Structural System Reliability with Application to Light Steel-Framed Buildings

Chatterjee, Aritra

31 January 2017

A general framework to design structural systems for a system-reliability goal is proposed. Component-based structural design proceeds on a member to member basis, insuring acceptable failure probabilities for every single structural member without explicitly assessing the overall system safety, whereas structural failure consequences are related to the whole system performance (the cost of a building or a bridge destroyed by an earthquake) rather than a single beam or column failure. Engineering intuition tells us that the system is safer than each individual component due to the likelihood of load redistribution and al- ternate load paths, however such conservatism cannot be guaranteed without an explicit system-level safety check. As a result, component-based structural designs can lead to both over-conservative components and a less-than-anticipated system reliability. System performance depends on component properties as well as the load-sharing network, which can possess a wide range of behaviors varying from a dense redundant system with scope for load redistribution after failure initiates, to a weakest-link type network that fails as soon as the first member exceeds its capacity. The load-sharing network is characterized by its overall system reliability and the system-reliability sensitivity, which quantifies the change in system safety due to component reliability modifications. A general algorithm is proposed to calculate modified component reliabilities using the sensitivity vector for the load-sharing network. The modifications represent an improvement on the structural properties of more critical components (more capacity, better ductility), and provide savings on less important members which do not play a significant role. The general methodology is applied to light steel-framed buildings under seismic loads. The building is modeled with non-linear spring elements representing its subsystems. The stochastic response of this model under seismic ground motions provides load-sharing, system reliability and sensitivity information, which are used to propose target diaphragm and shear wall reliability to meet a building reliability goal. Finally, diaphragm target reliability is used to propose modified component designs using stochastic simulations on geometric and materially non-linear finite-element models including every individual component. This material is based upon work supported by the National Science Foundation under Grant Nos. 1301001 (Virginia Tech), 1301033 (University of Massachusetts, Amherst) and 1300484 (Johns Hopkins University). Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author and do not necessarily re ect the views of the National Science Foundation. The author is grateful to the industry partner, the American Iron and Steel Institute, for their cooperation. / Ph. D. / This research proposes methods to design engineering networks for acceptable overall safety. Some examples of engineering networks include electrical systems, transportation systems and infrastructural systems. When any such system is designed, the properties of every individual component (size, capacity etc.) are assigned according to cost and safety requirements. However, it is typically very difficult to reliably quantify the overall safety of the entire system, which is technically known as ‘system reliability’. As a result, there are limited options for engineers to adjust the individual component designs within a system to achieve a pre-specified ‘targeted’ system reliability . This dissertation proposes computational and statistical methods to achieve this. The proposed methods are applied to a specific engineering system, namely a two story building subjected to ground shaking resulting from an earthquake. Computer models are developed for different scales of the building, beginning from the full building structure, then its individual floors and walls, and finally the individual components that make up each floor and wall. These models are verified with experimental results spanning all three scales. The verified models are then used to both compute the overall system reliability of the building subjected to earthquake ground shaking, as well as to modify its design component-by-component to achieve a targeted system reliability which is different from the system reliability of the original design. The results indicate that the as-designed reliability of the building system is adequate, but this reliability results from features of the building that are not expected to provide additional safety. The research demonstrates means to obtain this additional safety by redesigning the core functional building components, without relying on the unexpected added safety from ‘non-structural’ components (such as partition walls inside a building). The methods developed herein can be applied to redesign the components of various engineering system networks such that a targeted overall system reliability can be satisfied, resulting in improved performance and life-safety, potentially even at reduced costs.

