João Antunes

Neuroendoscopic treatment for colloid cysts of the third ventricle: The experience of a decade - Commentary

OBJECTIVEMicrosurgical resection or ventriculoperitoneal shunt placement was for a long time the only means of treatment for patients with colloid cysts. In the past few years, however, endoscopic procedures have gained increasing significance and have been used more widely. Long-term results are now available for the first time, which enabled us to evaluate this method and assess its future relevance. METHODSTwenty patients with symptomatic colloid cysts of the third ventricle have been treated endoscopically in our department during the past 10 years. Retrospective analysis and follow-up of the patients’ clinical and radiological outcomes were performed. RESULTSIn the early postoperative period, 18 patients had excellent outcomes, with clinical signs improving immediately. One patient experienced intraoperative hemorrhage followed by temporary postoperative psychosis and IIIrd cranial nerve palsy. Another patient remained shunt-dependent because of aseptic meningitis after the endoscopic procedure. In the long-term follow-up, one patient had to be reoperated to treat cyst recurrence. The operative time was strongly dependent on the cyst material as well as on the surgeon’s experience with endoscopic techniques; it varied between 60 and 300 minutes (mean operative time, 200 min). The average hospitalization time was 9 days. Long-term follow-up ranging from 1 to 10 years showed a clear benefit in each patient. In three individuals with pre- and postoperative short-term memory deficits and in one patient who complained of headaches, symptoms resolved gradually during the first few months after surgery. The patient with intraoperative hemorrhage complained of slight permanent short-time memory deficit. The analysis of postoperative computed tomographic and magnetic resonance imaging scans revealed a remaining cyst wall in the majority of patients and an inconsistent decrease in ventricular size. Postoperative cine magnetic resonance imaging studies showed normalization of cerebrospinal fluid flow in 17 patients. CONCLUSIONContinued improvement of endoscopic techniques and instruments, together with good long-term results in endoscopically treated patients, have established this method as an alternative to microsurgical techniques and might even set a new standard for treatment.

Using Attack Injection to Discover New Vulnerabilities

Due to our increasing reliance on computer systems, security incidents and their causes are important problems that need to be addressed. To contribute to this objective, the paper describes a new tool for the discovery of security vulnerabilities on network connected servers. The AJECT tool uses a specification of the servers communication protocol to automatically generate a large number of attacks accordingly to some predefined test classes. Then, while it performs these attacks through the network, it monitors the behavior of the server both from a client perspective and inside the target machine. The observation of an incorrect behavior indicates a successful attack and the potential existence of a vulnerability. To demonstrate the usefulness of this approach, a considerable number of experiments were carried out with several IMAP servers. The results show that AJECT can discover several kinds of vulnerabilities, including a previously unknown vulnerability

Reverse Engineering of Protocols from Network Traces

Communication protocols determine how network components interact with each other. Therefore, the ability to derive a specification of a protocol can be useful in various contexts, such as to support deeper black-box testing or effective defense mechanisms. Unfortunately, it is often hard to obtain the specification because systems implement closed (i.e., undocumented) protocols, or because a time consuming translation has to be performed, from the textual description of the protocol to a format readable by the tools. To address these issues, we propose a new methodology to automatically infer a specification of a protocol from network traces, which generates automata for the protocol language and state machine. Since our solution only resorts to interaction samples of the protocol, it is well-suited to uncover the message formats and protocol states of closed protocols and also to automate most of the process of specifying open protocols. The approach was implemented in a tool and experimentally evaluated with publicly available FTP traces. Our results show that the inferred specification is a good approximation of the reference specification, exhibiting a high level of precision and recall.

Vulnerability Discovery with Attack Injection

The increasing reliance put on networked computer systems demands higher levels of dependability. This is even more relevant as new threats and forms of attack are constantly being revealed, compromising the security of systems. This paper addresses this problem by presenting an attack injection methodology for the automatic discovery of vulnerabilities in software components. The proposed methodology, implemented in AJECT, follows an approach similar to hackers and security analysts to discover vulnerabilities in network-connected servers. AJECT uses a specification of the servers communication protocol and predefined test case generation algorithms to automatically create a large number of attacks. Then, while it injects these attacks through the network, it monitors the execution of the server in the target system and the responses returned to the clients. The observation of an unexpected behavior suggests the presence of a vulnerability that was triggered by some particular attack (or group of attacks). This attack can then be used to reproduce the anomaly and to assist the removal of the error. To assess the usefulness of this approach, several attack injection campaigns were performed with 16 publicly available POP and IMAP servers. The results show that AJECT could effectively be used to locate vulnerabilities, even on well-known servers tested throughout the years.

Genetic alterations in a papillary glioneuronal tumor

Papillary glioneuronal tumors (PGNTs) are rare lesions of the central nervous system, and no information exists on the genetic alterations in these neoplasms. The authors report on such a case in a child. Genetic studies revealed that the tumor was characterized by gains and structural alterations involving only chromosome 7 with breakpoints at 7p22. By using comparative genomic hybridization, the authors observed a high-level amplification region at 7p14~q12. Fluorescence in situ hybridization with a probe for EGFR revealed that this gene was not amplified. Similar to other patients with PGNTs, the patient in the present case fared well. From a genetic point of view the data in the present case are in accordance with previous findings of EGFR amplifications as uncommon in low-grade gliomas and gangliogliomas. Recurrent rearrangements of chromosome 7 have been noted in other mixed glioneuronal tumors. The data in this case suggest that genes located at chromosome 7 can also be involved in the pathogenesis of PGNT. In clinical terms it will be especially important to corroborate, through the analysis of further cases, the involvement of the chromosome 7p22 locus, a region where glial and neuronal linked genes (RAC1 and NXPH1) are known to be located.

