Hybrid analysis of memory references and its application to automatic parallelization

Rus, Silvius Vasile

15 May 2009

Executing sequential code in parallel on a multithreaded machine has been an elusive goal of the academic and industrial research communities for many years. It has recently become more important due to the widespread introduction of multicores in PCs. Automatic multithreading has not been achieved because classic, static compiler analysis was not powerful enough and program behavior was found to be, in many cases, input dependent. Speculative thread level parallelization was a welcome avenue for advancing parallelization coverage but its performance was not always optimal due to the sometimes unnecessary overhead of checking every dynamic memory reference. In this dissertation we introduce a novel analysis technique, Hybrid Analysis, which unifies static and dynamic memory reference techniques into a seamless compiler framework which extracts almost maximum available parallelism from scientific codes and incurs close to the minimum necessary run time overhead. We present how to extract maximum information from the quantities that could not be sufficiently analyzed through static compiler methods, and how to generate sufficient conditions which, when evaluated dynamically, can validate optimizations. Our techniques have been fully implemented in the Polaris compiler and resulted in whole program speedups on a large number of industry standard benchmark applications.

Compiler

Optimization

Hybrid Analysis

Program Representation

Malware Analysis and Privacy Policy Enforcement Techniques for Android Applications

Ali-Gombe, Aisha Ibrahim

19 May 2017

The rapid increase in mobile malware and deployment of over-privileged applications over the years has been of great concern to the security community. Encroaching on user’s privacy, mobile applications (apps) increasingly exploit various sensitive data on mobile devices. The information gathered by these applications is sufficient to uniquely and accurately profile users and can cause tremendous personal and financial damage. On Android specifically, the security and privacy holes in the operating system and framework code has created a whole new dynamic for malware and privacy exploitation. This research work seeks to develop novel analysis techniques that monitor Android applications for possible unwanted behaviors and then suggest various ways to deal with the privacy leaks associated with them. Current state-of-the-art static malware analysis techniques on Android-focused mainly on detecting known variants without factoring any kind of software obfuscation. The dynamic analysis systems, on the other hand, are heavily dependent on extending the Android OS and/or runtime virtual machine. These methodologies often tied the system to a single Android version and/or kernel making it very difficult to port to a new device. In privacy, accesses to the database system’s objects are not controlled by any security check beyond overly-broad read/write permissions. This flawed model exposes the database contents to abuse by privacy-agnostic apps and malware. This research addresses the problems above in three ways. First, we developed a novel static analysis technique that fingerprints known malware based on three-level similarity matching. It scores similarity as a function of normalized opcode sequences found in sensitive functional modules and application permission requests. Our system has an improved detection ratio over current research tools and top COTS anti-virus products while maintaining a high level of resiliency to both simple and complex obfuscation. Next, we augment the signature-related weaknesses of our static classifier with a hybrid analysis system which incorporates bytecode instrumentation and dynamic runtime monitoring to examine unknown malware samples. Using the concept of Aspect-oriented programming, this technique involves recompiling security checking code into an unknown binary for data flow analysis, resource abuse tracing, and analytics of other suspicious behaviors. Our system logs all the intercepted activities dynamically at runtime without the need for building custom kernels. Finally, we designed a user-level privacy policy enforcement system that gives users more control over their personal data saved in the SQLite database. Using bytecode weaving for query re-writing and enforcing access control, our system forces new policies at the schema, column, and entity levels of databases without rooting or voiding device warranty.

Hybrid Analysis

Instrumentation

AspectJ

Similarity Matching

Privacy

Security

Information Security

Identification and characterization of Drosophila homolog of Rho-kinase

Mizuno, Tomoaki, Amano, Mutsuki, Kaibuchi, Kozo, Nishida, Yasuyoshi

01 October 1999

No description available.

Rho effector

actin cytoskeleton

morphogenesis

low stringency PCR

two-hybrid analysis

in vitro kinase assay

Elucidation Of R Gene Mediated Yellow Rust Disease Resistance Mechanism In Wheat By Dual Bait Yeast Two-hybrid Analysis

Yildirim, Figen

01 August 2005

Yellow rust, caused by Puccinia striiformis Westend. f. sp. tritici Eriksson is one of the most severe leaf diseases of wheat. Aim of this study is to illuminate the downstream signaling pathways upon incompetible infection of rust pathogen in wheat, thus to understand the genes involved in resistance mechanism. The strategy used is the dual bait yeast two-hybrid analysis which is the most powerful method for in vivo detection of protein-protein interactions. The bait proteins used are / the domains of Yr10 yellow rust resistance gene, Rad6 gene which is considered to have a critical role in R gene mediated signaling pathway, and WR5 gene fragment which is an unknown protein having homology to the WD40 repeat containing protein with apoptosis related activity. Screening of a yeast prey library with these baits revealed proteins having mostly apoptosis related functions (SRP72, POR1, CSE1), translation initiation control in response to stress conditions (Gcn2p, Eap1p), phosphorylation (SKY1) and dephosphorylation activities (GAC1), cell cycle control (FAR1), oxidative stress control (OXR1), protein degradation control (TOM1), protein folding control (CPR7) and ion homeostasis in the cell (POR1, GAC1). The significance of the study can be summarized as i) being the first yeast two hybrid analysis of a wheat R gene, ii) being able to detect interacting partners with anticipated functions, iii) most importantly, initiating further detailed analysis of the key interactors.

QH Genetics 426-470

Dekódování binárního kódu do vyšší formy reprezentace / Binary-Code Decoding to a High-Level Representation

Macko, Lukáš

January 2015

The thesis deals with reverse techniques in software engineering. It presents practical application of software reverse engineering, used tools and approaches. The topic of instruction decoding is discussed in detail. Two basic methods are presented-linear sweep and recursive descent. Their strengths and weaknesses are highlighted. Subsequently a decompiler developed by AVG Technologies is introduced. The decompiler is retargetable. This feature allows to decompile applications of multiple platforms into various target languages. The aim of  the thesis is to design and implement algorithm for  decoding binary files into high-level representation. The designed algorithm is based on modified recursive descent algorithm, which uses control flow information. In order to achieve more accurate decoding results, symbol table records and other additional information are used. The proposed algorithm was implemented for the AVG Technologies retargetable decompiler. The tests showed that the implemented algorithm improved the function detection in decoded programs. Furthermore, the implemented solution allows to decode files that could not be analysed using the previous version of the decompiler.