System reliability

Probability

Finite-Element Modeling

Cold-Formed Steel

Seismic

Incremental Dynamic Analysis

Diaphragms

Shear Walls

LRFD

Spacecraft dynamic analysis and correlation with test results : Shock environment analysis of LISA Pathfinder at VESTA test bed

Kunicka, Beata Iwona

January 2017

The particular study case in this thesis is the shock test performed on the LISA Pathfinder satellite conducted in a laboratory environment on a dedicated test bed: Vega Shock Test Apparatus (VESTA). This test is considered fully representative to study shock levels produced by fairing jettisoning event at Vega Launcher Vehicle, which induces high shock loads towards the satellite. In the frame of this thesis, some transient response analyses have been conducted in MSC Nastran, and a shock simulation tool for the VESTA test configuration has been developed. The simulation tool is based on Nastran Direct Transient Response Analysis solver (SOL 109), and is representative of the upper composite of Vega with the LISA Pathfinder coupled to it. Post-processing routines of transient response signals were conducted in Dynaworks which served to calculate Shock Response Spectra (SRS). The simulation tool is a model of forcing function parameters for transient analysis which adequately correlates with the shock real test data, in order to understand how the effect of shock generated by the launcher is seen in the satellite and its sub-systems. Since available computation resources are limited the parameters for analysis were optimised for computation time, file size, memory capacity,  and model complexity. The forcing function represents a release of the HSS clamp band which is responsible for fairing jettisoning, thus the parameters which were studied are mostly concerning the modelling of this event. Among many investigated, those which visibly improved SRS correlation are radial forcing function shape, implementation of axial impulse, clamp band loading geometry and refined loading scheme. Integration time step duration and analysis duration were also studied and found to improve correlation.  From each analysis, the qualifying shock environment was then derived by linear scaling in proportion of the applied preload, and considering a qualification margin of 3dB. Consecutive tracking of structural responses along shock propagation path exposed gradual changes in responses pattern and revealed an important property that a breathing mode (n = 0) at the base of a conical Adapter translates into an axial input to the spacecraft. The parametrisation itself was based on responses registered at interfaces located in near-field (where the clamp band is located and forcing function is applied) and medium-field with respect to the shock event location. Following shock propagation path, the final step was the analysis of shock responses inside the satellite located in a far-field region, which still revealed a very good correlation of results. Thus, it can be said that parametrisation process was adequate, and the developed shock simulation tool can be qualified. However, due to the nature of shock, the tool cannot fully replace VESTA laboratory test, but can support shock assessment process and preparation to such test. In the last part of the thesis, the implementation of some finite element model improvements is investigated. Majority of the panels in spacecraft interior exhibited shock over-prediction due to finite element model limitation. Equipment units modelled as lump masses rigidly attached with RBE2 elements to the panel surface are a source of such local over-predictions. Thus, some of the units were remodelled and transient responses were reinvestigated. It was found that remodelling with either solid elements, or lump mass connected to RBE3 element and reinforced by RBE2 element, can significantly improve local transient responses. This conclusion is in line with conclusions found in ECSS Shock Handbook.

FEA/FEM

finite element analysis

finite element method

mechanical analysis

structural analysis

dynamic analysis

shock analysis

shock environment

shock test

shock test campaign

spacecraft dynamic analysis

MSC Nastran

MSC Patran

Dynaworks

Shock Response Spectrum

SRS

space engineering

space science and technology

mechanical engineering

structural engineering

analysis optimisation

analysis parametrisation

mechanical wave propagation

shock propagation

damping

hysteretic damping

viscous damping

structural damping

Other Mechanical Engineering

Annan maskinteknik

Истраживање динамике и развој машина вертикалног транспорта применом нумеричко-експерименталних поступака / Istraživanje dinamike i razvoj mašina vertikalnog transporta primenom numeričko-eksperimentalnih postupaka / Dynamics researching and development of vertical transport machines using numerical-experimental procedures

