Global ETD Search

1	Generation of dynamic control-dependence graphs for binary programs Pogulis, Jakob January 2014 (has links) Dynamic analysis of binary files is an area of computer science that has many purposes. It is useful when it comes to debugging software in a development environment and the developer needs to know which statements affected the value of a specific variable. But it is also useful when analyzing a software for potential vulnerabilities, where data controlled by a malicious user could potentially result in the software executing adverse commands or executing malicious code. In this thesis a tool has been developed to perform dynamic analysis of x86 binaries in order to generate dynamic control-dependence graphs over the execution. These graphs can be used to determine which conditional statements that resulted in a certain outcome. The tool has been developed for x86 Linux systems using the dynamic binary instrumentation framework PIN, developed and maintained by Intel. Techniques for utilizing the additional information about the control flow for a program available during the dynamic analysis in order to improve the control flow information have been implemented and tested. The basic theory of dynamic analysis as well as dynamic slicing is discussed, and a basic overview of the implementation of a dynamic analysis tool is presented. The impact on the performance of the dynamic analysis tool for the techniques used to improve the control flow graph is significant, but approaches to improving the performance are discussed. control-dependencies control-dependence graph intel-pin instrumentation dynamic analysis program analysis dependence graph dynamic dependence graph control dependency control flow analysis control flow Computer Sciences Datavetenskap (datalogi)
2	Program Dependence Graph Generation and Analysis for Source Code Plagiarism Detection / Generering och analys av programberoendegrafer för detektering av plagiat i källkod Holma, Niklas January 2012 (has links) Systems and tools that finds similarities among essays and reports are widely used by todays universities and schools to detect plagiarism. Such tools are however insufficient when used for source code comparisons since they are fragile to the most simplest forms of diguises. Other methods that analyses intermediate forms such as token strings, syntax trees and graph representations have shown to be more effective than using simple textual matching methods. In this master thesis report we discuss how program dependence graphs, an abstract representation of a programs semantics, can be used to find similar procedures. We also present an implementation of a system that constructs approximated program dependence graphs from the abstract syntax tree representation of a program. Matching procedures are found by testing graph pairs for either sub-graph isomorphism or graph monomorphism depending on whether structured transfer of control has been used. Under a scenario based evaluation our system is compared to Moss, a popular plagiarism detection tool. The result shows that our system is more or least as effective than Moss in finding plagiarized procedured independently on the type of modifications used. / System och verktyg som hittar likheter mellan uppsatser och rapporter används i stor omfattning av dagens universitet och skolor för att hitta plagiat bland studenters inlämningar. Sådana verktyg är dock otillräckliga när de används för att jämföra programkod eftersom de är svaga mot de enklaste formerna av modifikationer. Andra metoder som analyserar mellanstegsformer såsom tokensträngar, syntaxträd och grafrepresentationer har visat sig vara mer effektiva än att använda sig av enkla textuella metoder. I denna examensuppsats diskuterar vi hur programberoendegrafer, en abstrakt representation av en programs semantik, kan användas för att hitta jämförelsevis liknande procedurer. Vi presenterar också ett system som konstruerar approximerade programberoendegrafer från det abstrakta syntaxträdet av ett program. Matchande procedurer hittas genom att testa grafpar för antingen sub-graf isomorfism eller monomorfism beroende på om strukturerad byte av kontrolflöde har använts. I en scenariobaserad utvärdering jämför vi vårt system mot Moss, ett populärt verktyg för att detektera plagiat. Resultaten visar att vårt system är lika eller mer effektivt som Moss att detektera plagierade procedurer oberoende av de typer av modifikationer som använts. plagiarism program dependence graph Computer Sciences Datavetenskap (datalogi)
3	A Static Slicing Tool for Sequential Java Programs Devaraj, Arvind January 2007 (has links) (PDF) A program slice consists of a subset of the statements of a program that can potentially affect values computed at some point of interest. Such a point of interest along with a set of variables is called a slicing criterion. Slicing tools are useful for several applications, such as program understanding, testing, program integration, and so forth. Slicing object oriented programs has some special problems that need to be addressed due to features like inheritance, polymorphism and dynamic binding. Alias analysis is important for precision of slices. In this thesis we implement a slicing tool for sequential Java programs in the Soot framework. Soot is a front-end for Java developed at McGill University and it provides several forms of intermediate code. We have integrated the slicer into the framework. We also propose an improved technique for intraprocedural points-to analysis. We have implemented this technique and compare the results of the analysis with those for a ﬂow-insensitive scheme in Soot. Performance results of the slicer are reported for several benchmarks. Java Computer Program Slicing Java Programs Points-To-Analysis Program Dependence Graph (PDG) System Dependence Graph (SDG) Andersen's Algorithm Soot - Java Computer Science
