Securing Software Systems Via Fuzz Testing and Verification

Total Page:16

File Type:pdf, Size:1020Kb

Securing Software Systems Via Fuzz Testing and Verification This document is downloaded from DR‑NTU (https://dr.ntu.edu.sg) Nanyang Technological University, Singapore. Securing software systems via fuzz testing and verification Chen, Hongxu 2019 Chen, H. (2019). Securing software systems via fuzz testing and verification. Doctoral thesis, Nanyang Technological University, Singapore. https://hdl.handle.net/10356/136764 https://doi.org/10.32657/10356/136764 This work is licensed under a Creative Commons Attribution‑NonCommercial 4.0 International License (CC BY‑NC 4.0). Downloaded on 29 Sep 2021 21:45:07 SGT SECURING SOFTWARE SYSTEMS VIA FUZZ TESTING AND VERIFICATION HONGXU CHEN SCHOOL OF COMPUTER SCIENCE AND ENGINEERING 2019 SECURING SOFTWARE SYSTEMS VIA FUZZ TESTING AND VERIFICATION HONGXU CHEN School of Computer Science and Engineering A thesis submitted to Nanyang Technological University in partial fulfillment of the requirement for the degree of Doctor of Philosophy 2019 Abstract Software security has been growing in importance due to the increasing reliance on various systems such as computers, smartphones, and Internet-of-Things devices. Security weaknesseses, or vulnerabilities, range in various aspects, from the systematic levels such as designing defects, to implementation errors such as language-specific program crashes. The multifaceted nature of vulnerabilities poses significant challenges to secure different systems. In fact, multilevel approaches have to be applied to reveal vulnerabilities or solidify the systems. Generally, there are two categories of approaches to securing a system, namely testing and verification. The former tries to generate test cases to trigger erroneous behaviors in the underlying programs. The latter models the system in an abstracted description to prove the absence of certain security defects. In this thesis, we will describe our efforts in greybox fuzz testing and type checking based verification in securing different levels of software systems. Firstly, we apply greybox fuzz testing (or fuzzing) to detect implementation vulnera- bilities. These vulnerabilities are usually subtle that it is rather complicated to formally verify the absence of the corresponding defects. We target on two levels of vulnera- bilities. One is to improve the fuzzing directedness of executing towards specific tar- get program locations to reveal crash induced vulnerabilities such as buffer-overflow, use-after-free, etc. To emphasize existing challenges in directed fuzzing, we propose HAWKEYE to feature four desired properties for directedness. With the statically an- alyzed results on the target program and its target locations, HAWKEYE applies mul- tiple dynamic strategies for seed prioritization, power scheduling and mutation. The experimental results on various real-world programs showed that HAWKEYE signifi- cantly outperforms the state-of-the-art greybox fuzzers AFL and AFLGo in reaching i Abstract ii target locations and reproducing specific crashes. The other scenario is to enhance fuzzing to reveal multithreading-relevant bugs. These bugs may root from logic er- rors which exhibit abnormal behaviors in the target program. They may or may not cause immediate crashes however implicate certain security defects. We present DOU- BLADE, a novel thread-aware technique which effectively generates multithreading- relevant seeds. DOUBLADE relies on a set of thread-aware techniques, consisting of a stratified exploration-oriented instrumentation and two complementary instrumenta- tions, as well as dynamic adaptive strategies based on feedbacks. Experiments on 12 real-world programs showed that DOUBLADE significantly outperforms the state-of- the-art fuzzer AFL in generating high-quality seeds, detecting vulnerabilities, and ex- posing concurrency bugs. To integrate HAWKEYE,DOUBLADE, and other recently proposed fuzzing techniques, we have built our own general-purpose fuzzing frame- work, Fuzzing Orchestration Toolkit (FOT). Compared to other fuzzing frameworks, FOT is versatile in its functionalities and can be easily configured or extended for vari- ous fuzzing purposes. Till now, FOT has detected 200+ zero-day vulnerabilities in more than 40 world-famous projects, among which 51 CVEs have been assigned. Secondly, we apply type checking