Đokić Radomir

22 March 2016

<p>Дефинисани су експeримeнтaлни поступци за oдрeђивaњe губитака и стeпeнa искoришћeњa пoстрojeњa у зaвиснoсти oд рeлaтивнoг oптeрeћeњa кaбинe (кoшa) у експлоатационим условима, као и за oдрeђивaњe мeхaничких кaрaктeристикa чeличних ужaди.<br />Дата је мoгућнoст примeнe мeтoдa нумeричкe aнaлизe зa рeшaвaњe систeмa ПДЈ хипeрбoличнoг типa са константним параметрима и граничним условима што одговара случајевима осциловања кабине (коша) након заустављања (кочења) погонског мотора.<br />Развијени су aдeквaтни прoрaчунски мoдeли који омогућују комплексну динaмичку aнaлизу лифтoвa и извoзних пoстрojeњa у функцији прoмeнљиве крутoсти и граничних услова. Дефинисан је утицај променљиве крутости нa стaбилнoст крeтaњa, кроз прoмeну слободне дужине ужади.</p> / <p>Definisani su eksperimentalni postupci za određivanje gubitaka i stepena iskorišćenja postrojenja u zavisnosti od relativnog opterećenja kabine (koša) u eksploatacionim uslovima, kao i za određivanje mehaničkih karakteristika čeličnih užadi.<br />Data je mogućnost primene metoda numeričke analize za rešavanje sistema PDJ hiperboličnog tipa sa konstantnim parametrima i graničnim uslovima što odgovara slučajevima oscilovanja kabine (koša) nakon zaustavljanja (kočenja) pogonskog motora.<br />Razvijeni su adekvatni proračunski modeli koji omogućuju kompleksnu dinamičku analizu liftova i izvoznih postrojenja u funkciji promenljive krutosti i graničnih uslova. Definisan je uticaj promenljive krutosti na stabilnost kretanja, kroz promenu slobodne dužine užadi.</p> / <p>We have defined the experimental procedures for defining the dissipation and the utility factor of vertical transport machines depending on the relative loading of the cabin (cage) in exploiting conditions, as well as for the setting the mechanical charactristics of the steel ropes.<br />There is given the option of applying the numerical analyses methods for solving the PDE systems of the hyperbolic type with constant parameters and boundary conditions, which is suitable for the cases when there are oscillations of the cabin (cage) after stopping (braking) the driving motor.<br />The adequate calculation models have been developed and they enable a complex dynamic analyses of elevators and mine elevators in the function of variable stiffness and boundary conditions. We also defined the influence of the variable stiffness on the stability of movement, through a change in the ropes&rsquo; free length.</p>

Génération efficace de graphes d’appels dynamiques complets

Ikhlef, Hajar

11 1900

Analyser le code permet de vérifier ses fonctionnalités, détecter des bogues ou améliorer sa performance. L’analyse du code peut être statique ou dynamique. Des approches combinants les deux analyses sont plus appropriées pour les applications de taille industrielle où l’utilisation individuelle de chaque approche ne peut fournir les résultats souhaités. Les approches combinées appliquent l’analyse dynamique pour déterminer les portions à problèmes dans le code et effectuent par la suite une analyse statique concentrée sur les parties identifiées. Toutefois les outils d’analyse dynamique existants génèrent des données imprécises ou incomplètes, ou aboutissent en un ralentissement inacceptable du temps d’exécution. Lors de ce travail, nous nous intéressons à la génération de graphes d’appels dynamiques complets ainsi que d’autres informations nécessaires à la détection des portions à problèmes dans le code. Pour ceci, nous faisons usage de la technique d’instrumentation dynamique du bytecode Java pour extraire l’information sur les sites d’appels, les sites de création d’objets et construire le graphe d’appel dynamique du programme. Nous démontrons qu’il est possible de profiler dynamiquement une exécution complète d’une application à temps d’exécution non triviale, et d’extraire la totalité de l’information à un coup raisonnable. Des mesures de performance de notre profileur sur trois séries de benchmarks à charges de travail diverses nous ont permis de constater que la moyenne du coût de profilage se situe entre 2.01 et 6.42. Notre outil de génération de graphes dynamiques complets, nommé dyko, constitue également une plateforme extensible pour l’ajout de nouvelles approches d’instrumentation. Nous avons testé une nouvelle technique d’instrumentation des sites de création d’objets qui consiste à adapter les modifications apportées par l’instrumentation au bytecode de chaque méthode. Nous avons aussi testé l’impact de la résolution des sites d’appels sur la performance générale du profileur. / Code analysis is used to verify code functionality, detect bugs or improve its performance. Analyzing the code can be done either statically or dynamically. Approaches combining both analysis techniques are most appropriate for industrial-scale applications where each one individually cannot provide the desired results. Blended analysis, for example, first applies dynamic analysis to identify problematic code regions and then performs a focused static analysis on these regions. However, the existing dynamic analysis tools generate inaccurate or incomplete data, or result in an unacceptably slow execution times. In this work, we focus on the generation of complete dynamic call graphs with additional information required for blended analysis. We make use of dynamic instrumentation techniques of Java bytecode to extract information about call sites and object creation sites, and to build the dynamic call graph of the program. We demonstrate that it is possible to profile real-world applications to efficiently extract complete and accurate information. Performance measurement of our profiler on three sets of benchmarks with various workloads places the overhead of our profiler between 2.01 and 6.42. Our profiling tool generating complete dynamic graphs, named dyko, is also an extensible platform for evaluating new instrumentation approaches. We tested a new adaptive instrumentation technique for object creation sites which accommodates instrumentation to the bytecode of each method. We also tested the impact of call sites resolution on the overall performance of the profiler.

