skip to main content
10.1145/3141235.3141236acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

An Initial Investigation of Protocol Customization

Published: 03 November 2017 Publication History

Abstract

Attacks exploiting design or implementation flaws of particular features in popular protocols are becoming prevalent and have led to severe security impacts on a majority of software systems. Protocol customization as a general approach to specialize a standard protocol holds significant promise in reducing such attack surfaces in common protocols. In this work, we perform an initial investigation of applying protocol customization practices to reduce the attack surface of standard protocols. Our characterization study on 20 medium or high-impact common vulnerability exposures (CVEs) published in recent years indicates that some forms of customization have been supported in existing protocol software, but were implemented with huge manual effort and in an ad-hoc manner. More systematic and automated ways of protocol customization are awaited to generalize common customization practices across protocols. To work towards this goal, we identify key research challenges for the support of systematic and sufficiently automated protocol customization through real-world case study on popular protocol software, and propose an access control framework as a principled solution to unify existing protocol customization practices. We also present a preliminary design of a protocol customization system based on this design principle. Preliminary evaluation results demonstrate that our proposed system supports common customization practices for a majority of real-world protocol vulnerabilities in a systematic way.

References

[1]
Apache HTTP Server configure - Configure the source tree. http://httpd.apache.org/docs/2.4/programs/configure.html.
[2]
Check request/response submission error based side of session. https://github.com/nghttp2/nghttp2/commit/bb6f842b37b57c3d8e191db948e9165c59af7daf.
[3]
Cloud Natural Language API. https://cloud.google.com/natural-language/.
[4]
Customer Guidance for WannaCrypt Attacks. https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/.
[5]
CVE-2008-2364: mod_proxy_http DoS. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364.
[6]
CVE-2009-1191: mod_proxy_ajp data leak. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191.
[7]
CVE-2009-3555: SSL/TLS renegotiation attack. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555.
[8]
CVE-2011-3192: Range header DoS. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192.
[9]
CVE-2011-3607: Integer overflow in Apache HTTP server. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201--3607.
[10]
CVE-2012-3499: Apache XSS. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499.
[11]
CVE-2012-4929: CRIME attack. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929.
[12]
CVE-2013-0169: Lucky13 attack. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169.
[13]
CVE-2013-3587: BREACH attack. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3587.
[14]
CVE-2014-0160: Heartbleed bug. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160.
[15]
CVE-2015-0204: OpenSSL FREAK attack. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204.
[16]
CVE-2015-2808: RC4 attack. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808.
[17]
CVE-2015-4000: Logjam attack. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000.
[18]
CVE-2015-8659: Dependency cycle DoS. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8659.
[19]
CVE-2016-0777: OpenSSH client information leak. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777.
[20]
CVE-2016-1232: Prosody XMPP dialback vulnerability. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1232.
[21]
CVE-2016-1544: HPACK bomb. https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/.
[22]
CVE-2016-1546: Slow read DoS. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1546.
[23]
CVE-2016-5387: HTTP_PROXY redirection. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387.
[24]
CVE-2016-6581: HPACK bomb. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6581.
[25]
CVE-2017-5858: XMPP Message Carbons extension vulnerability. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5858.
[26]