4	Dependence analysis for inferring information flow properties in Spark ADA programs Thiagarajan, Hariharan January 1900 (has links) Master of Science / Department of Computing and Information Sciences / John Hatcliff / With the increase in development of safety and security critical systems, it is important to have more sophisticated methods for engineering such systems. It can be difficult to understand and verify critical properties of these systems because of their ever growing size and complexity. Even a small error in a complex system may result in casualty or significant monetary loss. Consequently, there is a rise in the demand for scalable and accurate techniques to enable faster development and verification of high assurance systems. This thesis focuses on discovering dependencies between various parts of a system and leveraging that knowledge to infer information flow properties and to verify security policies specified for the system. The primary contribution of this thesis is a technique to build dependence graphs for languages which feature abstraction and refinement. Inter-procedural slicing and inter-procedural chopping are the techniques used to analyze the properties of the system statically. The approach outlined in this thesis provides a domain-specific language to query the information flow properties and to specify security policies for a critical system. The spec- ified policies can then be verified using existing static analysis techniques. All the above contributions are integrated with a development environment used to develop the critical system. The resulting software development tool helps programmers develop, infer, and verify safety and security systems in a single unified environment. Information flow Dependence graph Policy language Specification and verification Computer Science (0984)
5	Automatic Generation of Simulation Models from Designs Axling, Erik January 2007 (has links) <p>When working with embedded systems, secure and fast applications are desired. To achieve this the applications needs to be analyzed and optimized so that they will not be deadlocked or communicate inefficiently. For this purpose an analysis program that can track communications, deadlocks and response times is needed. Operating System Embedded, OSE, is a wide spread real-time operating system that is used in embedded systems. OSE-applications are excellent candidates for analysis and there exists such a tool, VirtualTime, for that purpose. To analyze an OSE-application a model needs to be written that VirtualTime can analyze. This takes up time and effort as the models can require a lot of work to write.</p><p>In this thesis we have investigated and implemented a prototype that translates OSE-application code into VirtualTime simulation model code. We used the transformation tool TXL to translate communication and timing behaviors. In the translation one needs to preserve the communication and timing behavior and throw away other unnecessary code in the OSE-application. This complicates the translation and sophisticated methods like backward slicing might be necessary. A proposed method in this thesis could help with the problem.</p> TXL VirtualTime OSE Backward Slicing System Dependence Graph Computer science Datalogi
6	Software Architecture-Based Failure Prediction Mohamed, ATEF 28 September 2012 (has links) Depending on the role of software in everyday life, the cost of a software failure can sometimes be unaffordable. During system execution, errors may occur in system components and failures may be manifested due to these errors. These errors differ with respect to their effects on system behavior and consequent failure manifestation manners. Predicting failures before their manifestation is important to assure system resilience. It helps avoid the cost of failures and enables systems to perform corrective actions prior to failure occurrences. However, effective runtime error detection and failure prediction techniques encounter a prohibitive challenge with respect to the control flow representation of large software systems with intricate control flow structures. In this thesis, we provide a technique for failure prediction from runtime errors of large software systems. Aiming to avoid the possible difficulties and inaccuracies of the existing Control Flow Graph (CFG) structures, we first propose a Connection Dependence Graph (CDG) for control flow representation of large software systems. We describe the CDG structure and explain how to derive it from program source code. Second, we utilize the proposed CDG to provide a connection-based signature approach for control flow error detection. We describe the monitor structure and present the error checking algorithm. Finally, we utilize the detected errors and erroneous state parameters to predict failure occurrences and modes during system runtime. We craft runtime signatures based on these errors and state parameters. Using system error and failure history, we determine a predictive function (an estimator) for each failure mode based on these signatures. Our experimental evaluation for these techniques uses a large open-source software (PostgreSQL 8.4.4 database system). The results show highly efficient control flow representation, error detection, and failure prediction techniques. This work contributes to software reliability by providing a simple and accurate control flow representation and utilizing it to detect runtime errors and predict failure occurrences and modes with high accuracy. / Thesis (Ph.D, Computing) -- Queen's University, 2012-09-25 23:44:12.356 Connection Dependence Graph Error detection Control Flow Graph Failure prediction Software Architecture
