• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 163
  • 34
  • 22
  • 12
  • 11
  • 5
  • 5
  • 4
  • 3
  • 3
  • 2
  • 1
  • 1
  • 1
  • 1
  • Tagged with
  • 303
  • 303
  • 86
  • 55
  • 55
  • 51
  • 50
  • 47
  • 45
  • 44
  • 41
  • 34
  • 30
  • 29
  • 28
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Finding and remedying high-level security issues in binary code

Dewey, David Bryan 07 January 2016 (has links)
C++ and Microsoft's Component Object Model (COM) are examples of a high- level lan- guage and development framework that were built on top of the lower-level, primitive lan- guage, C. C was never designed to support concepts like object orientation, type enforcement, and language independence. Further, these languages and frameworks are designed to com- pile and run directly on the processor where these concepts are also not supported. Other high-level languages that do support these concepts make use of a runtime or virtual machine to create a computing model to suit their needs. By forcing these high-level concepts into a primitive computing model, many security issues have been introduced. Existing binary- level security analysis tools and runtime enforcement frameworks operate at the lowest level of context. As such, they struggle to detect and remedy higher-level security issues. In this dissertation, a framework for elevating the context of binary code is presented. By bringing the context for analysis closer to where these security issues are introduced, this framework allows for higher-level analyses and enforcement frameworks to be developed.
2

Static Analysis for Efficient Affine Arithmetic on GPUs

Chan, Bryan January 2007 (has links)
Range arithmetic is a way of calculating with variables that hold ranges of real values. This ability to manage uncertainty during computation has many applications. Examples in graphics include rendering and surface modeling, and there are more general applications like global optimization and solving systems of nonlinear equations. This thesis focuses on affine arithmetic, one kind of range arithmetic. The main drawbacks of affine arithmetic are that it taxes processors with heavy use of floating point arithmetic and uses expensive sparse vectors to represent noise symbols. Stream processors like graphics processing units (GPUs) excel at intense computation, since they were originally designed for high throughput media applications. Heavy control flow and irregular data structures pose problems though, so the conventional implementation of affine arithmetic with dynamically managed sparse vectors runs slowly at best. The goal of this thesis is to map affine arithmetic efficiently onto GPUs by turning sparse vectors into shorter dense vectors at compile time using static analysis. In addition, we look at how to improve efficiency further during the static analysis using unique symbol condensation. We demonstrate our implementation and performance of the condensation on several graphics applications.
3

Static Analysis for Efficient Affine Arithmetic on GPUs

Chan, Bryan January 2007 (has links)
Range arithmetic is a way of calculating with variables that hold ranges of real values. This ability to manage uncertainty during computation has many applications. Examples in graphics include rendering and surface modeling, and there are more general applications like global optimization and solving systems of nonlinear equations. This thesis focuses on affine arithmetic, one kind of range arithmetic. The main drawbacks of affine arithmetic are that it taxes processors with heavy use of floating point arithmetic and uses expensive sparse vectors to represent noise symbols. Stream processors like graphics processing units (GPUs) excel at intense computation, since they were originally designed for high throughput media applications. Heavy control flow and irregular data structures pose problems though, so the conventional implementation of affine arithmetic with dynamically managed sparse vectors runs slowly at best. The goal of this thesis is to map affine arithmetic efficiently onto GPUs by turning sparse vectors into shorter dense vectors at compile time using static analysis. In addition, we look at how to improve efficiency further during the static analysis using unique symbol condensation. We demonstrate our implementation and performance of the condensation on several graphics applications.
4

Stability Analysis of Three-Wheel Stroller

Lee, Chia-yun 31 July 2008 (has links)
¡@¡@This study provides static and dynamic analysis of three-wheel stroller which is marketed. The model of stroller is built by computer- aided design software SolidWorks for perform static analysis on finite element analysis software ANSYS and mechanism¡¦s dynamic analysis on directed computer-aided mechanism analysis software COSMOSMotion. ¡@¡@It is important of stroller safety because it carry tender babies. The stroller should be examined carefully with three-wheel stroller always used on outdoor. CNS 6263 provides the standard for the safety test on the structure of the stroller, which includes a static analysis. In order to offer absolute safety for stroller, CNS uses a high standard to test the sample. For the market permission, the stroller needs to pass the CNS test, company always let stroller too strong to pass the test, and that will let the volume and weight too large to burden with cost. In this thesis, the researcher discussed the different on stroller between the traditional design and the CNS standard design. He also made an assumption the check if the stroller is overdesign. ¡@¡@A three-wheel stroller is a jogging stroller, and it is usually used on high velocity. Manufacturer should consider its steady, especially when the mass center of three-wheel stroller is usually too high. Dynamic analysis in this study will discuss the effect on the stroller when the forces of user are applied on the stroller. By the rollover formula of the three-wheel car, this study modified the program for three-wheel stroller in order to consider the influence of the force on the stroller. Comparing the results between the simulation of software and the calculation of the rollover function of three-wheel stroller, this study provides models for designers to prevent the rollover from the stroller.
5