Deepmind ai reduces google data centre cooling bill by 40%. https://deepmind.com/blog/deepmind-ai-reduces-google-data-centre-cooling-bill-40/.
[27]
Google Application Security. https://www.google.com/about/appsecurity/research/.
[28]
Hypertext Transfer Protocol Version 2 (HTTP/2). https://http2.github.io/http2-spec/.
[29]
Introducing DeepText: Facebook's text understanding engine. https://code.facebook.com/posts/181565595577955/introducing-deeptext-facebook-s-text-understanding-engine/.
[30]
nghttp2 - HTTP/2 C Library and tools. https://github.com/nghttp2/nghttp2/.
[31]
OpenSCAP. https://www.open-scap.org/.
[32]
Petya Ransomware Spreading Rapidly Worldwide, Just Like WannaCry. http://thehackernews.com/2017/06/petya-ransomware-attack.html.
[33]
Return error from nghttp2_submit_headers, request when self dependency. https://github.com/nghttp2/nghttp2/commit/8716dd05d44f3b4cf0ff719240297cec57359815.
[34]
Set max number of outgoing concurrent streams to 100 by default. https://github.com/nghttp2/nghttp2/commit/a151a44caf92d8bc7ecca8d8ec4780fa6206be96.
[35]
Spark MLlib. https://spark.apache.org/mllib/.
[36]
The DROWN Attack. https://drownattack.com.
[37]
The Heartbleed Bug. http://heartbleed.com.
[38]
Use NGHTTP2_PROTOCOL_ERROR when peer exceeds MAX_CONCURRENT_STREAMS limit. https://github.com/nghttp2/nghttp2/commit/e2bbc9461618d953e60c51f6ad3c44a65c178db5.
[39]
Weak Diffie-Hellman and the Logjam Attack. https://weakdh.org.
[40]
A. V. Aho, R. Sethi, and J. D. Ullman. Compilers: Principles, Techniques, and Tools, volume 2. Addison-wesley Reading, 2007.
[41]
L. O. Andersen. Program analysis and specialization for the C programming language. PhD thesis, University of Cophenhagen, 1994.
[42]
D. Arp, M. Spreitzenbarth, M. Hubner, H. Gascon, and K. Rieck. DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket. In Proceedings of the 21st Annual Network and Distributed System Security Symposium, NDSS '14, 2014.
[43]
T. Bao, J. Burket, M. Woo, R. Turner, and D. Brumley. BYTEWEIGHT: Learning to Recognize Functions in Binary Code. In Proceedings of the 23rd USENIX Conference on Security Symposium, SEC '14, 2014.
[44]
Y. Bengio. Deep Learning of Representations for Unsupervised and Transfer Learning. In Proceedings of the 2011 International Conference on Unsupervised and Transfer Learning Workshop - Volume 27, UTLW '11, 2011.
[45]
K. Bhargavan, D. Obradovic, and C. A. Gunter. Formal Verification of Standards for Distance Vector Routing Protocols. Journal of the ACM, 2002.
[46]
S. Bishop, M. Fairbairn, M. Norrish, P. Sewell, M. Smith, and K. Wansbrough. Rigorous Specification and Conformance Testing Techniques for Network Protocols, as Applied to TCP, UDP, and Sockets. SIGCOMM, 2005.
[47]
J. A. Boyan and M. L. Littman. Packet Routing in Dynamically Changing Networks: A Reinforcement Learning Approach. In Proceedings of the 6th International Conference on Neural Information Processing Systems, NIPS '93, 1993.
[48]
M. Burke and R. Cytron. Interprocedural Dependence Analysis and Parallelization. In Proceedings of the 1986 SIGPLAN Symposium on Compiler Construction, SIGPLAN '86, 1986.
[49]
C. Cadar, D. Dunbar, and D. Engler. KLEE: Unassisted and Automatic Generation of High-coverage Tests for Complex Systems Programs. In Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, OSDI '08, 2008.
[50]
R. Chang, G. Jiang, F. Ivancic, S. Sankaranarayanan, and V. Shmatikov. Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities. In CSF, 2009.
[51]
Q. A. Chen, Z. Qian, Y. Jia, Y. Shao, and Z. M. Mao. Static Detection of Packet Injection Vulnerabilities - A Case for Identifying Attacker-controlled Implicit Information Leaks. In ACM CCS, 2015.
[52]
B. Chess and G. McGraw. Static Analysis for Security. In IEEE Security & Privacy, 2004.
[53]
Z. L. Chua, S. Shen, P. Saxena, and Z. Liang. Neural Nets Can Learn Function Type Signatures From Binaries. In Proceedings of the 26th USENIX Conference on Security Symposium, Security '17, 2017.
[54]
C. Cifuentes and M. V. Emmerik. Recovery of Jump Table Case Statements from Binary Code. In Proceedings of the 7th International Workshop on Program Comprehension, IWPC '99, 1999.
[55]
J. Clause, W. Li, and A. Orso. Dytan: A Generic Dynamic Taint Analysis Framework. In Proceedings of the 2007 International Symposium on Software Testing and Analysis, ISSTA '07, 2007.
[56]
