Spelling suggestions: "subject:"control low"" "subject:"control flow""
71 |
Framework pro statickou analýzu skriptů pro shell / A Framework for Static Analysis of Shell ScriptsSvoboda, František January 2012 (has links)
The aim of this work is to create framework for static analysis of Unix shell scripts. Bourne-again shell is chosen as the primary subject of interest. The first part of the project discusses a principles of static analysis and current static analysis tools. The diploma thesis presents a framework based on modular system, which enables plug-ins to perform different kinds of analysis on scripts. Framework includes plug-in management, means of interaction, handling outputs and input setting. This thesis also contains the description of a few plug-ins, designed to perform basic analysis of scripts.
|
72 |
Statická analýza možných hodnot proměnných v programech v C / Static Value Analysis over C ProgramsĎuričeková, Daniela January 2013 (has links)
Value-range analysis is a static analysis technique based on arguing about the values that a variable may take on a given program point. It can be used to prove absence of run-time errors such as out-of-bound array accesses. Since value-range analysis collects information on each program point, data-flow analysis can be used in association with it. The main goal of this work is designing and implementing such a value-range analysis tool. The work begins with an introduction into the topic, an explanation of data-flow and value-range analyses and a description of abstract interpretation, which provides the formal basis of the analyser. The core of this work is the design, implementation, testing and evaluation of the analyser. In the conclusion, our personal experience obtained in the area of the thesis is mentioned, along with a discussion of a possible future development of the designed tool.
|
73 |
INTERNET OF THINGS SYSTEMS SECURITY: BENCHMARKING AND PROTECTIONNaif S Almakhdhub (8810120) 07 May 2020 (has links)
<div><p>Internet of Things (IoT) systems running on Microcontrollers (MCUS) have become a prominent target of remote attacks. Although deployed in security and safety critical domains, such systems lack basic mitigations against control-flow hijacking attacks. Attacks against IoT systems already enabled malicious takeover of smartphones, vehicles, unmanned aerial vehicles, and industrial control systems.</p></div><div><p> </p><div><p>The thesis introduces a systemic analysis of previous defense mitigations to secure IoT systems. Building off this systematization, we identify two main issues in IoT systems security. First, efforts to protect IoT systems are hindered by the lack of realistic benchmarks and evaluation frameworks. Second, existing solutions to protect from control-flow hijacking on the return edge are either impractical or have limited security guarantees. This thesis addresses these issues using two approaches. </p></div><div><p> </p></div><div><p>First, we present BenchIoT, a benchmark suite of five realistic IoT applications and an evaluation framework that enables automated and extensible evaluation of 14 metrics covering security, performance, memory usage, and energy. BenchIoT enables evaluating and comparing security mechanisms. Using BenchIoT, we show that even if two security mechanisms have similarly modest runtime overhead, one can have undesired consequences on security such as a large portion of privileged user execution.</p></div><div><p> </p></div><div><p>Second, we introduce Return Address Integrity (RAI), a novel security mechanism to prevent all control-flow hijacking attacks targeting return edges, without requiring special hardware. We design and implement μRAI to enforce the RAI property. Our results show μRAI has a low runtime overhead of 0.1% on average, and therefore is a</p></div><div><p>practical solution for IoT systems. </p></div><div><p> </p></div><div><p>This thesis enables measuring the security IoT systems through standardized benchmarks and metrics. Using static analysis and runtime monitors, it prevents control-flow hijacking attacks on return edges with low runtime overhead. Combined, this thesis advances the state-of-the-art of protecting IoT systems and benchmarking its security.</p></div></div>
|
74 |
Multidimensional flow mapping for proportional valvesSitte, André, Koch, Oliver, Liu, Jianbin, Tautenhahn, Ralf, Weber, Jürgen 25 June 2020 (has links)
Inverse, multidimensional input-output flow mapping is very important for use of valves in precision motion control applications. Due to the highly nonlinear characteristic and uncertain model structure of the cartridge valves, it is hard to formulate the modelling of their flow mappings into simple parameter estimation problems. This contribution conducts a comprehensive analysis and validation of three- and four-dimensional input-output-mapping approaches for a proportional pilot operated seat valves. Therefore, a virtual and a physical test-rig setup are utilized for initial measurement, implementation and assessment. After modeling and validating the valve under consideration, as a function of flow, pressure and temperature different mapping methods are investigated. More specifically, state of the art approaches, deep-learning methods and a newly developed approach (extPoly) are examined. Especially ANNs and Polynomials show reasonable approximation results even for more than two inputs. However, the results are strongly dependent on the structure and distribution of the input data points. Besides identification effort, the invertibility was investigated.
