Advances in the Detection of Malicious Servers and the Analysis of Client-Side Vulnerabilities

Total Page:16

File Type:pdf, Size:1020Kb

Advances in the Detection of Malicious Servers and the Analysis of Client-Side Vulnerabilities UNIVERSIDAD POLITECNICA´ DE MADRID ESCUELA TECNICA´ SUPERIOR DE INGENIEROS INFORMATICOS´ Defending Against Cybercrime: Advances in the Detection of Malicious Servers and the Analysis of Client-Side Vulnerabilities PH.D THESIS Antonio Nappa Copyright c February 2016 by Antonio Nappa DEPARTAMENTAMENTO DE LENGUAJES Y SISTEMAS INFORMATICOS´ E INGENIERIA DE SOFTWARE ESCUELA TECNICA´ SUPERIOR DE INGENIEROS INFORMATICOS´ Defending Against Cybercrime: Advances in the Detection of Malicious Servers and the Analysis of Client-Side Vulnerabilities SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF: Doctor en Inform´atica Author: Antonio Nappa Advisor Dr. Juan Caballero February 2016 Jury: Somesh Jha, Professor of Computer Sciences - University of Wisconsin-Madison Lorenzo Cavallaro, Senior Lecturer of Computer Sciences - Royal Holloway University of London Juan Manuel Est´evez Tapiador, Profesor Titular de Universidad - Universi- dad Carlos III de Madrid Victor A. Villagr´a, Profesor Titular de Universidad - Universidad Polit´ecnica de Madrid Boris K¨opf, Assistant Research Professor - IMDEA Software Institute Carmela Troncoso, Researcher - IMDEA Software Institute Manuel Carro, Profesor Titular de Universidad - Universidad Polit´ecnica de Madrid Resumen de la tesis Esta tesis se centra en el an´alisisde dos aspectos complementarios de la ciberdelin- cuencia (es decir, el crimen perpetrado a trav´esde la red para ganar dinero). Estos dos aspectos son las m´aquinasinfectadas utilizadas para obtener beneficios econ´omicosde la delincuencia a trav´esde diferentes acciones (como por ejemplo, clickfraud, DDoS, correo no deseado) y la infraestructura de servidores utiliza- dos para gestionar estas m´aquinas(por ejemplo, C & C, servidores explotadores, servidores de monetizaci´on,redirectores). En la primera parte se investiga la exposici´ona las amenazas de los orde- nadores victimas. Para realizar este an´alisishemos utilizado los metadatos con- tenidos en WINE-BR conjunto de datos de Symantec. Este conjunto de datos contiene metadatos de instalaci´onde ficheros ejecutables (por ejemplo, hash del fichero, su editor, fecha de instalaci´on,nombre del fichero, la versi´ondel fichero) proveniente de 8,4 millones de usuarios de Windows. Hemos asociado estos metadatos con las vulnerabilidades en el National Vulnerability Database (NVD) y en el Opens Sourced Vulnerability Database (OSVDB) con el fin de realizar un seguimiento de la decadencia de la vulnerabilidad en el tiempo y observar la rapidez de los usuarios a remiendar sus sistemas y, por tanto, su exposici´ona posibles ataques. Hemos identificado 3 factores que pueden influir en la actividad de parches de ordenadores victimas: c´odigocompartido, el tipo de usuario, exploits. Pre- sentamos 2 nuevos ataques contra el c´odigocompartido y un an´alisisde c´omoel conocimiento usuarios y la disponibilidad de exploit influyen en la actividad de aplicaci´onde parches. Para las 80 vulnerabilidades en nuestra base de datos que afectan c´odigocompartido entre dos aplicaciones, el tiempo entre el parche libera en las diferentes aplicaciones es hasta 118 das (con una mediana de 11 das) En la segunda parte se proponen nuevas t´ecnicasde sondeo activos para de- tectar y analizar las infraestructuras de servidores maliciosos. Aprovechamos t´ecnicasde sondaje activo, para detectar servidores maliciosos en el internet. ii Empezamos con el an´alisisy la detecci´onde operaciones de servidores explota- dores. Como una operaci´onidentificamos los servidores que son controlados por las mismas personas y, posiblemente, participan en la misma campaa de infecci´on. Hemos analizado un total de 500 servidores explotadores durante un perodo de 1 ao, donde 2/3 de las