Testing and Security Related Considerations in Embedded Software

Pierce, Luke 01 December 2016 (has links)
The continued increasing use of microprocessors in embedded systems has caused a proliferation of embedded software in small devices. In practice, many of these devices are difficult to update to fix security flaws and software errors. This brings an emphasis on ensuring the secure and reliable software prior to the release of the device to ensure the optimal user experience. With the growing need to enable test and diagnostic capabilities into embedded devices the use of the JTAG interface has grown. While the intentions of the interface was originally to give the ability to shift in data into and out of chip’s scan chains for test, the generic framework has allowed for its features to expand. For embedded microprocessor’s the interface allows for halting execution, insertion of instructions, reprogramming the software, and reading from memory. While it creates a powerful debugging system, it also allows unlimited access to a malicious users. In turn such a user has the ability to either copy the intellectual property on the device, disable digital rights management routines, or alter the devices behavior. A novel method to secure JTAG access through the use of a multi-tiered permission system is presented in this paper. The use of static code analysis can be used to verify the functionality of embedded software code. Ideally, a software code should be tested in a way that guarantees correct behavior across all possible execution paths. While in practices this is typically infeasible due to the innumerable number of paths in the system, the use of automated test systems can help maximize the amount of code covered. In addition, such methods can also identify non-executable software statements that can be an indication of software issues, or sections of software that should not be targeted for testing. New static code analysis methods are presented in this dissertation. One technique uses supersets of software solution spaces to correctly identify unreachable software code in complex systems. Another presented technique automatically generates a set of test vectors to quickly maximize the number of code blocks executed by the set of test vectors. It is shown that such a method can be significantly faster than traditional methods.
6

Data Modeling for Static Analysis of Web Applications / Data Modeling for Static Analysis of Web Applications

Baštecký, Pavel January 2015 (has links)
The PHP is a very popular language which is used to write a server side part of web applications. The language is very simple to use and there are lots of small or more complex pages across the internet. But the great widespread of the PHP attracts the people which want to harm and compromise security of the web applications. The weverca analyzer is the first tool which is able to perform complex security analysis of a full page written in the modern version of the PHP and give information about possible security risks in the application. But the performance of Weverca is limited by its time and memory complexity caused by inefficient inner representation of a PHP memory state. The goal of this thesis is to find and solve main problems of the original memory representation. The output of this thesis is an implementation of the new memory representation which minimizes the complexity of the original solution. Powered by TCPDF (www.tcpdf.org)
7

Concurrent Interprocedural Dataflow Analysis

Zou, Di January 2015 (has links)
Detecting bugs plays a significant role in software development. Bugs may lead to unexpected behaviors. An attacker can gain control over a system by exploiting its bugs. Usually, an attack can be triggered by user's input. Unchecked user input can cause serious problems in a program. In order to prevent this situation, user's input must be checked carefully before it can be used. To provide the information of where user's input can affect a program, the taint dataflow analysis is being considered. In this thesis, we introduce a concurrent solution to perform static taint dataflow analysis. The goal is to find the statements of the program dependent on user input and inform the developers to validate those. We provides a method for the static concurrent taint dataflow analysis based on sequential static taint dataflow analysis. Static dataflow analysis is time consuming. This research addresses the challenge of efficiently analyzing the dataflow. Our experimental shows that our concurrent taint dataflow analysis improves the speed of analyzing complex programs.
8

Constraint-Based Thread-Modular Abstract Interpretation

Kusano, Markus Jan Urban 25 July 2018 (has links)
In this dissertation, I present a set of novel constraint-based thread-modular abstract-interpretation techniques for static analysis of concurrent programs. Specifically, I integrate a lightweight constraint solver into a thread-modular abstract interpreter to reason about inter-thread interference more accurately. Then, I show how to extend the new analyzer from programs running on sequentially consistent memory to programs running on weak memory. Finally, I show how to perform incremental abstract interpretation, with and without the previously mentioned constraint solver, by analyzing only regions of the program impacted by a program modification. I also demonstrate, through experiments, that these new constraint-based static analyzers are significantly more accurate than prior abstract interpretation-based static analyzers, with lower runtime overhead, and that the incremental technique can drastically reduce runtime overhead in the presence of small program modifications. / Ph. D.
9

Automatically Generating Searchable Fingerprints For WordPress Plugins Using Static Program Analysis

Li, Chuang 01 June 2022 (has links)
No description available.
10

Static Analysis to improve RTL Verification

Agrawal, Akash 06 March 2017 (has links)
Integrated circuits have traveled a long way from being a general purpose microprocessor to an application specific circuit. It has become an integral part of the modern era of technology that we live in. As the applications and their complexities are increasing rapidly every day, so are the sizes of these circuits. With the increase in the design size, the associated testing effort to verify these designs is also increased. The goal of this thesis is to leverage some of the static analysis techniques to reduce the effort of testing and verification at the register transfer level. Studying a design at register transfer level gives exposure to the relational information for the design which is inaccessible at the structural level. In this thesis, we present a way to generate a Data Dependency Graph and a Control Flow Graph out of a register transfer level description of a circuit description. Next, the generated graphs are used to perform relation mining to improve the test generation process in terms of speed, branch coverage and number of test vectors generated. The generated control flow graph gives valuable information about the flow of information through the circuit design. We are using this information to create a framework to improve the branch reachability analysis mainly in terms of the speed. We show the efficiency of our methods by running them through a suite of ITC'99 benchmark circuits. / Master of Science

Page generated in 0.1291 seconds