Global ETD Search

41	Detection of Avionics Supply Chain Non-control-flow Malware Using Binary Decompilation and Wavelet Analysis Hill, Jeremy Michael Olivar 09 August 2021 (has links) No description available. Computer Engineering Computer Science Electrical Engineering non-control-flow Trojans decompilation Ghidra wavelet analysis discrete wavelet transform
42	Visualization of Code Flow / Visualisering av kodflöde Stange, Yuri January 2015 (has links) Visual representation of Control Flow Graphs (CFG) is a feature available in many tools, such as decompilers. These tools often rely on graph drawing frameworks which implement the Sugiyama hierarchical style graph drawing method, a well known method for drawing directed graphs. The main disadvantage of the Sugiyama framework, is the fact that it does not take into account the nature of the graph to be visualized, specically loops are treated as second class citizens. The question this paper attempts to answer is; how can we improve the visual representation of loops in the graph? A method based on the Sugiyama framework was developed and implemented in Qt. It was evaluated by informally interviewing test subjects, who were allowed to test the implementation and compare it to the normal Sugiyama. The results show that all test subjects concluded that loops, as well as the overall representation of the graph was improved, although with reservations. The method presented in this paper has problems which need to be adressed, before it can be seen as an optimal solution for drawing Control Flow Graphs. / Visuell representation av flödesscheman (eng. Control Flow Graph, CFG) är en funktion tillgänglig hos många verktyg, bland annat dekompilerare. Dessa verktyg använder sig ofta av grafritande ramverk som implementerar Sugiyamas metod för uppritning av hierarkiska grafer, vilken är en känd metod för uppritning av riktade grafer. Sugiyamas stora nackdelär att metoden inte tar hänsyn till grafens natur, loopar i synnerhet behandlas som andra klassens medborgare. Frågeställningen hos denna rapport är; Hur kan vi förbättra den visuella representationen av loopar i en graf? En metod som bygger vidare på Sugiyama-ramverket utvecklades och implementerades i Qt. Metoden testades genom att hålla informella kvalitativa intervjuer med testpersoner, vilka fick testa implementeringen och jämföra den med den vanliga Sugiyama-metoden. Resultaten visar att alla testpersonerna stämmer in på att loopar, så väl som den overskådliga representionen av grafen förbättrades, dock med vissa reservationer. Metoden som presenteras i denna rapport har vissa problem, vilka bör adresseras innan den kan ses som en optimal lösning för uppritning av flödesscheman. Control Flow Graphs Sugiyama Framework Graph Layout Generation Computer Sciences Datavetenskap (datalogi)
43	Nuking Duke Nukem : Reaching the Stack via a Glboal Buffer Overflow in DOS Protected Mode Lindblom, Henrik January 2023 (has links) Control-flow hijack attacks on software exploit vulnerabilities in the software’s memory handling. Over the years, various security mitigations have been developed to counter these attacks. However, compatibility issues have hindered the adoption of such measures in some legacy systems. This thesis focuses on the case of the legacy DOS system and examines whether a DOS system running the DOS/4GW protected mode extender can provide control-flow protection against an attack exploiting a buffer overflow vulnerability in the well-known retro game Duke Nukem3D. To investigate this, three model programs were created, and designed with memory models that share memory layout characteristics with the target retro game’s executable. Experimental attacks were then conducted on these models, aiming to identify an effective attack vector for the target vulnerability. The underlying theory suggests that memory models that segregate application data into distinct memory segments could potentially safeguard against the demonstrated attack. However, attempts to implement such a memory model within an application proved unsuccessful. The challenge that remains is to prove the existence of memory models under DOSprotected mode that can effectively shield Duke Nukem 3D, or other legacy games, from the control-flow hijack attack demonstrated in this thesis. Computer Security Operating Systems Control-flow hijack attacks Buffer Overflow Stack DOS Computer Sciences Datavetenskap (datalogi)
44	Supporting Applications Involving Irregular Accesses and Recursive Control Flow on Emerging Parallel Environments Huo, Xin 14 November 2014 (has links) No description available. Computer Science