based verification to detect those vulnerabilities introduced by designing defects where testing usually fails to reveal. Particularly, we focus on the information leakage vulnerability caused by inter-app communications on an Android system. We propose a lightweight security type system that models permission mechanism on Android, where the permissions are assigned statically and facilitated to enforce access control across applications. We proved the soundness of the proposed type system in terms of non-interference, with which we are able to prove the absence of information leakage among various apps in an Android system. We also presented a deterministic type inference algorithm for the underlying type system. Finally, based on these attempts we have made so far, we briefly discuss the differ- ences between the two categories of applied approaches in terms of the capability, the practicality, and their potential combinations in securing modern software systems. Statement of Originality I hereby certify that the work embodied in this thesis is the result of original research, is free of plagiarized materials, and has not been submitted for a higher degree to any other University or Institution. Jul/22/2019 .......................................... Date Hongxu Chen iii Supervisor Declaration Statement I have reviewed the content and presentation style of this thesis and declare it is free of plagiarism and of sufficient grammatical clarity to be examined. To the best of my knowledge, the research and writing are those of the candidate except as acknowledged in the Author Attribution Statement. I confirm that the investigations were conducted in accord with the ethics policies and integrity standards of Nanyang Technological University and that the research data are presented honestly and without prejudice. Jul/22/2019 .......................................... Date Yang Liu iv Authorship Attribution Statement This thesis contains materials from 3 published and 1 submitted papers in the following peer-reviewed conferences where I am the first author. Chapter3 is published as Hongxu Chen, Yinxing Xue, Yuekang Li, Bihuan Chen, Xiaofei Xie, Xiuheng Wu, Yang Liu, “Hawkeye: Towards a Desired Directed Greybox Fuzzer”, CCS ’18 Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, Pages 2095-2108, http://doi.acm.org/10.1145/ 3243734.3243849, DOI: 10.1145/3243734.3243849 [1]. The contribution of the co-authors are as follows: • I co-designed and implemented the methodology, wrote the manuscript draft, and conducted the experiments. • Yinxing Xue co-designed the methodology and revised the major part of the draft. • Yuekang Li co-designed the methodology and helped evaluate the experimental results. • Bihuan Chen co-designed the methodology and helped revise the draft. • Xiaofei Xie helped revise the draft. • Xiuheng Wu helped evaluate the experimental results. • Yang Liu co-designed the methodology and supported the research. Chapter4 is submitted as Hongxu Chen, Shengjian Guo, Yinxing Xue, Yulei Sui, Cen Zhang, Yuekang Li, Haijun Wang, Yang Liu, “DOUBLADE: Thread-aware Grey-box Fuzzing for Effective Bug Hunting in Multithreaded Programs”. The contribution of the co-authors are as follows: v Authorship Attribution Statement vi • I co-designed and implemented the methodology, wrote the manuscript draft, and conducted the experiments. • Shengjian Guo, Yinxing Xue, and Yulei Sui co-designed the methodology and revised the major parts of the draft. • Cen Zhang helped analyze the experimental results. • Yuekang Li and Haijun Wang helped revise the paper draft. • Yang Liu supported the research and revised the paper draft. Chapter5 is published as Hongxu Chen, Yuekang Li, Bihuan Chen, Yinxing Xue, Yang Liu, “FOT: A Versatile, Configurable, Extensible Fuzzing Framework”, ESEC/FSE 2018 Proceedings of the 2018 26th ACM Joint Meeting on European Software En- gineering Conference and Symposium on the Foundations of Software Engineering, Pages 867-870, http://doi.acm.org/10.1145/3236024.3264593, DOI: 10.1145/3236024.3264593 [2]. The contributions of the co-authors are as follows: • I and Yuekang Li implemented the core logic of the FOT fuzzing framework, and wrote the manuscript draft as well as conducted all the experiments. • Bihuan Chen helped revise the draft. • Yang Liu co-designed the architecture of the framework. • Yinxing Xue co-designed the HAWKEYE extension of the