Profialge

Profiling

analyse du code

code analysis

analyse dynamique

dynamic analysis

instrumentation dynamique

dynamic instrumentation

Technique de visualisation pour l’identification de l’usage excessif d’objets temporaires dans les traces d’exécution

Duseau, Fleur

12 1900

De nos jours, les applications de grande taille sont développées à l’aide de nom- breux cadres d’applications (frameworks) et intergiciels (middleware). L’utilisation ex- cessive d’objets temporaires est un problème de performance commun à ces applications. Ce problème est appelé “object churn”. Identifier et comprendre des sources d’“object churn” est une tâche difficile et laborieuse, en dépit des récentes avancées dans les tech- niques d’analyse automatiques. Nous présentons une approche visuelle interactive conçue pour aider les développeurs à explorer rapidement et intuitivement le comportement de leurs applications afin de trouver les sources d’“object churn”. Nous avons implémenté cette technique dans Vasco, une nouvelle plate-forme flexible. Vasco se concentre sur trois principaux axes de con- ception. Premièrement, les données à visualiser sont récupérées dans les traces d’exécu- tion et analysées afin de calculer et de garder seulement celles nécessaires à la recherche des sources d’“object churn”. Ainsi, des programmes de grande taille peuvent être vi- sualisés tout en gardant une représentation claire et compréhensible. Deuxièmement, l’utilisation d’une représentation intuitive permet de minimiser l’effort cognitif requis par la tâche de visualisation. Finalement, la fluidité des transitions et interactions permet aux utilisateurs de garder des informations sur les actions accomplies. Nous démontrons l’efficacité de l’approche par l’identification de sources d’“object churn” dans trois ap- plications utilisant intensivement des cadres d’applications framework-intensive, inclu- ant un système commercial. / Nowadays, large framework-intensive programs are developed using many layers of frameworks and middleware. Bloat, and particularly object churn, is a common per- formance problem in framework-intensive applications. Object churn consists of an ex- cessive use of temporary objects. Identifying and understanding sources of churn is a difficult and labor-intensive task, despite recent advances in automated analysis tech- niques. We present an interactive visualization approach designed to help developers quickly and intuitively explore the behavior of their application with respect to object churn. We have implemented this technique in Vasco, a new flexible and scalable visualization platform. Vasco follows three main design goals. Firstly, data is collected from execu- tion traces. It is analyzed in order to calculate and keep only the data that is necessary to locate sources of object churn. Therefore, large programs can be visualized while keeping a clear and understandable view. Secondly, the use of an intuitive view allows minimizing the cognitive effort required for the visualization task. Finally, the fluidity of transitions and interactions allows users to mentally preserve the context throughout their interactions. We demonstrate the effectiveness of the approach by identifying churn in three framework-intensive applications, including a commercial system.