operaciones tenian un nico servidor y 1/2 por varios servi- dores. Hemos desarrollado la t´ecnicapara detectar servidores explotadores a difer- entes tipologas de servidores, (por ejemplo, C & C, servidores de monetizaci´on, redirectores) y hemos logrado escala de Internet de sondeo para las distintas cat- egoras de servidores maliciosos. Estas nuevas t´ecnicas se han incorporado en una nueva herramienta llamada CyberProbe. Para detectar estos servidores hemos desarrollado una novedosa t´ecnicallamada Adversarial Fingerprint Generation, que es una metodologa para generar un modelo nico de solicitud-respuesta para identificar la familia de servidores (es decir, el tipo y la operaci´onque el servidor apartenece). A partir de una fichero de malware y un servidor activo de una determinada familia, CyberProbe puede generar un fingerprint v´alidopara de- tectar todos los servidores vivos de esa familia. Hemos realizado 11 exploraciones en todo el Internet detectando 151 servidores maliciosos, de estos 151 servidores 75% son desconocidos a bases de datos publicas de servidores maliciosos. Otra cuesti´onque se plantea mientras se hace la detecci´onde servidores mali- ciosos es que algunos de estos servidores podran estar ocultos detr´asde un proxy inverso silente. Para identificar la prevalencia de esta configuraci´onde red y mejorar el capacidades de CyberProbe hemos desarrollado RevProbe una nueva herramienta a traves del aprovechamiento de leakages en la configuraci´onde la Web proxies inversa puede detectar proxies inversos. RevProbe identifica que el 16% de direcciones IP maliciosas activas analizadas corresponden a proxies inver- sos, que el 92% de ellos son silenciosos en comparaci´oncon 55% para los proxies inversos benignos, y que son utilizado principalmente para equilibrio de carga a trav´esde mltiples servidores. iii Abstract of the dissertation In this dissertation we investigate two fundamental aspects of cybercrime: the infection of machines used to monetize the crime and the malicious server infras- tructures that are used to manage the infected machines. In the first part of this dissertation, we analyze how fast software vendors ap- ply patches to secure client applications, identifying shared code as an important factor in patch deployment. Shared code is code present in multiple programs. When a vulnerability affects shared code the usual linear vulnerability life cycle is not anymore effective to describe how the patch deployment takes place. In this work we show which are the consequences of shared code vulnerabilities and we demonstrate two novel attacks that can be used to exploit this condition. In the second part of this dissertation we analyze malicious server infrastruc- tures, our contributions are: a technique to cluster exploit server operations, a tool named CyberProbe to perform large scale detection of different malicious servers categories, and RevProbe a tool that detects silent reverse proxies. We start by identifying exploit server operations, that are, exploit servers managed by the same people. We investigate a total of 500 exploit servers over a period of more 13 months. We have collected malware from these servers and all the metadata related to the communication with the servers. Thanks to this metadata we have extracted different features to group together servers managed by the same entity (i.e., exploit server operation), we have discovered that 2/3 of the operations have a single server while 1/3 have multiple servers. Next, we present CyberProbe a tool that detects different malicious server types through a novel technique called adversarial fingerprint generation (AFG). The idea behind CyberProbe's AFG is to run some piece of malware and observe its network communication towards malicious servers. Then it replays this communication to the malicious server and outputs a fingerprint (i.e. a port selection function, a probe generation function and a signature generation