framework. Chapter6 is published as Hongxu Chen, Alwen Tiu, Zhiwu Xu, Yang Liu, “A Permission- Dependent Type System for Secure Information Flow Analysis”, 2018 IEEE 31st Com- puter Security Foundations Symposium (CSF), Oxford, 2018, pp. 218-232. https: //doi.org/10.1109/CSF.2018.00023, DOI: 10.1109/CSF.2018.00023 [3]. A technical report is available at https://arxiv.org/abs/1709.09623. The contribution of the co-authors are as follows: Authorship Attribution Statement vii • I co-designed the type system, proved the soundness of the type system with Alwen Tiu, implemented a prototype of the type system, and wrote the draft. • Alwen Tiu co-designed the type system, proved the soundness of the type system, and revised the paper draft. • Zhiwu Xu co-designed the type system, and designed the type inference rules for the proposed type system. • Yang Liu organized
Recommended publications
  • An Effective Self-Adaptive Policy for Optimal Video Quality Over Heterogeneous Mobile Devices and Network Discovery Services
    Appl. Math. Inf. Sci. 13, No. 3, 489-505 (2019) 489 Applied Mathematics & Information Sciences An International Journal http://dx.doi.org/10.18576/amis/130322 An Effective Self-Adaptive Policy for Optimal Video Quality over Heterogeneous Mobile Devices and Network Discovery Services Saleh Ali Alomari∗1 , Mowafaq Salem Alzboon1, Belal Zaqaibeh1 and Mohammad Subhi Al-Batah1 1Faculty of Science and Information Technology, Jadara University, 21110 Irbid, Jordan Received: 12 Dec. 2018, Revised: 1 Feb. 2019, Accepted: 20 Feb. 2019 Published online: 1 May 2019 Abstract: The Video on Demand (VOD) system is considered a communicating multimedia system that can allow clients be interested whilst watching a video of their selection anywhere and anytime upon their convenient. The design of the VOD system is based on the process and location of its three basic contents, which are: the server, network configuration and clients. The clients are varied from numerous approaches, battery capacities, involving screen resolutions, capabilities and decoder features (frame rates, spatial dimensions and coding standards). The up-to-date systems deliver VOD services through to several devices by utilising the content of a single coded video without taking into account various features and platforms of a device, such as WMV9, 3GPP2 codec, H.264, FLV, MPEG-1 and XVID. This limitation only provides existing services to particular devices that are only able to play with a few certain videos. Multiple video codecs are stored by VOD systems store for a similar video into the storage server. The problems caused by the bandwidth overhead arise once the layers of a video are produced.
    [Show full text]
  • Capturejayhx Release Notes
    CapturejayHX release notes - Version 2.3.7 - 1.7.17.10600 – 09/01/2019 - capturejayHX adds support for streaming and network playback of Secure Reliable Transport (SRT) feeds. SRT is a protocol designed for live video streaming over the public internet and provides reliable transmission similar to TCP, however, it does so at the application layer, using UDP protocol as an underlying transport layer. It supports packet recovery while maintaining low latency (default: 120 ms). SRT also supports encryption using AES. - Added RTP streaming support - Added RTP Pro-MPEG streaming support - Added MJPEG encoder for UDP streaming - Updated FFmpeg to version 4.0.2 - Added QuickSync H.264 video encoding and multichannel audio support (up to 16 channels) for WebRTC - Improved playback of RTSP streams. - Updated NDI to 3.5 version. - Updated NVIDIA components to Video_Codec_SDK_8.1.24 - Lots of other improvements and fixes in the capture/playback engine. Winjay S.r.l. Via Enrico Dandolo, 73 - 76123 ANDRIA (BT) – VAT ID: IT-05652830729 Infoline / Fax: 0883-55.34.10 / http://www.winjay.it - [email protected] - Version 2.3.6 - 1.7.12.9930 – 03/12/2018 - Added QuickSync H.264 video encoding and multichannel audio support (up to 16 channels) for WebRTC - Improved playback of RTSP streams. - Core FFmpeg components updated to release 3.4.2 version - Updated NVIDIA components to Video_Codec_SDK_8.1.24 - Fixed correct frame order in UDP streams playback - Fixed audio/video synchronization issue after temporary loss of an input signal - Fixed RTSP/RTMP streams reconnect problem on network failure - Lots of other improvements and fixes in the capture/playback engine.