visualisation

visualization

applications framework-intensive

framework-intensive applications

object churn

dynamic analysis

execution traces

analyse dynamique

traces d'execution

Rétro ingénierie des modèles d’objets dynamiques pour JavaScript

Boudraa, Dalil

05 1900

La compréhension des objets dans les programmes orientés objet est une tâche impor- tante à la compréhension du code. JavaScript (JS) est un langage orienté-objet dyna- mique, et son dynamisme rend la compréhension du code source très difficile. Dans ce mémoire, nous nous intéressons à l’analyse des objets pour les programmes JS. Notre approche construit de façon automatique un graphe d’objets inspiré du diagramme de classes d’UML à partir d’une exécution concrète d’un programme JS. Le graphe résul- tant montre la structure des objets ainsi que les interactions entre eux. Notre approche utilise une transformation du code source afin de produire cette in- formation au cours de l’exécution. Cette transformation permet de recueillir de l’infor- mation complète au sujet des objets crées ainsi que d’intercepter toutes les modifications de ces objets. À partir de cette information, nous appliquons plusieurs abstractions qui visent à produire une représentation des objets plus compacte et intuitive. Cette approche est implémentée dans l’outil JSTI. Afin d’évaluer l’utilité de l’approche, nous avons mesuré sa performance ainsi que le degré de réduction dû aux abstractions. Nous avons utilisé les dix programmes de réfé- rence de V8 pour cette comparaison. Les résultats montrent que JSTI est assez efficace pour être utilisé en pratique, avec un ralentissement moyen de 14x. De plus, pour 9 des 10 programmes, les graphes sont suffisamment compacts pour être visualisés. Nous avons aussi validé l’approche de façon qualitative en inspectant manuellement les graphes gé- nérés. Ces graphes correspondent généralement très bien au résultat attendu. Mots clés: Analyse de programmes, analyse dynamique, JavaScript, profilage. / Understanding of objects in object-oriented programs is an important task for understanding the code. JavaScript (JS) is a dynamic object-oriented language, Its dynamic nature makes understanding its source code very difficult. In this thesis, we focus on object analysis in JS programs to automatically produce a graph of objects inspired by UML class diagrams from an execution trace. The resulting graph shows the structure of the objects as well as their interconnections. Our approach uses a source-to-source transformation of the original code in order to collect information at runtime. This transformation makes it possible to collect complete information with respect to object creations and property updates. From this information, we perform multiple abstractions that aim to generate a more compact and intuitive representation of objects. This approach has been implemented in the JSTI prototype. To evaluate our approach, we measured its performance and the graph compression achieved by our abstractions. We used the ten V8 benchmarks for this purpose. Results show that JSTI is efficient enough to be used in practice, with an average slowdown of around 14x. Moreover, for 9 out of the 10 studied programs, the generated object graphs are sufficiently small to be visualized directly by developers. We have also performed a qualitative validation of the approach by manually inspecting the generated graphs. We have found that the graphs generated by JSTI generally correspond very closely to the expected results. Keywords: Program analysis, dynamic analysis, JavaScript, profiling.

Analyse de programmes

Analyse Dynamique

JavaScript

Profilage

Program Analysis

Dynamic Analysis

Profiling

Identification of civil engineering structures / Identification des structures de génie civil