function). iv Once the fingerprint is generated CyberProbe scans the Internet with the fingerprint and finds all the servers of a given family. We have performed a total of 11 Internet wide scans finding 151 new servers starting with 15 seed servers. This gives to CyberProbe a 10 times amplification factor. Moreover we have compared CyberProbe with existing blacklists on the internet finding that only 40% of the server detected by CyberProbe were listed. To enhance the capabilities of CyberProbe we have developed RevProbe, a reverse proxy detection tool that can be integrated with CyberProbe to allow precise detection of silent reverse proxies used to hide malicious servers. RevProbe leverages leakage based detection techniques to detect if a malicious server is hidden behind a silent reverse proxy and the infrastructure of servers behind it. At the core of RevProbe is the analysis of differences in the traffic by interacting with a remote server. v To my parents, the best people that I ever met in my life Acknowledgments he first thanks goes to Elo, for her infinite patience and love that you demonstrate. I want also to thank my sister Paola, to help me in my T moments of crisis. And I want to thank myself for never giving up. I also want to thank the following people that helped with their positive attitudes and jokes to make the journey of PhD more pleasant: Goran Doychev, Srdjan Matic, Miguel Ambrona, German Delbianco, Julian Samborski-Forlese, Alejandro Sanchez, Miriam Garcia, Marcos Sebastian, Luca Nizzardo, Platon Kotzias and Aristide Fattori. I want also to thank all my coauthors for their efforts. The last thanks goes to my advisor Juan Caballero, to be a guidance, a point of reference, a source of wisdom and inspiration. vii Contents 1 Introduction 1 1.1 Victim Infection ............................ 2 1.1.1 Problem Statement ...................... 3 1.1.2
Recommended publications
  • Biuletyn 2016 1.Pdf
    szkolenia badania raport zgłoszenie DBI.pl CERT.pl inicjatywy domena .pl bezpieczeństwo honeypot seminarium biometria eksperci konferencje dyżurnet.pl digitalizacja nauka BIPSE SPIS treści KONFERENCJE 5 Razem tworzymy lepszy Internet 7 Globalne wyzwanie – bezpieczny Internet dla dzieci i młodzieży 8 SECURE 2015 – Cyberpolicjanci kontra cyberprzestępcy WYDARZENIA 10 Piknik Naukowy 10 Festiwal Nauki 10 CyberPol – szkolenia dla Policji 11 Seminarium eksperckie 11 Konferencja naukowa „Nastolatki wobec internetu” 11 Sukces polskiej biometrii RAPORTY 12 Roczny raport CERT Polska za 2014 rok 13 Raport Dyżurnet.pl 15 Rekordowy III kwartał w rejestrze domeny .pl BADANIA 17 Nastolatki wobec internetu PROJEKTY 21 Malware kontra lodówka 22 Bezpieczne uwierzytelnienie we współczesnym świecie 24 Digitalizacja, cyfryzacja czyli dostępność…. BEZPIECZEńStwO 28 Cyberprzestępcy podszywają się pod Pocztę Polską 29 Dorkbot już nam nie zagraża ROZMOWA Z … 30 Senior dla kultury NR 1/2016 Redakcja: Anna Maj, Monika Gajewska-Pol Projekt okładki, skład i przygotowanie do druku: Anna Nykiel Adres: ul. Wąwozowa 18, 02-796 Warszawa, Redakcja zastrzega sobie prawo do skrótu tel. (22) 38 08 200, e-mail: [email protected] i opracowania redakcyjnego otrzymanych tekstów. Biuletyn Szanowni Państwo, Mam przyjemność zaprosić Państwa do lektury najnow- celu ochronę przed zagrożeniami najmłodszych użyt- szego numeru „Biuletynu NASK”. Prezentujemy w nim kowników internetu. W ramach realizowanego przez nasze osiągnięcia, najważniejsze wydarzenia minione- NASK projektu Safer Internet funkcjonuje zespół go roku, opisujemy ciekawe i ważne projekty oraz naj- Dyżurnet.pl, przyjmujący zgłoszenia o niebezpiecz- nowsze opracowane przez nas rozwiązania naukowe. nych treściach internetowych, które zagrażają dzie- ciom i młodzieży korzystającym z sieci. W czasie swo- NASK jest instytutem badawczym, który realizuje jej dziesięcioletniej działalności zespół przeanalizował liczne projekty naukowe oraz komercyjne, szczególnie blisko 45 tysięcy zgłoszeń.