    [Show full text]
  • Download Media Player Codec Pack Version 4.1 Media Player Codec Pack
    download media player codec pack version 4.1 Media Player Codec Pack. Description: In Microsoft Windows 10 it is not possible to set all file associations using an installer. Microsoft chose to block changes of file associations with the introduction of their Zune players. Third party codecs are also blocked in some instances, preventing some files from playing in the Zune players. A simple workaround for this problem is to switch playback of video and music files to Windows Media Player manually. In start menu click on the "Settings". In the "Windows Settings" window click on "System". On the "System" pane click on "Default apps". On the "Choose default applications" pane click on "Films & TV" under "Video Player". On the "Choose an application" pop up menu click on "Windows Media Player" to set Windows Media Player as the default player for video files. Footnote: The same method can be used to apply file associations for music, by simply clicking on "Groove Music" under "Media Player" instead of changing Video Player in step 4. Media Player Codec Pack Plus. Codec's Explained: A codec is a piece of software on either a device or computer capable of encoding and/or decoding video and/or audio data from files, streams and broadcasts. The word Codec is a portmanteau of ' co mpressor- dec ompressor' Compression types that you will be able to play include: x264 | x265 | h.265 | HEVC | 10bit x265 | 10bit x264 | AVCHD | AVC DivX | XviD | MP4 | MPEG4 | MPEG2 and many more. File types you will be able to play include: .bdmv | .evo | .hevc | .mkv | .avi | .flv | .webm | .mp4 | .m4v | .m4a | .ts | .ogm .ac3 | .dts | .alac | .flac | .ape | .aac | .ogg | .ofr | .mpc | .3gp and many more.
    [Show full text]
  • Encoding H.264 Video for Streaming and Progressive Download
    What is Tuning? • Disable features that: • Improve subjective video quality but • Degrade objective scores • Example: adaptive quantization – changes bit allocation over frame depending upon complexity • Improves visual quality • Looks like “error” to metrics like PSNR/VMAF What is Tuning? • Switches in encoding string that enables tuning (and disables these features) ffmpeg –input.mp4 –c:v libx264 –tune psnr output.mp4 • With x264, this disables adaptive quantization and psychovisual optimizations Why So Important • Major point of contention: • “If you’re running a test with x264 or x265, and you wish to publish PSNR or SSIM scores, you MUST use –tune PSNR or –tune SSIM, or your results will be completely invalid.” • http://x265.org/compare-video-encoders/ • Absolutely critical when comparing codecs because some may or may not enable these adjustments • You don’t have to tune in your tests; but you should address the issue and explain why you either did or didn’t Does Impact Scores • 3 mbps football (high motion, lots of detail) • PSNR • No tuning – 32.00 dB • Tuning – 32.58 dB • .58 dB • VMAF • No tuning – 71.79 • Tuning – 75.01 • Difference – over 3 VMAF points • 6 is JND, so not a huge deal • But if inconsistent between test parameters, could incorrectly show one codec (or encoding configuration) as better than the other VQMT VMAF Graph Red – tuned Green – not tuned Multiple frames with 3-4-point differentials Downward spikes represent untuned frames that metric perceives as having lower quality Tuned Not tuned Observations • Tuning
    [Show full text]
  • Ffmpeg Command Android Studio
    Ffmpeg command android studio Continue FFMpeg/FFprobe is designed for Android. Run the FFmpeg and FFprobe commands with ease in your Android project. About this project is a continuation of the FFmpeg Android Java fork by WritingMinds. This plug captures the CAN LINK EXECUTABLE ffmpeg: it has the issue of text movement on x86 devices along with some other bugfixes, new features and the latest FFmpeg builds. Bravobit FFmpeg-Android architecture works on the following architectures: armv7-neon armv8 x86 x86_64 FFmpeg assemblage FFmpeg in this project was built with the following libraries: x264 r2851 ba24899 libpng 1.6.0 21 free type2 2.8.1 libmp3lame 3.100 libvorbis 1.3.5 libvpx v1.6.1-1456-g7d1bf5d libopus 1.2.1 fontconfig 2.11.11.294 libass 0.14.0 fribidi 0.19.7 Expat 2.1.0 fdk-aac 0.1.6 Features Uses the newest FFmpeg release n4.0-39-gda39990 Uses the native capabilities of the processor on the ARM FFprobe architecture bundled in this library too included the Network Features Multithreading Use Start To Enable Dependency Dependencies 'implementation':nl.bravobit:android-ffmpeg:1.1.7' Check if FFmpeg is supported To check Whether FFmpeg is available on your device you can use the following method. if (FFmpeg.getInstance (this) you will run the FFmpeg command In this code example we will run the ffmpeg version team. FFmpeg ffmpeg - FFmpeg.getInstance (context); to run the ffmpeg-version command you just need to go through the version of ffmpeg.execute (cmd, the new ExecuteBinaryResponseHandler () - @Override public void onStart () @Override public void on Progress (String message) @Override public void on The Mail (String message) @Override public emptiness onSuccess (String message) @Override public emptiness onFinish () Stop (or leave) FFmp to stop the FFmpeg process running, just call .send'ytSignal () at FFtask, which works: FFmpeg ffmpeg and FFmpeg.getInstance (context); FFtask ffTask - ffmpeg.execute (..