B. De Sutter, B. De Bus, K. De Bosschere, P. Keyngnaert, and B. Demoen. On the Static Analysis of Indirect Control Transfers in Binaries. In Proceedings of the International Conference on Parallel and Distributed Processing Techniques and Applications, 2000.
[57]
Z. Deng, X. Zhang, and D. Xu. BISTRO: Binary Component Extraction and Embedding for Software Security Applications. In Proceedings of the 18th European Symposium on Research in Computer Security, ESORICS '13, 2013.
[58]
D. F. Ferraiolo, R. Sandhu, S. Gavrila, D. R. Kuhn, and R. Chandramouli. Proposed NIST Standard for Role-based Access Control. ACM Transactions on Information and System Security (TISSEC), 2001.
[59]
A. Flexeder, B. Mihaila, M. Petter, and H. Seidl. Interprocedural Control Flow Reconstruction. In Proceedings of the 8th Asian Symposium on Programming Languages and Systems, APLAS 2010, 2010.
[60]
Y. Goldberg. A Primer on Neural Network Models for Natural Language Processing. CoRR, 2015.
[61]
B. Hardekopf and C. Lin. Flow-Sensitive Pointer Analysis for Millions of Lines of Code. In Proceedings of the 9th Annual International Symposium on Code Generation and Optimization, CGO '11, 2011.
[62]
HexHive. libdetox: Fast and efficient binary translator. https://github.com/HexHive/libdetox.
[63]
W.-M. W. Hwu, S. A. Mahlke, W. Y. Chen, P. P. Chang, N. J. Warter, R. A. Bringmann, R. G. Ouellette, R. E. Hank, T. Kiyohara, G. E. Haab, et al. The Superblock: An Effective Technique for VLIW and Superscalar Compilation. In Instruction-Level Parallelism, 1993.
[64]
A. Javaid, Q. Niyaz, W. Sun, and M. Alam. A Deep Learning Approach for Network Intrusion Detection System. In Proceedings of the 9th International Conference on Bio-inspired Information and Communications Technologies, BICT '15, 2015.
[65]
Y. Jiang, D. Wu, and P. Liu. JRed: Program Customization and Bloatware Mitigation Based on Static Analysis. In 2016 IEEE 40th Annual Computer Software and Applications Conference, COMPSAC '16, 2016.
[66]
Y. Jiang, C. Zhang, D. Wu, and P. Liu. Feature-based Software Customization: Preliminary Analysis, Formalization, and Methods. In Proceedings of the 17th IEEE High Assurance Systems Engineering Symposium, HASE '16, 2016.
[67]
G. Jin, W. Zhang, D. Deng, B. Liblit, and S. Lu. Automated Concurrency-Bug Fixing. In OSDI, 2012.
[68]
J. Kinder, F. Zuleger, and H. Veith. An Abstract Interpretation-Based Framework for Control Flow Reconstruction from Binaries. In Proceedings of the 10th International Conference on Verification, Model Checking, and Abstract Interpretation, 2009.
[69]
N. Kothari, R. Mahajan, T. Millstein, R. Govindan, and M. Musuvathi. Finding Protocol Manipulation Attacks. In SIGCOMM, 2011.
[70]
C. Lattner and V. Adve. LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. In Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization, 2004.
[71]
W. Lee and D. Xiang. Information-Theoretic Measures for Anomaly Detection. In Proceedings of the 2001 IEEE Symposium on Security and Privacy, SP '01, 2001.
[72]
K. R. M. Leino. Dafny: An Automatic Program Verifier for Functional Correctness. In International Conference on Logic for Programming Artificial Intelligence and Reasoning, 2010.
[73]
V. B. Livshits and M. S. Lam. Tracking Pointers with Path and Context Sensitivity for Bug Detection in C Programs. In Proceedings of the 9th European Software Engineering Conference, ESEC '11, 2003.
[74]
C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood. Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation. In Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '05, 2005.
[75]
C. D. Manning and H. Schütze. Foundations of Statistical Natural Language Processing. MIT Press, 1999.
[76]
H. Mao, M. Alizadeh, I. Menache, and S. Kandula. Resource Management with Deep Reinforcement Learning. In Proceedings of the 15th ACM Workshop on Hot Topics in Networks, HotNets '16, 2016.
[77]
G. C. Necula, S. McPeak, S. P. Rahul, and W. Weimer. CIL: Intermediate Language and Tools for Analysis and Transformation of C prhttps://www.readcube.com/homeograms. In CC, 2002.
[78]
R. Pandita, X. Xiao, W. Yang, W. Enck, and T. Xie. WHYPER: Towards Automating Risk Assessment of Mobile Applications. In USENIX security, 2013.
[79]
L. Pedrosa, A. Fogel, N. Kothari, R. Govindan, R. Mahajan, and T. Millstein. Analyzing protocol implementations for interoperability. In NSDI, 2015.
[80]