    [Show full text]
  • Cyberaanval Op Nederland Citadel-Malwareonderzoek “Pobelka” Botnet
    Cyberaanval op Nederland Citadel-malwareonderzoek “Pobelka” botnet Cyberaanval op Nederland | Citadel-malwareonderzoek “Pobelka” botnet Pagina 1 Inhoudsopgave Inleiding ....................................................................................................................................................................................................... 3 Telegraaf.nl ............................................................................................................................................................................................ 3 Pobelka ........................................................................................................................................................................................................ 4 Doelgericht ............................................................................................................................................................................................ 4 Nederland............................................................................................................................................................................................... 5 Java exploits .......................................................................................................................................................................................... 5 Cyberincidenten ..................................................................................................................................................................................
    [Show full text]
  • Analysis of Malware and Domain Name System Traffic
    Analysis of Malware and Domain Name System Traffic Hamad Mohammed Binsalleeh A Thesis in The Department of Computer Science and Software Engineering Presented in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy at Concordia University Montréal, Québec, Canada July 2014 c Hamad Mohammed Binsalleeh, 2014 CONCORDIA UNIVERSITY Division of Graduate Studies This is to certify that the thesis prepared By: Hamad Mohammed Binsalleeh Entitled: Analysis of Malware and Domain Name System Traffic and submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy complies with the regulations of this University and meets the accepted standards with respect to originality and quality. Signed by the final examining committee: Chair Dr. Christian Moreau External Examiner Dr. Nadia Tawbi Examiner to Program Dr. Lingyu Wang Examiner Dr. Peter Grogono Examiner Dr. Olga Ormandjieva Thesis Co-Supervisor Dr. Mourad Debbabi Thesis Co-Supervisor Dr. Amr Youssef Approved by Chair of the CSE Department 2014 Dean of Engineering ABSTRACT Analysis of Malware and Domain Name System Traffic Hamad Mohammed Binsalleeh Concordia University, 2014 Malicious domains host Command and Control servers that are used to instruct in- fected machines to perpetuate malicious activities such as sending spam, stealing creden- tials, and launching denial of service attacks. Both static and dynamic analysis of malware as well as monitoring Domain Name System (DNS) traffic provide valuable insight into such malicious activities and help security experts detect and protect against many cyber attacks. Advanced crimeware toolkits were responsible for many recent cyber attacks. In order to understand the inner workings of such toolkits, we present a detailed reverse en- gineering analysis of the Zeus crimeware toolkit to unveil its underlying architecture and enable its mitigation.
    [Show full text]
  • Miscellaneous: Malware Cont'd & Start on Bitcoin
    Miscellaneous: Malware cont’d & start on Bitcoin CS 161: Computer Security Prof. Raluca Ada Popa April 19, 2018 Credit: some slides are adapted from previous offerings of this course Viruses vs. Worms VIRUS WORM Propagates By infecting Propagates automatically other programs By copying itself to target systems Usually inserted into A standalone program host code (not a standalone program) Another type of virus: Rootkits Rootkit is a ”stealthy” program designed to give access to a machine to an attacker while actively hiding its presence Q: How can it hide itself? n Create a hidden directory w /dev/.liB, /usr/src/.poop and similar w Often use invisiBle characters in directory name n Install hacked Binaries for system programs such as netstat, ps, ls, du, login Q: Why does it Become hard to detect attacker’s process? A: Can’t detect attacker’s processes, files or network connections By running standard UNIX commands! slide 3 Sony BMG copy protection rootkit scandal (2005) • Sony BMG puBlished CDs that apparently had copy protection (for DRM). • They essentially installed a rootkit which limited user’s access to the CD. • It hid processes that started with $sys$ so a user cannot disaBle them. A software engineer discovered the rootkit, it turned into a Big scandal Because it made computers more vulneraBle to malware Q: Why? A: Malware would choose names starting with $sys$ so it is hidden from antivirus programs Sony BMG pushed a patch … But that one introduced yet another vulneraBility So they recalled the CDs in the end Detecting Rootkit’s
    [Show full text]
  • Threat Landscape Report