Garcés, Francisco

22 February 2008

Cette thèse présente trois méthodes pour l’identification des rigidités des structures d’usage commun dans l’ingénierie civile, à partir de données dynamiques expérimentales. La première méthode est développée pour des structures composées pour portiques. La deuxième méthode proposée est appliquée à des structures constituées pour des poutres isostatiques. La troisième est une méthodologie d’estimation des rigidités en flexion (EI) et au cisaillement (GA/?) pour une structure constituée de murs dont les énergies de déformation en flexion et cisaillement peuvent être soit du même ordre de grandeur, soit l’une prépondérante par rapport à l’autre. Pour chaque méthode, des simulations numériques sont effectuées pour identifier les dommages structuraux ou les variations des rigidités, en termes de localisation et de magnitude de ces dommages. L'incidence et l'impact des erreurs et bruits sur les valeurs estimées des rigidités structurales sont analysés. Les méthodologies sont également appliquées pour localiser des dommages mécaniques ou des réductions de section sur modèles de laboratoire. A partir des concepts dynamiques de base et considérant une typologie donnée de structure, la thèse développe les concepts et formulations permettant d’identifier les rigidités résiduelles des structures considérées. Les méthodes peuvent être aisément mises en oeuvre pour déterminer les éventuels dommages (localisation et intensité) qui peuvent affecter une structure, par exemple après un séisme. Peu de mesures sont requises à cet effet : des essais de vibration libre et du matériel peu onéreux de mesures sont amplement suffisants dans le cas particulier des structures étudiées / This thesis presents three methods to estimate and locate damage in framed buildings, simply-supported beams and cantilever structures, based on experimental measurements of their fundamental vibration modes. Numerical simulations and experimental essays were performed to study the effectiveness of each method. A numerical simulation of a multi-storey framed building, a real bridge and a real chimney were carried out to study the effectiveness of the methodologies in identifying damage. The influence of measurement errors and noise in the modal data was studied in all cases. To validate the experimental effectiveness of the damage estimation methods, static and dynamics tests were performed on a framed model, a simply supported beam, and a cantilever beam in order to determine the linear behavior changes due to the increase of the level of damage. The structural identification algorithms during this thesis were based on the knowledge type of the stiffness matrix or flexibility matrix to reduce the number of modal shapes and required coordinates for the structural assessment. The methods are intended to develop tools to produce a fast response and support for future decision procedures regarding to structures widely used, by excluding experimental information, thereby allowing a cost reduction of extensive and specific testing

Dommage structural

Poutres isostatiques

Murs de contreventement

Portiques

Bruits et signal

Dynamic analysis

Structural damaged

Simple supported beam

Shear wall building

Cantilevers

Framed Buildings

Monitoring of structures

Noise and signals

Sensitivity Analysis of Synchronous Generators for Real-Time Simulation

Munukuntla, Sowmya

13 May 2016

The purpose of this thesis is to validate generator models for dynamic studies of power systems using PSS/E (Power System Simulator for Engineering), EMTP (ElectroMagnetic Transient Program), and Hypersim. To thoroughly evaluate the behavior of a power system in the three specified software packages, it is necessary to have an accurate model for the power system, especially the generator which is of interest. The effect of generator modeling on system response under normal conditions and under faulted conditions is investigated in this work. A methodology based on sensitivity analysis of generator model parameters is proposed aiming to homogenize the behavior of the same power system that is modeled in three software packages. Standard IEEE 14-Bus system is used as a test case for this investigation. Necessary changes in the exciter parameters are made using the proposed methodology so that the system behaves identical across all three software platforms.

Electrical and Electronics

Power and Energy

Highlight and execute suspicious paths in Android malware / Mettre en avant et exécuter les chemins suspicieux dans les malwares Android

