, 2020 Housekeeping A recording of todays session, along with the slide deck and a copy of the Chat and Q&amp;A content will be posted to the HUD Exchange within 2-3 business days Event

645 views • 39 slides
Life lessons and datacenter performance analysis Dan Ardelean Amer Diwan Rick Hank Christian

Life lessons and datacenter performance analysis Dan Ardelean Amer Diwan Rick Hank Christian

Life lessons and datacenter performance analysis Dan Ardelean Amer Diwan Rick Hank Christian Kurmann Balaji Raghavan Matt Seegmiller The need to solve performance crimes Performance crimes are anything that unnecessarily increase

529 views • 42 slides
Albert-Lszl Barabsi with Emma K. Towlson and Sean P. Cornelius www.BarabasiLab.com

Albert-Lszl Barabsi with Emma K. Towlson and Sean P. Cornelius www.BarabasiLab.com

Network Science Spreading Phenomena Albert-Lszl Barabsi with Emma K. Towlson and Sean P. Cornelius www.BarabasiLab.com Section 10.7 Epidemic Prediction Case Study 1: Epidemic Forecast Network Science: Robustness Cascades H1N1

879 views • 31 slides

More recommend