    QUARTERLY Threat Landscape Report Q3 2020 NUSPIRE.COM THIS REPORT IS SOURCED FROM 90 BILLION TRAFFIC LOGS INGESTED FROM NUSPIRE CLIENT SITES AND ASSOCIATED WITH THOUSANDS OF DEVICES AROUND THE GLOBE. Nuspire Threat Report | Q2Q3 | 2020 Contents Introduction 4 Summary of Findings 6 Methodology and Overview 7 Quarter in Review 8 Malware 9 Botnets 15 Exploits 20 The New Normal 28 Conclusion and Recommendations 31 About Nuspire 33 3 | Contents Nuspire Threat Report | Q3 | 2020 Introduction In Q2 2020, Nuspire observed the increasing lengths threat actors were going to in order to capitalize on the pandemic and resulting crisis. New attack vectors were created; including VPN usage, home network security issues, personal device usage for business purposes and auditability of network traffic. In Q3 2020, we’ve observed threat actors become even more ruthless. Shifting focus from home networks to overburdened public entities including the education sector and the Election Assistance Commission (EAC). Many school districts were forced into 100% virtual or hybrid learning models by the pandemic. Attackers have waged ransomware attacks at learning institutions who not only have the financial resources to pay ransoms but feel a sense of urgency to do so in order to avoid disruptions during the school year. Meanwhile, the U.S. Elections have provided lures for phishers to attack. Nuspire witnessed Q3 attempts to guide victims to fake voter registration pages to harvest information while spoofing the Election Assistance Commission (EAC). Like these examples, cybercriminals taking advantage of prominent media themes are expected. We anticipate our Q4 2020 Threat Report 4 | Introduction Nuspire Threat Report | Q3 | 2020 to find campaigns leveraging more of the United report each quarter is a great step to gain that States Presidential election as well.
    [Show full text]
  • Load Balancing for Heterogeneous Web Servers
    Load Balancing for Heterogeneous Web Servers Adam Pi´orkowski1, Aleksander Kempny2, Adrian Hajduk1, and Jacek Strzelczyk1 1 Department of Geoinfomatics and Applied Computer Science, AGH University of Science and Technology, Cracow, Poland {adam.piorkowski,jacek.strzelczyk}@agh.edu.pl http://www.agh.edu.pl 2 Adult Congenital and Valvular Heart Disease Center University of Muenster, Muenster, Germany [email protected] http://www.ukmuenster.de Abstract. A load balancing issue for heterogeneous web servers is de- scribed in this article. The review of algorithms and solutions is shown. The selected Internet service for on-line echocardiography training is presented. The independence of simultaneous requests for this server is proved. Results of experimental tests are presented3. Key words: load balancing, scalability, web server, minimum response time, throughput, on-line simulator 1 Introduction Modern web servers can handle millions of queries, although the performance of a single node is limited. Performance can be continuously increased, if the services are designed so that they can be scaled. The concept of scalability is closely related to load balancing. This technique has been used since the beginning of the first distributed systems, including rich client architecture. Most of the complex web systems use load balancing to improve performance, availability and security [1{4]. 2 Load Balancing in Cluster of web servers Clustering of web servers is a method of constructing scalable Internet services. The basic idea behind the construction of such a service is to set the relay server 3 This is the accepted version of: Piorkowski, A., Kempny, A., Hajduk, A., Strzelczyk, J.: Load Balancing for Heterogeneous Web Servers.
    [Show full text]
  • Zope Documentation Release 5.3
    Zope Documentation Release 5.3 The Zope developer community Jul 31, 2021 Contents 1 What’s new in Zope 3 1.1 What’s new in Zope 5..........................................4 1.2 What’s new in Zope 4..........................................4 2 Installing Zope 11 2.1 Prerequisites............................................... 11 2.2 Installing Zope with zc.buildout .................................. 12 2.3 Installing Zope with pip ........................................ 13 2.4 Building the documentation with Sphinx ............................... 14 3 Configuring and Running Zope 15 3.1 Creating a Zope instance......................................... 16 3.2 Filesystem Permissions......................................... 17 3.3 Configuring Zope............................................. 17 3.4 Running Zope.............................................. 18 3.5 Running Zope (plone.recipe.zope2instance install)........................... 20 3.6 Logging In To Zope........................................... 21 3.7 Special access user accounts....................................... 22 3.8 Troubleshooting............................................. 22 3.9 Using alternative WSGI server software................................. 22 3.10 Debugging Zope applications under WSGI............................... 26 3.11 Zope configuration reference....................................... 27 4 Migrating between Zope versions 37 4.1 From Zope 2 to Zope 4 or 5....................................... 37 4.2 Migration from Zope 4 to Zope 5.0..................................