    [Show full text]
  • Screen Capture Tools to Record Online Tutorials This Document Is Made to Explain How to Use Ffmpeg and Quicktime to Record Mini Tutorials on Your Own Computer
    Screen capture tools to record online tutorials This document is made to explain how to use ffmpeg and QuickTime to record mini tutorials on your own computer. FFmpeg is a cross-platform tool available for Windows, Linux and Mac. Installation and use process depends on your operating system. This info is taken from (Bellard 2016). Quicktime Player is natively installed on most of Mac computers. This tutorial focuses on Linux and Mac. Table of content 1. Introduction.......................................................................................................................................1 2. Linux.................................................................................................................................................1 2.1. FFmpeg......................................................................................................................................1 2.1.1. installation for Linux..........................................................................................................1 2.1.1.1. Add necessary components........................................................................................1 2.1.2. Screen recording with FFmpeg..........................................................................................2 2.1.2.1. List devices to know which one to record..................................................................2 2.1.2.2. Record screen and audio from your computer...........................................................3 2.2. Kazam........................................................................................................................................4
    [Show full text]
  • Spin Digital HEVC/H.265 Software Encoder (Spin Enc) Enables Ultra-High-Quality Video with the Highest Compression Level
    Spin Digital HEVC/H.265 software encoder (Spin Enc) enables ultra-high-quality video with the highest compression level. Encoding, transmission, and storage of video in 4K, 8K, and beyond are now possible with commodity computing technologies. HEVC/H.265 encoder for production, contribution, and distribution of professional video for broadcast, VoD, and creative studios. Spin Digital HEVC/H.265 encoder is ready for the next generation of high-quality video systems, providing support for Ultra HD (UHD), High Dynamic Range (HDR), High Frame Rate (HFR), Wide Color Gamut (WCG), and Virtual Reality (360° video). Product Highlights HEVC/H.265 Encoder Package • Fast offline encoding software solution • Encoder: standalone HEVC/H.265 encoder • Ready for 8K and beyond • Transcoder: HEVC/H.265 decoder and encoder • Significantly better compression and quality integrated in FFmpeg than competing encoders • SDK: encoder plugin for FFmpeg (Libavcodec) • Enables WCG and HDR with up to 12-bit video • Compatible with ARIB STD-B32 standard • Versatile high-precision pre-processing filters • Preserves color resolution with 4:2:2, 4:4:4, and RGB formats • 22.2-ch AAC audio encoding and decoding SPIN DIGITAL HEVC/H.265 ENCODER Support for the HEVC standard: Main and Main 10 profiles Range Extensions (HEVCv2) profiles ARIB STD-B32 version 3.9 Resolutions: 4K, 8K, and beyond Color formats: 4:2:0, 4:2:2, 4:4:4, RGB Bit depths: 8-, 10-, 12-bit Color spaces: BT.601, BT.709, DCI-P3, BT.2020 HDR support: ST2084 transfer function, ST2086 HDR metadata, HLG Coding
    [Show full text]
  • High Efficiency, Moderate Complexity Video Codec Using Only RF IPR
    Thor High Efficiency, Moderate Complexity Video Codec using only RF IPR draft-fuldseth-netvc-thor-00 Arild Fuldseth, Gisle Bjontegaard (Cisco) IETF 93 – Prague, CZ – July 2015 1 Design principles • Moderate complexity to allow real-time implementation in SW on common HW, as well as new HW designs • Basic building blocks from well-known hybrid approach (motion compensated prediction and transform coding) • Common design elements in modern codecs – Larger block sizes and transforms, up to 64x64 – Quarter pixel interpolation, motion vector prediction, etc. • Cisco RF IPR (note well: declaration filed on draft) – Deblocking, transforms, etc. (some also essential in H.265/4) • Avoid non-RF IPR – If/when others offer RF IPR, design/performance will improve 2 