H. Peng, C. Gates, B. Sarma, N. Li, Y. Qi, R. Potharaju, C. Nita-Rotaru, and I. Molloy. Using Probabilistic Generative Models for Ranking Risks of Android Apps. In Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS '12, 2012.
[81]
Z. Qu, V. Rastogi, X. Zhang, Y. Chen, T. Zhu, and Z. Chen. Autocog: Measuring the Description-to-permission Fidelity in Android Applications. In ACM CCS, 2014.
[82]
A. Quinn, D. Devecsery, P. M. Chen, and J. Flinn. JetStream: Cluster-scale Parallelization of Information Flow Queries. In Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation, OSDI '16, 2016.
[83]
D. A. Ramos and D. R. Engler. Under-Constrained Symbolic Execution: Correctness Checking for Real Code. In USENIX Security Symposium, 2015.
[84]
T. Reps, S. Horwitz, and M. Sagiv. Precise Interprocedural Dataflow Analysis via Graph Reachability. In Proceedings of the 22Nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL '95, 1995.
[85]
R. Saint-Germain. Information Security Management Best Practice Based on ISO/IEC 17799. ARMA International Information Management, 2005.
[86]
R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based Access Control Models. IEEE Computer, 1996.
[87]
J. Saxe and K. Berlin. Deep Neural Network Based Malware Detection Using Two Dimensional Binary Program Features. In Proceedings of the 10th International Conference on Malicious and Unwanted Software, MALWARE '15, 2015.
[88]
E. C. R. Shin, D. Song, and R. Moazzezi. Recognizing Functions in Binaries with Neural Networks. In Proceedings of the 24th USENIX Conference on Security Symposium, SEC '15, 2015.
[89]
Y. Shoshitaishvili, R. Wang, C. Salls, N. Stephens, M. Polino, A. Dutcher, J. Grosen, S. Feng, C. Hauser, C. Kruegel, and G. Vigna. SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis. In IEEE Symposium on Security and Privacy, 2016.
[90]
Y. Shoshitaishvili, R. Wang, C. Salls, N. Stephens, M. Polino, A. Dutcher, J. Grosen, S. Feng, C. Hauser, C. Kruegel, and G. Vigna. SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis. In Proceedings of the 2016 IEEE Symposium on Security and Privacy, SP '16, 2016.
[91]
R. Socher, Y. Bengio, and C. D. Manning. Deep Learning for NLP (Without Magic). In Tutorial Abstracts of ACL 2012, ACL '12, 2012.
[92]
R. Sommer and V. Paxson. Outside the Closed World: On Using Machine Learning for Network Intrusion Detection. In Proceedings of the 2010 IEEE Symposium on Security and Privacy, SP '10, 2010.
[93]
D. Song, D. Brumley, H. Yin, J. Caballero, I. Jager, M. Kang, Z. Liang, J. Newsome, P. Poosankam, and P. Saxena. BitBlaze: A New Approach to Computer Security via Binary Analysis. In Information systems security, 2008.
[94]
Y. Sui and J. Xue. SVF: Interprocedural Static Value-flow Analysis in LLVM. In Proceedings of the 25th International Conference on Compiler Construction, CC 2016, 2016.
[95]
H. Theiling. Extracting safe and precise control flow from binaries. In Proceedings of the 7th International Workshop on Real-Time Computing and Applications Symposium, RTCSA 2000, 2000.
[96]
D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. In NDSS, 2000.
[97]
R. Wang, W. Enck, D. Reeves, X. Zhang, P. Ning, D. Xu, W. Zhou, and A. M. Azab. EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-scale Semi-Supervised Learning. In Proceedings of the 24th USENIX Conference on Security Symposium, SEC'15, 2015.
[98]
S. Wang, P. Wang, and D. Wu. Reassembleable Disassembling. In Proceedings of the 24th USENIX Conference on Security Symposium, SEC '15, 2015.
[99]
S. Wang, P. Wang, and D. Wu. UROBOROS: Instrumenting Stripped Binaries with Static Reassembling. In Proceedings of the 23rd International Conference on Software Analysis, Evolution, and Reengineering, SANER '16, 2016.
[100]
T. Xu, X. Jin, P. Huang, Y. Zhou, S. Lu, L. Jin, and S. Pasupathy. Early Detection of Configuration Errors to Reduce Failure Damage. In OSDI, 2016.
[101]
E. Yuan and J. Tong. Attributed based Access Control (ABAC) for Web Services. In IEEE ICWS, 2005.
[102]
W. Zhang, J. Lim, R. Olichandran, J. Scherpelz, G. Jin, S. Lu, and T. Reps. ConSeq: Detecting Concurrency Bugs Through Sequential Errors. In ACM SIGPLAN Notices, 2011.
[103]
Z. Zhu and T. Dumitras. FeatureSmith: Automatically Engineering Features for Malware Detection by Mining the Security Literature. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS '16, 2016.