Detection and Prediction of Resource-Exhaustion Vulnerabilities

Systems connected to the Internet are highly susceptible to denial-of-service attacks that can compromise service availability, causing damage to customers and providers. Due to errors in the design or coding phases, particular client-server interactions can be made to consume much more resources than necessary easing the success of this kind of attack.To address this issue we propose a new methodology for the detection and identification of local resource-exhaustion vulnerabilities. The methodology also gives a prediction on the necessary effort to exploit a specific vulnerability, useful to support decisions regarding the configuration of a system, in order to sustain a certain attack magnitude.The methodology was implemented in a tool called PREDATOR that is able to automatically generate malicious traffic and to perform post-processing analysis to build accurate resource usage projections on a given target server.The validity of the approach was demonstrated with several synthetic programs and well-known DNS servers.

Intramedullary neuroma of the cervical spinal cord: case report.

OBJECTIVE AND IMPORTANCE Intramedullary neuromas are rare tumors; only 37 cases have been described in the literature since 1931. CLINICAL PRESENTATION The case of a 36-year-old woman presenting with an 8-month history of a progressive cervical myelopathy is reported. A diagnosis of a cervical intramedullary tumor was made by magnetic resonance imaging. INTERVENTION A C3-C7 laminectomy and a near total resection were performed. Pathological examination revealed a neuroma; the various operative and pathological findings are presented. CONCLUSION The existence of intraparenchymal neuromas is difficult to explain. Various pathogenic hypotheses are discussed. Microsurgical resection is considered the therapeutic option of choice for these entities.

Chapter 35 - Spinal stenosis

Narrowing of the spinal canal or foramina is a common finding in spine imaging of the elderly. Only when symptoms of neurogenic claudication and/or cervical myelopathy are present is a spinal stenosis diagnosis made, either of the lumbar spine, cervical spine or both (only very rarely is the thoracic spine involved). Epidemiological data suggest an incidence of 1 case per 100 000 for cervical spine stenosis and 5 cases per 100 000 for lumbar spine stenosis. Cervical myelopathy in patients over 50 years of age is most commonly due to cervical spine stenosis. Symptomatic spinal narrowing can be congenital, or, more frequently, acquired. The latter may be the result of systemic illneses, namely endocrinopathies (such as Cushing disease or acromegaly), calcium metabolism disorders (including hyporarthyroidism and Paget disease), inflammatory diseases (such as rheumathoid arthritis) and infectious diseases. Physical examination is more often abnormal in cervical spondylotic myeloptahy whereas in lumbar spinal stenosis it is typically normal. Therefore spinal stenosis diagnosis relies on the clinical picture corresponding to conspicuous causative changes identified by imaging techniques, most importantly CT and MRI. Other ancillary diagnostic tests are more likely to be yielding for establishing a differential diagnosis, namely vascular claudication. Most patients have a progressive presentation and are offered non operative management as first treatment strategy. Surgery is indicated for progressive intolerable symptoms or, more rarely, for the neurologically catastrophic initial presentations. Surgical strategy consists mainly of decompression (depending on the anatomical level and type of narrowing: laminectomy, foraminotomy, discectomy, corporectomy) with additional instrumentation should spinal stability and sagittal balance be at risk. For cervical spine stenosis the main objective of surgery is to halt disease progression. There is class 1b evidence that surgery is of benefit for lumbar stenosis at least in the short term.

Partial section of the corpus callosum: focal signs and their recovery

A 30-year-old woman underwent surgical partial callosotomy (posterior half) for removal of an arteriovenous malformation. The patient submitted to neuropsychological evaluation before and after surgery for a period of 8 months. There was transient dysfunction attributable to disconnection of parietal, temporal, and occipital connections. Because the symptoms disappeared over time, we conclude that the transcallosal surgical approach can, in the long term, be considered a relatively harmless method.

Recycling Test Cases to Detect Security Vulnerabilities

The design of new protocols and features, e.g., in the context of organizations such as the IETF, produces a flow of novel standards and amendments that lead to ever changing implementations. These implementations can be difficult to test for security vulnerabilities because existing tools often lag behind. In the paper, we propose a new methodology that addresses this issue by recycling test cases from several sources, even if aimed at distinct protocols. It resorts to protocol reverse engineering techniques to build parsers that are capable of extracting the relevant payloads from the test cases, and then applies them to new test cases tailored to the particular features that need to be checked. An evaluation with 10 commercial and open-source testing tools and a large set of FTP vulnerabilities shows that our approach is able to get better or equal vulnerability coverage than the original tools. In a more detailed experiment with two fuzzers, our solution showed an improvement of 19% on vulnerability coverage when compared with the two combined fuzzers, being capable of finding 25 additional vulnerabilities.