45	HyFlow: A High Performance Distributed Software Transactional Memory Framework Saad Ibrahim, Mohamed Mohamed 14 June 2011 (has links) We present HyFlow - a distributed software transactional memory (D-STM) framework for distributed concurrency control. Lock-based concurrency control suffers from drawbacks including deadlocks, livelocks, and scalability and composability challenges. These problems are exacerbated in distributed systems due to their distributed versions which are more complex to cope with (e.g., distributed deadlocks). STM and D-STM are promising alternatives to lock-based and distributed lock-based concurrency control for centralized and distributed systems, respectively, that overcome these difficulties. HyFlow is a Java framework for DSTM, with pluggable support for directory lookup protocols, transactional synchronization and recovery mechanisms, contention management policies, cache coherence protocols, and network communication protocols. HyFlow exports a simple distributed programming model that excludes locks: using (Java 5) annotations, atomic sections are defiend as transactions, in which reads and writes to shared, local and remote objects appear to take effect instantaneously. No changes are needed to the underlying virtual machine or compiler. We describe HyFlow's architecture and implementation, and report on experimental studies comparing HyFlow against competing models including Java remote method invocation (RMI) with mutual exclusion and read/write locks, distributed shared memory (DSM), and directory-based D-STM. / Master of Science Directory Protocols Cache Coherence Contention Management Control-Flow Dataflow Software Transactional Memory Distributed Systems
46	RTL Functional Test Generation Using Factored Concolic Execution Pinto, Sonal 21 July 2017 (has links) This thesis presents a novel concolic testing methodology and CORT, a test generation framework that uses it for high-level functional test generation. The test generation effort is visualized as the systematic unraveling of the control-flow response of the design over multiple (factored) explorations. We begin by transforming the Register Transfer Level (RTL) source for the design into a high-performance C++ compiled functional simulator which is instrumented for branch coverage. An exploration begins by simulating the design with concrete stimuli. Then, we perform an interleaved cycle-by-cycle symbolic evaluation over the concrete execution trace extracted from the Control Flow Graph (CFG) of the design. The purpose of this task is to dynamically discover means to divert the control flow of the system, by mutating primary-input stimulated control statements in this trace. We record the control-flow response as a Test Decision Tree (TDT), a new representation for the test generation effort. Successive explorations begin at system states heuristically selected from a global TDT, onto which each new decision tree resultant from an exploration is stitched. CORT succeeds at constructing functional tests for ITC99 and IWLS-2005 benchmarks that achieve high branch coverage using the fewest number of input vectors, faster than existing methods. Furthermore, we achieve orders of magnitude speedup compared to previous hybrid concrete and symbolic simulation based techniques. / Master of Science Functional Test Generation Control-Flow Response Concolic Execution Branch Coverage System State
47	Désassemblage et détection de logiciels malveillants auto-modifiants / Disassembly and detection of self-modifying malwares Thierry, Aurélien 11 March 2015 (has links) Cette thèse porte en premier lieu sur l'analyse et le désassemblage de programmes malveillants utilisant certaines techniques d'obscurcissement telles que l'auto-modification et le chevauchement de code. Les programmes malveillants trouvés dans la pratique utilisent massivement l'auto-modification pour cacher leur code utile à un analyste. Nous proposons une technique d'analyse hybride qui utilise une trace d'exécution déterminée par analyse dynamique. Cette analyse découpe le programme auto-modifiant en plusieurs sous-parties non auto-modifiantes que nous pouvons alors étudier par analyse statique en utilisant la trace comme guide. Cette seconde analyse contourne d'autres techniques de protection comme le chevauchement de code afin de reconstruire le graphe de flot de contrôle du binaire analysé. Nous étudions également un détecteur de programmes malveillants, fonctionnant par analyse morphologique : il compare les graphes de flot de contrôle d'un programme à analyser à ceux de programmes connus comme malveillants. Nous proposons une formalisation de ce problème de comparaison de graphes, des algorithmes permettant de le résoudre efficacement et détaillons des cas concrets d'application à la détection de similarités logicielles / This dissertation explores tactics for analysis and disassembly of malwares using some obfuscation techniques such as self-modification and code overlapping. Most malwares found in the wild use self-modification in order to hide their payload from an analyst. We propose an hybrid analysis which uses an execution trace derived from a dynamic analysis. This analysis cuts the self-modifying binary into several non self-modifying parts that we can examine through a static analysis using the trace as a guide. This second analysis circumvents more protection techniques such as code overlapping in order to recover the control flow graph of the studied binary. Moreover we review a morphological malware detector which compares the control flow graph of the studied binary against those of known malwares. We provide a formalization of this graph comparison problem along with efficient algorithms that solve it and a use case in the software similarity field Programmes malveillants Auto-Modification Graphe de flot de contrôle Comparaison de graphes Malwares Self-Modification Control flow graph Graph comparison 005.12 005.8