|
75 |
TAMING IRREGULAR CONTROL-FLOW WITH TARGETED COMPILER TRANSFORMATIONSCharitha Saumya Gusthinna Waduge (15460634) 15 May 2023 (has links)
<p> </p>
<p>Irregular control-flow structures like deeply nested conditional branches are common in real-world software applications. Improving the performance and efficiency of such programs is often challenging because it is difficult to analyze and optimize programs with irregular control flow. We observe that real-world programs contain similar or identical computations within different code paths of the conditional branches. Compilers can merge similar code to improve performance or code size. However, existing compiler optimizations like code hoisting/sinking, and tail merging do not fully exploit this opportunity. We propose a new technique called Control-Flow Melding (CFM) that can merge similar code sequences at the control-flow region level. We evaluate CFM in two applications. First, we show that CFM reduces the control divergence in GPU programs and improves the performance. Second, we apply CFM to CPU programs and show its effectiveness in reducing code size without sacrificing performance. In the next part of this dissertation, we investigate how CFM can be extended to improve dynamic test generation techniques like Dynamic Symbolic Execution (DSE). DSE suffers from path explosion problem when many conditional branches are present in the program. We propose a non-semantics-preserving branch elimination transformation called CFM-SE that reduces the number of symbolic branches in a program. We also provide a framework for detecting and reasoning about false positive bugs that might be added to the program by non-semantics-preserving transformations like CFM-SE. Furthermore, we evaluate CFM-SE on real-world applications and show its effectiveness in improving DSE performance and code coverage. </p>
|
76 |
Hardware and Software Fault-Tolerance of Softcore Processors Implemented in SRAM-Based FPGAsRollins, Nathaniel Hatley 09 March 2012 (has links) (PDF)
Softcore processors are an attractive alternative to using expensive radiation-hardened processors for space-based applications. Since they can be implemented in the latest SRAM-based FPGA technologies, they are fast, flexible and significantly less expensive. However, unlike ASIC-based processors, the logic and routing of a softcore processor are vulnerable to the effects of single-event upsets (SEUs). To protect softcore processors from SEUs, this dissertation explores the processor design-space for the LEON3 softcore processor implemented in a commercial SRAM-based FPGA. The traditional mitigation techniques of triple modular redundancy (TMR) and duplication with compare (DWC) and checkpointing provide reliability to a softcore processor at great spatial cost. To reduce the spatial cost, terrestrial ASIC-based processor protection techniques are applied to the LEON3 processor. These techniques come at the cost of time instead of area. The software fault-tolerance techniques used to protect the logic and routing of the LEON3 softcore processor include a modified version of software implemented fault tolerance (SWIFT), consistency checks, software indications, and checkpointing. To measure the reliability of a mitigated LEON3 softcore processor, an updated hardware fault-injection model is created, and novel reliability metrics are employed. The improvement in reliabilty over an unmitigated LEON3 is measured using four metrics: architectural vulnerability factor (AVF), mean time to failure (MTTF), mean useful instructions to failure (MuITF), and reliability-area-performance (RAP). Traditional reliability techniques provide the best reliability: DWC with checkpointing improves the MTTF and MuITF by almost 35x and TMR with triplicated input and outputs improves the MTTF and MuITF by almost 6000x. Software fault-tolerance provides significant reliability for a much lower area cost. Each of these techniques provides greater processor protection than a popular state-of-the-art rad-hard processor.
|
77 |
Anomaly Detection in Hard Real-Time Embedded SystemsBoakye Dankwa (19752255) 30 September 2024 (has links)
<p dir="ltr">Lessons learned in protecting desktop computers, servers, and cloud systems from cyberattacks have not translated to embedded systems easily. Yet, embedded systems impact our lives in many ways and are subject to similar risks. In particular, real-time embedded systems are computer systems controlling critical physical processes in industrial controllers, avionics, engine control systems, etc. Attacks have been reported on real-time embedded systems, some with devastating outcomes on the physical processes. Detecting intrusions in real-time is a prerequisite to an effective response to ensure resilience to damaging attacks. In anomaly detection methods, researchers typically model expected program behavior and detect deviations. This approach has the advantage of detecting zero-day attacks compared to signature-based intrusion detection methods; however, existing anomaly detection approaches suffer high false-positive rates and incur significant performance overhead caused by code instrumentation, making them impractical for hard real-time embedded systems, which must meet strict temporal constraints.</p><p dir="ltr">This thesis presents a hardware-assisted anomaly detection approach that uses an automaton to model valid control-flow transfers in hard real-time systems without code instrumentation. The approach relies on existing hardware mechanisms to capture and export runtime control-flow data for runtime verification without the need for code instrumentation, thereby preserving the temporal properties of the target program. We implement a prototype of the mechanism on the Xilinx Zynq Ultrascale+ platform and empirically demonstrate precise detection of control-flow hijacking attacks with negligible (0.18%) performance overhead without false alarms using a real-time variant of the well-known RIPE benchmark we developed for this work. We further empirically demonstrate via schedulability analysis that protecting a real-time program with the proposed anomaly detection mechanism preserves the program’s temporal constraints.</p>
|
78 |
On the (in)security of behavioral-based dynamic anti-malware techniquesErsan, Erkan 21 April 2017 (has links)
The Internet has become the primary vector for the delivery of malicious code in cyber attacks, and malware has rapidly become a pervasive critical threat. Anti- malware products offer effective protection from malware threats for servers and endpoint devices using a variety of techniques. Advanced enterprise-level anti-malware products rely on state-of-art behavioral-based detection algorithms, in addition to traditional signature-based mechanisms. These dynamic detection techniques have been around for more than a decade and in response hackers have developed methods to evade them. However, currently known bypass methods require intensive manual labor. Moreover, this manual work has to be repeated whenever a parameter of the environment (such as the payload, operating system, Antivirus version, etc) changes, making these methods impractical. This may lead to the belief that dynamic techniques provide a good deterrence, and hence good protection.