Cited By

View all
  • (2024)Demystifying the Fight Against Complexity: A Comprehensive Study of Live Debugging Activities in Production Cloud SystemsProceedings of the 2024 ACM Symposium on Cloud Computing10.1145/3698038.3698568(341-360)Online publication date: 20-Nov-2024
  • (2024)Software Defined Layer 4.5 Customization for Agile Network OperationIEEE Transactions on Network and Service Management10.1109/TNSM.2023.328887521:1(35-50)Online publication date: Feb-2024
  • (2022)Preventing MQTT Vulnerabilities Using IoT-Enabled Intrusion Detection SystemSensors10.3390/s2202056722:2(567)Online publication date: 12-Jan-2022
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
FEAST '17: Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation
November 2017
78 pages
ISBN:9781450353953
DOI:10.1145/3141235
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2017

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. attack surface
  2. protocol customization
  3. protocol feature

Qualifiers

  • Research-article

Conference

CCS '17
Sponsor:

Acceptance Rates

Overall Acceptance Rate 4 of 4 submissions, 100%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)11
  • Downloads (Last 6 weeks)4
Reflects downloads up to 13 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Demystifying the Fight Against Complexity: A Comprehensive Study of Live Debugging Activities in Production Cloud SystemsProceedings of the 2024 ACM Symposium on Cloud Computing10.1145/3698038.3698568(341-360)Online publication date: 20-Nov-2024
  • (2024)Software Defined Layer 4.5 Customization for Agile Network OperationIEEE Transactions on Network and Service Management10.1109/TNSM.2023.328887521:1(35-50)Online publication date: Feb-2024
  • (2022)Preventing MQTT Vulnerabilities Using IoT-Enabled Intrusion Detection SystemSensors10.3390/s2202056722:2(567)Online publication date: 12-Jan-2022
  • (2022)Towards Software Defined Layer 4.5 Customization2022 IEEE 8th International Conference on Network Softwarization (NetSoft)10.1109/NetSoft54395.2022.9844096(330-338)Online publication date: 27-Jun-2022
  • (2020)Automatic Feature Isolation in Network Protocol Software ImplementationsProceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation10.1145/3411502.3418425(29-34)Online publication date: 13-Nov-2020
  • (2020)AVGuardian: Detecting and Mitigating Publish-Subscribe Overprivilege for Autonomous Vehicle Systems2020 IEEE European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP48549.2020.00035(445-459)Online publication date: Sep-2020
  • (2019)Automated Finite State Machine ExtractionProceedings of the 3rd ACM Workshop on Forming an Ecosystem Around Software Transformation10.1145/3338502.3359760(9-15)Online publication date: 15-Nov-2019
  • (2019)Configuration-Driven Software DebloatingProceedings of the 12th European Workshop on Systems Security10.1145/3301417.3312501(1-6)Online publication date: 25-Mar-2019

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media