Data Flow Analysis

Khedker, Uday P.; Sanyal, Amitabha; Karkare, Bageshri

doi:10.1201/9780849332517

Cited by 66 publications

(7 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The idea is to apply traditional liveness analysis [11] to identify at each program point which variables contain values that may be needed later. This is applied as a backward analysis on the control flow graph where liveness is introduced at points where a variable is used and propagated backwards with unions being taken at merge points.…”

Section: Free-me Analysismentioning

confidence: 99%

A Story of Parametric Trace Slicing, Garbage and Static Analysis

Reger

2017

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

This paper presents a proposal (story) of how statically detecting unreachable objects (in Java) could be used to improve a particular runtime verification approach (for Java), namely parametric trace slicing. Monitoring algorithms for parametric trace slicing depend on garbage collection to (i) cleanup data-structures storing monitored objects, ensuring they do not become unmanageably large, and (ii) anticipate the violation of (non-safety) properties that cannot be satisfied as a monitored object can no longer appear later in the trace. The proposal is that both usages can be improved by making the unreachability of monitored objects explicit in the parametric property and statically introducing additional instrumentation points generating related events. The ideas presented in this paper are still exploratory and the intention is to integrate the described techniques into the MarQ monitoring tool for quantified event automata.

show abstract

Section: Free-me Analysismentioning

confidence: 99%

A Story of Parametric Trace Slicing, Garbage and Static Analysis

Reger

2017

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

show abstract

“…1) Unrestricted Context Depth: Our symbolic execution engine (see ❷ in Figure 4) performs an inter-procedural pathsensitive analysis with a call string approach [71,72]. For each function a CFG is built.…”

Section: B Symbolic Execution Engine Featuresmentioning

confidence: 99%

Practical Integer Overflow Prevention

Muntean,

Grossklags,

Eckert

2017

Preprint

View full text Add to dashboard Cite

Integer overflows in commodity software are a main source for software bugs, which can result in exploitable memory corruption vulnerabilities and may eventually contribute to powerful software based exploits, i.e., code reuse attacks (CRAs). In this paper, we present INTGUARD, a symbolic execution based tool that can repair integer overflows with high-quality source code repairs. Specifically, given the source code of a program, INTGUARD first discovers the location of an integer overflow error by using static source code analysis and satisfiability modulo theories (SMT) solving. INTGUARD then generates integer multiprecision code repairs based on modular manipulation of SMT constraints as well as an extensible set of customizable code repair patterns. We evaluated INTGUARD with 2052 C programs (≈1 Mil. LOC) available in the currently largest open-source test suite for C/C++ programs and with a benchmark containing large and complex programs. The evaluation results show that INTGUARD can precisely (i.e., no false positives are accidentally repaired), with low computational and runtime overhead repair programs with very small binary and source code blow-up. In a controlled experiment, we show that INTGUARD is more time-effective and achieves a higher repair success rate than manually generated code repairs.

show abstract

“…Mimicry attacks [3] refer to attackers using legitimate execution call sequences to achieve attack goals by modifying parameters within the called function. Techniques such as parameter discovery [4] or data flow analysis [5] can be used to detect these attacks. However, it is difficult to ensure full coverage of all input parameters in the application program, and the parameter discovery process is tedious and time-consuming.…”

Section: Introductionmentioning

confidence: 99%

Program Behavior Dynamic Trust Measurement and Evaluation Based on Data Analysis

Wang,

Hu,

et al. 2024

Symmetry

View full text Add to dashboard Cite

Industrial control terminals play an important role in industrial control scenarios. Due to the special nature of industrial control networks, industrial control terminal systems are vulnerable to malicious attacks, which can greatly threaten the stability and security of industrial production environments. Traditional security protection methods for industrial control terminals have coarse detection granularity, and are unable to effectively detect and prevent attacks, lacking real-time responsiveness to attack events. Therefore, this paper proposes a real-time dynamic credibility evaluation mechanism based on program behavior, which integrates the matching and symmetry ideas of credibility evaluation. By conducting a real-time dynamic credibility evaluation of function call sequences and system call sequences during program execution, the credibility of industrial control terminal application program behavior can be judged. To solve the problem that the system calls generated during program execution are unstable and difficult to measure, this paper proposes a partition-based dynamic credibility evaluation method, dividing program behavior during runtime into function call behavior and system call behavior within function intervals. For function call behavior, a sliding window-based function call sequence benchmark library construction method is proposed, which matches and evaluates real-time measurement results based on the benchmark library, thereby achieving symmetry between the benchmark library and the measured data. For system call behavior, a maximum entropy system call model is constructed, which is used to evaluate the credibility of system call sequences. Experiment results demonstrate that our method performs better in both detection success rate and detection speed compared to the existing methods.

show abstract

Data Flow Analysis

Cited by 66 publications

References 0 publications

A Story of Parametric Trace Slicing, Garbage and Static Analysis

A Story of Parametric Trace Slicing, Garbage and Static Analysis

Practical Integer Overflow Prevention

Program Behavior Dynamic Trust Measurement and Evaluation Based on Data Analysis

Contact Info

Product

Resources

About