Encoder Architecture Input Transform Quantizer Entropy Output video Coding bitstream - Inverse Transform Intra Frame Prediction Loop filters Inter Frame Prediction Reconstructed Motion Frame Estimation Memory 3 Decoder Architecture Input Entropy Inverse Bitstream Decoding Transform Intra Frame Prediction Loop filters Inter Frame Prediction Output video Reconstructed Frame Memory 4 Block Structure • Super block (SB) 64x64 • Quad-tree split into coding blocks (CB) >= 8x8 • Multiple prediction blocks (PB) per CB • Intra: 1 PB per CB • Inter: 1, 2 (rectangular) or 4 (square) PBs per CB • 1 or 4 transform blocks (TB) per CB 5 Coding-block modes • Intra • Inter0 MV index, no residual information • Inter1 MV index, residual information • Inter2 Explicit motion vector information, residual information
    [Show full text]
  • Hardware for Speech and Audio Coding
    Linköping Studies in Science and Technology Thesis No. 1093 Hardware for Speech and Audio Coding Mikael Olausson LiU-TEK-LIC-2004:22 Department of Electrical Engineering Linköpings universitet, SE-581 83 Linköping, Sweden Linköping 2004 Linköping Studies in Science and Technology Thesis No. 1093 Hardware for Speech and Audio Coding Mikael Olausson LiU-TEK-LIC-2004:22 Department of Electrical Engineering Linköpings universitet, SE-581 83 Linköping, Sweden Linköping 2004 ISBN 91-7373-953-7 ISSN 0280-7971 ii Abstract While the Micro Processors (MPUs) as a general purpose CPU are converging (into Intel Pentium), the DSP processors are diverging. In 1995, approximately 50% of the DSP processors on the market were general purpose processors, but last year only 15% were general purpose DSP processors on the market. The reason general purpose DSP processors fall short to the application specific DSP processors is that most users want to achieve highest performance under mini- mized power consumption and minimized silicon costs. Therefore, a DSP proces- sor must be an Application Specific Instruction set Processor (ASIP) for a group of domain specific applications. An essential feature of the ASIP is its functional acceleration on instruction level, which gives the specific instruction set architecture for a group of appli- cations. Hardware acceleration for digital signal processing in DSP processors is essential to enhance the performance while keeping enough flexibility. In the last 20 years, researchers and DSP semiconductor companies have been working on different kinds of accelerations for digital signal processing. The trade-off be- tween the performance and the flexibility is always an interesting question because all DSP algorithms are "application specific"; the acceleration for audio may not be suitable for the acceleration of baseband signal processing.
    [Show full text]
  • Home for Christmas S01E01 INTERNAL 720P WEB X264strife Eztv Thepiratebay
    1 / 2 Home For Christmas S01E01 INTERNAL 720p WEB X264-STRiFE [eztv] - ThePirateBay http://nextisp.com/index.php/Home/Drama/detail/p/a-little-love-never-hurts/uid/0.html - A ... [url=http://thebeststar.us/torrent/1663028501/UFC+210+Prelims+720p+WEB-DL+ ... in Fire S04E09 The Charay iNTERNAL 720p HDTV x264-DHD[ettv][/url] ... [url=http://almuzaffar.org/christmas-is-here-again-movie]Christmas Is Here .... Us.S01.COMPLETE.720p.WEB.x264-GalaxyTV2019-05-31 VIP 1.22 GiB 285 sotnikam · Video > HD MoviesThey.Shall.Not.Grow.Old.2018.1080p.BluRay.H264.. Download Chloe Neill - Chicagoland Vampires and Dark Elite torrent or any other torrent from the Other E-books. Direct download via magnet link.Missing: Home ‎Christmas ‎S01E01 ‎INTERNAL ‎WEB ‎x264- ‎[eztv] -. ... i ian dervish · file 3245112 trailer.park.boys.out.of.the.park.s02e01.720p.web.x264 strife ... file 3086561 unearthed.2016.s02e05.internal.720p.hevc.x265 megusta ... christmas cookie challenge s03e05 colors of christmas 480p x264 msd eztv ... 720p bluray yts yify · file 817715 miami.monkey.s01e01.480p.hdtv.x264 msd .... Nov 15, 2014 — Ninja x men 1 720p dual audio Любовь РїРѕРґ ... Home And Away S23E93 WS PDTV XviD-AUTV kapitein rob en het geheim van ... й”法提琴手 Нанолюбовь (10) web dl inside amy schumer ... Low Winter Sun S01E01 2013 HDTV x264 EZN ettv Mad Men (Season 06 Episode .... Home for Christmas S01E01 INTERNAL WEB x264-STRiFE EZTV torrent download - download for free Home for Christmas S01E01 INTERNAL WEB .... ... file 4554555 brave.new.world.s01e07.internal.1080p.hevc.x265 megusta eztv ..