7	A Study of Backward Compatible Dynamic Software Update January 2015 (has links) abstract: Dynamic software update (DSU) enables a program to update while it is running. DSU aims to minimize the loss due to program downtime for updates. Usually DSU is done in three steps: suspending the execution of an old program, mapping the execution state from the old program to a new one, and resuming execution of the new program with the mapped state. The semantic correctness of DSU depends largely on the state mapping which is mostly composed by developers manually nowadays. However, the manual construction of a state mapping does not necessarily ensure sound and dependable state mapping. This dissertation presents a methodology to assist developers by automating the construction of a partial state mapping with a guarantee of correctness. This dissertation includes a detailed study of DSU correctness and automatic state mapping for server programs with an established user base. At first, the dissertation presents the formal treatment of DSU correctness and the state mapping problem. Then the dissertation presents an argument that for programs with an established user base, dynamic updates must be backward compatible. The dissertation next presents a general definition of backward compatibility that specifies the allowed changes in program interaction between an old version and a new version and identified patterns of code evolution that results in backward compatible behavior. Thereafter the dissertation presents formal definitions of these patterns together with proof that any changes to programs in these patterns will result in backward compatible update. To show the applicability of the results, the dissertation presents SitBack, a program analysis tool that has an old version program and a new one as input and computes a partial state mapping under the assumption that the new version is backward compatible with the old version. SitBack does not handle all kinds of changes and it reports to the user in incomplete part of a state mapping. The dissertation presents a detailed evaluation of SitBack which shows that the methodology of automatic state mapping is promising in deal with real world program updates. For example, SitBack produces state mappings for 17-75% of the changed functions. Furthermore, SitBack generates automatic state mapping that leads to successful DSU. In conclusion, the study presented in this dissertation does assist developers in developing state mappings for DSU by automating the construction of state mappings with a correctness guarantee, which helps the adoption of DSU ultimately. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2015 Computer science backward compatibility dynamic software update operational semantic program dependence graph program equivalence
8	Automatic Generation of Simulation Models from Designs Axling, Erik January 2007 (has links) When working with embedded systems, secure and fast applications are desired. To achieve this the applications needs to be analyzed and optimized so that they will not be deadlocked or communicate inefficiently. For this purpose an analysis program that can track communications, deadlocks and response times is needed. Operating System Embedded, OSE, is a wide spread real-time operating system that is used in embedded systems. OSE-applications are excellent candidates for analysis and there exists such a tool, VirtualTime, for that purpose. To analyze an OSE-application a model needs to be written that VirtualTime can analyze. This takes up time and effort as the models can require a lot of work to write. In this thesis we have investigated and implemented a prototype that translates OSE-application code into VirtualTime simulation model code. We used the transformation tool TXL to translate communication and timing behaviors. In the translation one needs to preserve the communication and timing behavior and throw away other unnecessary code in the OSE-application. This complicates the translation and sophisticated methods like backward slicing might be necessary. A proposed method in this thesis could help with the problem. TXL VirtualTime OSE Backward Slicing System Dependence Graph Computer Sciences Datavetenskap (datalogi)
9	Cloneless: Code Clone Detection via Program Dependence Graphs with Relaxed Constraints Simko, Thomas J 01 June 2019 (has links) (PDF) Code clones are pieces of code that have the same functionality. While some clones may structurally match one another, others may look drastically different. The inclusion of code clones clutters a code base, leading to increased costs through maintenance. Duplicate code is introduced through a variety of means, such as copy-pasting, code generated by tools, or developers unintentionally writing similar pieces of code. While manual clone identification may be more accurate than automated detection, it is infeasible due to the extensive size of many code bases. Software code clone detection methods have differing degree of success based on the analysis performed. This thesis outlines a method of detecting clones using a program dependence graph and subgraph isomorphism to identify similar subgraphs, ultimately illuminating clones. The project imposes few constraints when comparing code segments to potentially reveal more clones. Code Clone Program Dependence Graph PDG Duplicate Code Clone Detection Computational Engineering
10	PRECISION IMPROVEMENT AND COST REDUCTION FOR DEFECT MINING AND TESTING Sun, Boya 31 January 2012 (has links) No description available. Computer Science static program analysis defect mining software testing software reliability data mining machine learning system dependence graph

Search results