    [Show full text]
  • An Analysis of the Asprox Botnet
    An Analysis of the Asprox Botnet Ravishankar Borgaonkar Technical University of Berlin Email: [email protected] Abstract—The presence of large pools of compromised com- motives. Exploitable vulnerabilities may exist in the Internet puters, also known as botnets, or zombie armies, represents a infrastructure, in the clients and servers, in the people, and in very serious threat to Internet security. This paper describes the way money is controlled and transferred from the Internet the architecture of a contemporary advanced bot commonly known as Asprox. Asprox is a type of malware that combines into traditional cash. Many security firms and researchers are the two threat vectors of forming a botnet and of generating working on developing new methods to fight botnets and to SQL injection attacks. The main features of the Asprox botnet mitigate against threats from botnets [7], [8], [9]. are the use of centralized command and control structure, HTTP based communication, use of advanced double fast-flux service Unfortunately, there are still many questions that need to networks, use of SQL injection attacks for recruiting new bots be addressed to find effective ways of protecting against the and social engineering tricks to spread malware binaries. The threats from botnets. In order to fight against botnets in future, objective of this paper is to contribute to a deeper understanding of Asprox in particular and a better understanding of modern it is not enough to study the botnets of past. Botnets are botnet designs in general. This knowledge can be used to develop constantly evolving, and we need to understand the design more effective methods for detecting botnets, and stopping the and structure of the emerging advanced botnets.
    [Show full text]
  • Detecting Botnets Using File System Indicators
    Detecting botnets using file system indicators Master's thesis University of Twente Author: Committee members: Peter Wagenaar Prof. Dr. Pieter H. Hartel Dr. Damiano Bolzoni Frank Bernaards LLM (NHTCU) December 12, 2012 Abstract Botnets, large groups of networked zombie computers under centralised control, are recognised as one of the major threats on the internet. There is a lot of research towards ways of detecting botnets, in particular towards detecting Command and Control servers. Most of the research is focused on trying to detect the commands that these servers send to the bots over the network. For this research, we have looked at botnets from a botmaster's perspective. First, we characterise several botnet enhancing techniques using three aspects: resilience, stealth and churn. We see that these enhancements are usually employed in the network communications between the C&C and the bots. This leads us to our second contribution: we propose a new botnet detection method based on the way C&C's are present on the file system. We define a set of file system based indicators and use them to search for C&C's in images of hard disks. We investigate how the aspects resilience, stealth and churn apply to each of the indicators and discuss countermeasures botmasters could take to evade detection. We validate our method by applying it to a test dataset of 94 disk images, 16 of which contain C&C installations, and show that low false positive and false negative ratio's can be achieved. Approaching the botnet detection problem from this angle is novel, which provides a basis for further research.
    [Show full text]
  • Winter 2020 Colocation Services
    2020 WINTER CUSTOMER SUCCESS REPORT COLOCATION SERVICES CATEGORY COLOCATION SERVICES OVERVIEW Colocation services allow businesses to host their data in a third-party data center that has privately-owned networking equipment and servers. Instead of maintaining servers in-house, at a private data center, or in offices, enterprises can elect to co-locate their infrastructure by renting space in a colocation center. Unlike other types of hosting where clients can rent server space owned by a hosting vendor, with colocation, the client owns the server and rents the physical space needed to house it in a data center. The colocation service rents out data center space where clients can install their equipment. It also provides the cooling, IP address, bandwidth, and power systems that the customer needs to deploy their servers. 2 Customer Success Report Ranking Methodology The FeaturedCustomers Customer Success ranking is based on data from our customer reference Customer Success Report platform, market presence, web presence, & social Award Levels presence as well as additional data aggregated from online sources and media properties. Our ranking engine applies an algorithm to all data collected to calculate the final Customer Success Report rankings. The overall Customer Success ranking is a weighted average based on 3 parts: Market Leader Content Score is affected by: Vendor on FeaturedCustomers.com with 1. Total # of vendor generated customer substantial customer base & market share. references (case studies, success stories, Leaders have the highest ratio of customer testimonials, and customer videos) success content, content quality score, and social media presence relative to company size. 2. Customer reference rating score 3.