Leslous, Mourad

18 December 2018

Les smartphones sont devenus omniprésents dans notre vie quotidienne à cause des options qu'ils proposent. Aujourd'hui, Android est installé sur plus de 80% des smartphones. Les applications mobiles recueillent une grande quantité d'informations sur l'utilisateur. Par conséquent, Android est devenu une cible préférée des cybercriminels. Comprendre le fonctionnement des malwares et comment les détecter est devenu un défi de recherche important. Les malwares Android tentent souvent d'échapper à l'analyse statique en utilisant des techniques telles que l'obfuscation et le chargement dynamique du code. Des approches d'analyse ont été proposées pour exécuter l'application et surveiller son comportement. Néanmoins, les développeurs des malwares utilisent des bombes temporelles et logiques pour empêcher le code malveillant d'être exécuté sauf dans certaines circonstances. Par conséquent, plus d'actions sont requises pour déclencher et surveiller leurs comportements. Des approches récentes tentent de caractériser automatiquement le comportement malveillant en identifiant les endroits du code les plus suspicieux et en forçant leur exécution. Elles se basent sur le calcul des graphes de flot de contrôle (CFG) qui sont incomplets, car ils ne prennent pas en considération tous les types de chemins d'exécution. Ces approches analysent seulement le code d'application et ratent les chemins d'exécution générés quand l'application appelle une méthode du framework, qui appelle à son tour une autre méthode applicative. Nous proposons GPFinder, un outil qui extrait automatiquement les chemins d'exécution qui mènent vers les endroits suspicieux du code, en calculant des CFG qui incluent les appels interprocéduraux explicites et implicites. Il fournit aussi des informations clés sur l'application analysée afin de comprendre comment le code suspicieux a été injecté dans l'application. Pour valider notre approche, nous utilisons GPFinder pour étudier une collection de 14224 malwares Android. Nous évaluons que 72,69% des échantillons ont au moins un endroit suspicieux du code qui n'est atteignable qu'à travers des appels implicites. Les approches de déclenchement actuelles utilisent principalement deux stratégies pour exécuter une partie du code applicatif. La première stratégie consiste à modifier l'application excessivement pour lancer le code ciblé sans faire attention à son contexte originel. La seconde stratégie consiste à générer des entrées pour forcer le flot de contrôle à prendre le chemin désiré sans modifier le code d'application. Cependant, il est parfois difficile de lancer un endroit spécifique du code seulement en manipulant les entrées. Par exemple, quand l'application fait un hachage des données fournies en entrée et compare le résultat avec une chaîne de caractères fixe pour décider quelle branche elle doit prendre. Clairement, le programme de manipulation d'entrée devrait inverser la fonction de hachage, ce qui est presque impossible. Nous proposons TriggerDroid, un outil qui a deux buts : forcer l'exécution du code suspicieux et garder le contexte originel de l'application. Il fournit les événements framework requis pour lancer le bon composant et satisfait les conditions nécessaires pour prendre le chemin d'exécution désiré. Pour valider notre approche, nous avons fait une expérience sur 135 malwares Android de 71 familles différentes. Les résultats montrent que notre approche nécessite plus de raffinement et d'adaptation pour traiter les cas spéciaux dus à la grande diversité des échantillons analysés. Finalement, nous fournissons un retour sur les expériences que nous avons conduites sur différentes collections, et nous expliquons notre processus expérimental. Nous présentons le dataset Kharon, une collection de malwares Android bien documentés qui peuvent être utilisés pour comprendre le panorama des malwares Android. / The last years have known an unprecedented growth in the use of mobile devices especially smartphones. They became omnipresent in our daily life because of the features they offer. They allow the user to install third-party apps to achieve numerous tasks. Smartphones are mostly governed by the Android operating system. It is today installed on more than 80% of the smartphones. Mobile apps collect a huge amount of data such as email addresses, contact list, geolocation, photos and bank account credentials. Consequently, Android has become a favorable target for cyber criminals. Thus, understanding the issue, i.e., how Android malware operates and how to detect it, became an important research challenge. Android malware frequently tries to bypass static analysis using multiple techniques such as code obfuscation and dynamic code loading. To overcome these limitations, many analysis techniques have been proposed to execute the app and monitor its behavior at runtime. Nevertheless, malware developers use time and logic bombs to prevent the malicious code from executing except under certain circumstances. Therefore, more actions are needed to trigger it and monitor its behavior. Recent approaches try to automatically characterize the malicious behavior by identifying the most suspicious locations in the code and forcing them to execute. They strongly rely on the computation of application global control flow graphs (CFGs). However, these CFGs are incomplete because they do not take into consideration all types of execution paths. These approaches solely analyze the application code and miss the execution paths that occur when the application calls a framework method that in turn calls another application method. We propose in this dissertation a tool, GPFinder, that automatically exhibits execution paths towards suspicious locations in the code by computing global CFGs that include edges representing explicit and implicit interprocedural calls. It also gives key information about the analyzed application in order to understand how the suspicious code was injected into the application. To validate our approach, we use GPFinder to study a collection of 14,224 malware samples, and we evaluate that 72.69% of the samples have at least one suspicious code location which is only reachable through implicit calls. Triggering approaches mainly use one of the following strategies to run a specific portion of the application's code: the first approach heavily modifies the app to launch the targeted code without keeping the original behavioral context. The second approach generates the input to force the execution flow to take the desired path without modifying the app's code. However, it is sometimes hard to launch a specific code location just by fuzzing the input. For instance, when the application performs a hash on the input data and compares the result to a fixed string to decide which branch of the condition to take, the fuzzing program should reverse the hashing function, which is obviously a hard problem. We propose in this dissertation a tool, TriggerDroid, that has a twofold goal: force the execution of the suspicious code and keep its context close to the original one. It crafts the required framework events to launch the right app component and satisfies the necessary triggering conditions to take the desired execution path. To validate our approach, we led an experiment on a dataset of 135 malware samples from 71 different families. Results show that our approach needs more refinement and adaptation to handle special cases due to the highly diverse malware dataset that we analyzed. Finally, we give a feedback on the experiments we led on different malware datasets, and we explain our experimental process. Finally, we present the Kharon dataset, a collection of well documented Android malware that can be used to understand the malware landscape.