48	Workflow modeling using finite automata [electronic resource] / by Atul Ravi Khemuka. Khemuka, Atul Ravi. January 2003 (has links) Title from PDF of title page. / Document formatted into pages; contains 99 pages. / Thesis (M.S.I.E.)--University of South Florida, 2003. / Includes bibliographical references. / Text (Electronic thesis) in PDF format. / ABSTRACT: A Workflow is an automation of a business process. In general, it consists of processes and activities, which are represented by well-defined tasks. These include 'Office Automation,' 'Health Care' and service-oriented processes such as 'Online Reservations,' 'Online Bookstores' and 'Insurance Claims,' etc. The entities that execute these tasks are humans, application programs or database management systems. These tasks are related and dependent on one another based on business policies and rules. With rapid increases in application domains that use workflow management systems, there is a need for a framework that can be used to implement these applications. In particular, it is essential to provide a formal technique for defining a problem that can be used by various workflow software product developers. In this work, a formal framework based on finite state automata that facilitate modeling and analysis of workflows is presented. / ABSTRACT: The workflow and its specifications are modeled separately as finite state automata models. We provide a general framework for specifying control flow dependencies in the context of supervisory control theory. We also identify several properties of supervisory control theory and demonstrate their use for conducting the analysis of the workflows. / System requirements: World Wide Web browser and PDF reader. / Mode of access: World Wide Web. state avoidance. task. control-flow dependencies. supervisory control theory. string avoidance.
49	Efficient Whole Program Path Tracing Sridhar, G January 2017 (has links) (PDF) Obtaining an accurate whole program path (WPP) that captures a program’s runtime behaviour in terms of a control-flow trace has a number of well-known benefits, including opportunities for code optimization, bug detection, program analysis refinement, etc. Existing techniques to compute WPPs perform sub-optimal instrumentation resulting in significant space and time overheads. Our goal in this thesis is to minimize these overheads without losing precision. To do so, we design a novel and scalable whole program analysis to determine instrumentation points used to obtain WPPs. Our approach is divided into three components: (a) an efficient summarization technique for inter-procedural path reconstruction, (b) specialized data structures called conflict sets that serve to effectively distinguish between pairs of paths, and (c) an instrumentation algorithm that computes the minimum number of edges to describe a path based on these conflict sets. We show that the overall problem is a variant of the minimum hitting set problem, which is NP-hard, and employ various sound approximation strategies to yield a practical solution. We have implemented our approach and performed elaborate experimentation on Java programs from the DaCapo benchmark suite to demonstrate the efficacy of our approach across multiple dimensions. On average, our approach necessitates instrumenting only 9% of the total number of CFG edges in the program. The average runtime overhead incurred by our approach to collect WPPs is 1.97x, which is only 26% greater than the overhead induced by only instrumenting edges guaranteed to exist in an optimal solution. Furthermore, compared to the state-of-the-art, we observe a reduction in runtime overhead by an average and maximum factor of 2.8 and 5.4, respectively. Program Tracing Performance Analysis Dynamic Control Flow Whole Program Path (WPP) Program Path Tracing Path Profiling Software Testing Computer Science
50	Path Selection Based Branching for Coarse Grained Reconfigurable Arrays January 2014 (has links) abstract: Coarse Grain Reconfigurable Arrays (CGRAs) are promising accelerators capable of achieving high performance at low power consumption. While CGRAs can efficiently accelerate loop kernels, accelerating loops with control flow (loops with if-then-else structures) is quite challenging. Techniques that handle control flow execution in CGRAs generally use predication. Such techniques execute both branches of an if-then-else structure and select outcome of either branch to commit based on the result of the conditional. This results in poor utilization of CGRA s computational resources. Dual-issue scheme which is the state of the art technique for control flow fetches instructions from both paths of the branch and selects one to execute at runtime based on the result of the conditional. This technique has an overhead in instruction fetch bandwidth. In this thesis, to improve performance of control flow execution in CGRAs, I propose a solution in which the result of the conditional expression that decides the branch outcome is communicated to the instruction fetch unit to selectively issue instructions from the path taken by the branch at run time. Experimental results show that my solution can achieve 34.6% better performance and 52.1% improvement in energy efficiency on an average compared to state of the art dual issue scheme without imposing any overhead in instruction fetch bandwidth. / Dissertation/Thesis / Masters Thesis Electrical Engineering 2014 Electrical engineering Computer engineering Computer science Coarse Grain Reconfigurable Arrays Compilers Control flow energy efficient high performance Microarchitecture

Search results