    [Show full text]
  • Pax Technica
    pax technica YY6658.indb6658.indb i 22/2/15/2/15 11:15:1811:15:18 AAMM YY6658.indb6658.indb iiii 22/2/15/2/15 11:15:1811:15:18 AAMM philip n. howard pax technica how the internet of things may set us free or lock us up new haven & london YY6658.indb6658.indb iiiiii 22/2/15/2/15 11:15:1811:15:18 AAMM Published with assistance from the Mary Cady Tew Memorial Fund. Copyright © 2015 by Philip N. Howard. All rights reserved. This book may not be reproduced, in whole or in part, including illustrations, in any form (beyond that copying permitted by Sections 107 and 108 of the U.S. Copyright Law and except by reviewers for the public press), without written permission from the publishers. An online version of the work is made available under a Creative Commons license for use that is noncommercial and not derivative. The terms of the license are set forth at http://creativecommons.org/licenses/by-nc-nd/4.0/. For more information about a digital copy of the work, please see the author’s website: http://philhoward.org/. Yale University Press books may be purchased in quantity for educational, business, or promotional use. For information, please e-mail sales.press@yale .edu (U.S. offi ce) or [email protected] (U.K. offi ce). Set in Joanna type by Newgen North America, Austin, Texas. Printed in the United States of America. ISBN 978-0-300-19947-5 (cloth : alk. paper) Catalogue records for this book are available from the Library of Congress and the British Library.
    [Show full text]
  • "SOLIZE India Technologies Private Limited" 56553102 .FABRIC 34354648 @Fentures B.V
    Erkende referenten / Recognised sponsors Arbeid Regulier en Kennismigranten / Regular labour and Highly skilled migrants Naam bedrijf/organisatie Inschrijfnummer KvK Name company/organisation Registration number Chamber of Commerce "@1" special projects payroll B.V. 70880565 "SOLIZE India Technologies Private Limited" 56553102 .FABRIC 34354648 @Fentures B.V. 82701695 01-10 Architecten B.V. 24257403 100 Grams B.V. 69299544 10X Genomics B.V. 68933223 12Connect B.V. 20122308 180 Amsterdam BV 34117849 1908 Acquisition B.V. 60844868 2 Getthere Holding B.V. 30225996 20Face B.V. 69220085 21 Markets B.V. 59575417 247TailorSteel B.V. 9163645 24sessions.com B.V. 64312100 2525 Ventures B.V. 63661438 2-B Energy Holding 8156456 2M Engineering Limited 17172882 30MHz B.V. 61677817 360KAS B.V. 66831148 365Werk Contracting B.V. 67524524 3D Hubs B.V. 57883424 3DUniversum B.V. 60891831 3esi Netherlands B.V. 71974210 3M Nederland B.V. 28020725 3P Project Services B.V. 20132450 4DotNet B.V. 4079637 4People Zuid B.V. 50131907 4PS Development B.V. 55280404 4WEB EU B.V. 59251778 50five B.V. 66605938 5CA B.V. 30277579 5Hands Metaal B.V. 56889143 72andSunny NL B.V. 34257945 83Design Inc. Europe Representative Office 66864844 A. Hak Drillcon B.V. 30276754 A.A.B. International B.V. 30148836 A.C.E. Ingenieurs en Adviesbureau, Werktuigbouw en Electrotechniek B.V. 17071306 A.M. Best (EU) Rating Services B.V. 71592717 A.M.P.C. Associated Medical Project Consultants B.V. 11023272 A.N.T. International B.V. 6089432 A.S. Watson (Health & Beauty Continental Europe) B.V. 31035585 A.T. Kearney B.V.
    [Show full text]