In this thesis we evaluate dynamic techniques. Specifically, we build tools to implement generic unhooking and funneling, and using these tools we show how dynamic techniques can be bypassed with considerably less effort than by fully manual methods. We also extend the repertoire of existing bypass methods and introduce a new malicious function call technique which exploits detection techniques that monitor a limited collection of critical system functions, as well as a method for bypassing guard-page protections. We demonstrate the effectiveness of all our techniques by conducting attacks against two enterprise antivirus products. Our results lead us to conclude that that dynamic techniques do not provide sufficient protection. / Graduate / 2018-02-07 / 0984 / erkanersan@gmail.com
|
79 |
Über Minoren gerichteter GraphenSeidler, Steffen 17 May 2011 (has links) (PDF)
Seit 1983 begründet die Publikationsreihe "Graph Minors" von N. Robertson und P.D. Seymour im Wesentlichen die Minorentheorie mit mächtigen Hilfsmitteln wie der Baumzerlegung und weitreichenden Resultaten wie dem Minorensatz. Für gerichtete Graphen existiert allerdings noch keine einheitliche Minorentheorie und verschiedene Ansätze werden in dieser Arbeit systematisiert.
Einige gerichtete Versionen der Baumzerlegung (gerichtete Baumzerlegung nach B. Reed, arboreale, D- und DAG-Zerlegung) werden unter einheitlichen Aspekten untersucht. Die D-Weite ist dabei besonders vielversprechend. Enge Verbindungen zu zwei gerichteten Räuber-und-Gendarmen-Spielen werden unter analogen Aspekten betrachtet und sind wichtige Hilfsmittel.
Der zentrale Begriff des Minoren ist im Wesentlichen für ungerichtete Graphen definiert und eine gerichtete Version wirft einige Probleme auf, welche untersucht werden. In \"Directed Tree-Width\" schlugen T. Johnson, N. Robertson, P.D. Seymour und R. Thomas 2001 einen Kompromiss vor. Durch Einschränkung der möglichen Kontraktionen soll der gewonnen Minorenbegriff mit einigen fundamentalen Anforderungen vereinbar sein und trotzdem ein mächtiges Werkzeug darstellen. Dieser Ansatz wird mit einer Anforderungsliste systematisch verfolgt und schrittweise Einschränkungen betrachtet. Die gerichtete Version topologischer Minoren ist dabei besonders vielversprechend.
Die Minorentheorie gerichteter Graphen wird auf reduzible Flussgraphen angewandt. Wesentliche Resultate sind Konstruktionen arborealer und D-Zerlegungen mit Weite <2, sowie Gegenbeispiele für die Beschränktheit der DAG-Weite. Analoge Resultate folgen für die jeweiligen gerichteten Räuber-und-Gendarmen-Spiele.
|
80 |
Mechanismy zvýšení spolehlivosti vestavěných systémů pracujících v reálném čase / Mechanisms for Dependability Enhancement of Real-Time Embedded SystemsSlimařík, František January 2010 (has links)
This thesis deals with issue of reliability of real-time embedded systems. Contains a summary of basic concepts related to field in real-time embedded systems and mechanisms for dependability enhancement through redundancy techniques and control flow checking. Describes the implementation of selected control flow checking mechanisms, the technique uses software watchdog timers, use of hardware n-modular redundancy in software environment and technique of process pairs using operating system uC/OS-II. The different mechanisms are validated by method injection of faults into the chosen data structures of system uC/OS-II.
|
Page generated in 0.0831 seconds