Android

Malware

Analyse dynamique

Analyse statique

Retro ingénierie

Graphe de flot de contrôle

Android

Malware

Static analysis

Dynamic analysis

Reverse engineering

Control flow graph

[en] ANALYSIS AND PASSIVE CONTROL OF RECTANGULAR PLATES / [pt] ANÁLISE E CONTROLE PASSIVO DAS VIBRAÇÕES DE PLACAS RETANGULARES

FABIO JORGE DIAS MACHADO

21 February 2008

[pt] Neste trabalho é apresentado um método numérico de resolução para a equação diferencial de placas: o método de Galerkin Iterativo. O método é utilizado para obtenção das cargas críticas de flambagem e das freqüências naturais para placas retangulares com condições de contorno arbitrárias. São determinados ainda os modos de vibração de placas para diversas condições de contorno. É também apresentada uma análise do comportamento estático e dinâmico de placas planas retangulares. Utilizando-se dos resultados obtidos nesta análise e do método de Galerkin Iterativo, analisa- se a influência dos carregamentos axiais sobre as propriedades de vibração de uma placa com diversas condições de contorno, como proposta de um meio de controle passivo de vibrações em placas retangulares. Realiza-se uma análise linear para o carregamento no plano médio da placa e outra não-linear no caso de placas submetidas a carregamentos excêntricos, ou seja, fora do plano médio da placa. Mostra-se que o método de Galerkin Iterativo permite a obtenção de modos de vibração ortogonais possibilitando a resolução de problemas dinâmicos através do método de superposição de modos. Além disso, mostra-se que o método de controle passivo de vibrações em placas, através da aplicação de forças de compressão no plano, reduz a amplitude da resposta na região de ressonância. / [en] The aim of this work is to present a procedure for the solution of differential equations for plates: the Iterative Galerkin method. With the aid of this method, the buckling loads and natural frequencies of plates are obtained for plates with arbitrary sets of boundary conditions. The vibration modes of plates with various boundary conditions are obtained and compared with results found in literature. An analysis of the static and dynamic behavior of unloaded and in-plane loaded rectangular plates is presented. The use of in-plane loads as a passive vibration control technique for rectangular plates is investigated using the results obtained by the Iterative Galerkin`s method. A linear analysis is conducted for loads applied on the plate mid-surface and a non-linear one for plates with in-plane eccentric loads. Moreover, it is shown that the Iterative Galerkin method leads to a set of orthogonal vibration modes allowing the use of superposition methods in the solution of dynamic problems. Furthermore, the results show that the proposed passive vibration control through the use of in- plane compression loads, decrease the response in the resonance region.

[pt] CONTROLE ESTRUTURAL

[en] STRUCTURAL CONTROL

[pt] INSTABILIDADE DE PLACAS

[en] PLATE INSTABILITY

[pt] VIBRACAO DE PLACAS

[en] VIBRATIONS OF PLATES

[pt] DINAMICA DE PLACAS

[en] DYNAMIC ANALYSIS OF PLATES

[pt] CONTROLE PASSIVO

[en] PASSIVE CONTROL