    [Show full text]
  • On Engagement with ICT Standards and Their Implementations in Open Source Software Projects: Experiences and Insights from the Multimedia Field
    International Journal of Standardization Research Volume 19 • Issue 1 On Engagement With ICT Standards and Their Implementations in Open Source Software Projects: Experiences and Insights From the Multimedia Field Jonas Gamalielsson, University of Skövde, Sweden Björn Lundell, University of Skövde, Sweden ABSTRACT The overarching goal in this paper is to investigate organisational engagement with an ICT standard and open source software (OSS) projects that implement the standard, with a specific focus on the multimedia field, which is relevant in light of the wide deployment of standards and different legal challenges in this field. The first part reports on experiences and insights from engagement with standards in the multimedia field and from implementation of such standards in OSS projects. The second part focuses on the case of the ITU-T H.264 standard and the two OSS projects OpenH264 and x264 that implement the standard, and reports on a characterisation of organisations that engage with and control the H.264 standard, and organisations that engage with and control OSS projects implementing the H.264 standard. Further, projects for standardisation and implementation of H.264 are contrasted with respect to mix of contributing organisations, and findings are related to organisational strategies of contributing organisations and previous research. KEywordS AVC, H.264, Involvement, ISO, ITU-T, OpenH264, Participation, x264 1 INTROdUCTION There are a number of different challenges related to provision of standards in the software sector, that can impact on the extent to which it is possible to faithfully implement the specification of a standard in software systems (Blind and Böhm, 2019; Gamalielsson and Lundell, 2013; Lundell et al., 2019; UK, 2015).
    [Show full text]
  • Efficient Multi-Codec Support for OTT Services: HEVC/H.265 And/Or AV1?
    Efficient Multi-Codec Support for OTT Services: HEVC/H.265 and/or AV1? Christian Timmerer†,‡, Martin Smole‡, and Christopher Mueller‡ ‡Bitmovin Inc., †Alpen-Adria-Universität San Francisco, CA, USA and Klagenfurt, Austria, EU ‡{firstname.lastname}@bitmovin.com, †{firstname.lastname}@itec.aau.at Abstract – The success of HTTP adaptive streaming is un- multiple versions (e.g., different resolutions and bitrates) and disputed and technical standards begin to converge to com- each version is divided into predefined pieces of a few sec- mon formats reducing market fragmentation. However, other onds (typically 2-10s). A client first receives a manifest de- obstacles appear in form of multiple video codecs to be sup- scribing the available content on a server, and then, the client ported in the future, which calls for an efficient multi-codec requests pieces based on its context (e.g., observed available support for over-the-top services. In this paper, we review the bandwidth, buffer status, decoding capabilities). Thus, it is state of the art of HTTP adaptive streaming formats with re- able to adapt the media presentation in a dynamic, adaptive spect to new services and video codecs from a deployment way. perspective. Our findings reveal that multi-codec support is The existing different formats use slightly different ter- inevitable for a successful deployment of today's and future minology. Adopting DASH terminology, the versions are re- services and applications. ferred to as representations and pieces are called segments, which we will use henceforth. The major differences between INTRODUCTION these formats are shown in Table 1. We note a strong differ- entiation in the manifest format and it is expected that both Today's over-the-top (OTT) services account for more than MPEG's media presentation description (MPD) and HLS's 70 percent of the internet traffic and this number is expected playlist (m3u8) will coexist at least for some time.
    [Show full text]