Download or read book Proceedings of the ACM SIGPLAN SIGSOFT Workshop on Program Analysis for Software Tools and Engineering written by and published by Association for Computing Machinery (ACM). This book was released on 1998 with total page 934 pages. Available in PDF, EPUB and Kindle. Book excerpt:

Download or read book Static Analysis written by Radhia Cousot and published by Springer Science & Business Media. This book was released on 2003-05-28 with total page 518 pages. Available in PDF, EPUB and Kindle. Book excerpt: Staticanalysisisaresearchareaaimedatdevelopingprinciplesandtoolsforv- i?cation and semantics-based manipulation of programs and high-performance implementations of programming languages. The series of Static Analysis s- posia has served as the primary venue for presentation and discussion of th- retical, practical, and application advances in the area. This volume contains the papers accepted for presentation at the 10th - ternational Static Analysis Symposium (SAS 2003),which was held June 11–13, 2003 in San Diego, California, USA. Firmly established as a leading forum in the static analysis area, SAS 2003 received 82 high-quality submissions. Each paper was carefully reviewed, being judgedaccordingtoscienti?cquality,originality,andrelevancetothesymposium topics. Following on-line discussions, the program committee met in Paris, France, ́ at the Ecole Normale Sup ́ erieure on March 15, 2003, and selected 25 papers. In addition to the contributed papers, this volume includes an invited paper by Manuel Hermenegildo (Technical University of Madrid and University of New Mexico)and the abstractof aninvited talk by KenMcMillan (Cadence Berkeley Laboratories). On behalf of the Program Committee and the General Chair, I would like to thank the authors of the submitted papers, and the external referees, who p- vided timely and signi?cant reviews. I owe special thanks to Jacques Beigbeder ́ from Ecole Normale Sup ́ erieure for managing the submission site and the dev- opers of CyberChair for the use of their software. On this occasion, SAS was sponsored by the Association for Computing - chinery(ACM) andwasheld aspartofthe FederatedComputing ResearchC- ference (FCRC 2003). I would like to thank all organizing committee members for all their tremendous work.

Download or read book String Analysis for Software Verification and Security written by Tevfik Bultan and published by Springer. This book was released on 2018-01-04 with total page 177 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book discusses automated string-analysis techniques, focusing particularly on automata-based static string analysis. It covers the following topics: automata-bases string analysis, computing pre and post-conditions of basic string operations using automata, symbolic representation of automata, forward and backward string analysis using symbolic automata representation, constraint-based string analysis, string constraint solvers, relational string analysis, vulnerability detection using string analysis, string abstractions, differential string analysis, and automated sanitization synthesis using string analysis. String manipulation is a crucial part of modern software systems; for example, it is used extensively in input validation and sanitization and in dynamic code and query generation. The goal of string-analysis techniques and this book is to determine the set of values that string expressions can take during program execution. String analysis can be used to solve many problems in modern software systems that relate to string manipulation, such as: (1) Identifying security vulnerabilities by checking if a security sensitive function can receive an input string that contains an exploit; (2) Identifying possible behaviors of a program by identifying possible values for dynamically generated code; (3) Identifying html generation errors by computing the html code generated by web applications; (4) Identifying the set of queries that are sent to back-end database by analyzing the code that generates the SQL queries; (5) Patching input validation and sanitization functions by automatically synthesizing repairs illustrated in this book. Like many other program-analysis problems, it is not possible to solve the string analysis problem precisely (i.e., it is not possible to precisely determine the set of string values that can reach a program point). However, one can compute over- or under-approximations of possible string values. If the approximations are precise enough, they can enable developers to demonstrate existence or absence of bugs in string manipulating code. String analysis has been an active research area in the last decade, resulting in a wide variety of string-analysis techniques. This book will primarily target researchers and professionals working in computer security, software verification, formal methods, software engineering and program analysis. Advanced level students or instructors teaching or studying courses in computer security, software verification or program analysis will find this book useful as a secondary text.

Download or read book Handbook of Software Engineering written by Sungdeok Cha and published by Springer. This book was released on 2019-02-11 with total page 533 pages. Available in PDF, EPUB and Kindle. Book excerpt: This handbook provides a unique and in-depth survey of the current state-of-the-art in software engineering, covering its major topics, the conceptual genealogy of each subfield, and discussing future research directions. Subjects include foundational areas of software engineering (e.g. software processes, requirements engineering, software architecture, software testing, formal methods, software maintenance) as well as emerging areas (e.g., self-adaptive systems, software engineering in the cloud, coordination technology). Each chapter includes an introduction to central concepts and principles, a guided tour of seminal papers and key contributions, and promising future research directions. The authors of the individual chapters are all acknowledged experts in their field and include many who have pioneered the techniques and technologies discussed. Readers will find an authoritative and concise review of each subject, and will also learn how software engineering technologies have evolved and are likely to develop in the years to come. This book will be especially useful for researchers who are new to software engineering, and for practitioners seeking to enhance their skills and knowledge.

Download or read book Proceedings of the Sixth SIAM International Conference on Data Mining written by Joydeep Ghosh and published by SIAM. This book was released on 2006-04-01 with total page 662 pages. Available in PDF, EPUB and Kindle. Book excerpt: The Sixth SIAM International Conference on Data Mining continues the tradition of presenting approaches, tools, and systems for data mining in fields such as science, engineering, industrial processes, healthcare, and medicine. The datasets in these fields are large, complex, and often noisy. Extracting knowledge requires the use of sophisticated, high-performance, and principled analysis techniques and algorithms, based on sound statistical foundations. These techniques in turn require powerful visualization technologies; implementations that must be carefully tuned for performance; software systems that are usable by scientists, engineers, and physicians as well as researchers; and infrastructures that support them.

Download or read book Principles of Program Analysis written by Flemming Nielson and published by Springer. This book was released on 2015-02-27 with total page 465 pages. Available in PDF, EPUB and Kindle. Book excerpt: Program analysis utilizes static techniques for computing reliable information about the dynamic behavior of programs. Applications include compilers (for code improvement), software validation (for detecting errors) and transformations between data representation (for solving problems such as Y2K). This book is unique in providing an overview of the four major approaches to program analysis: data flow analysis, constraint-based analysis, abstract interpretation, and type and effect systems. The presentation illustrates the extensive similarities between the approaches, helping readers to choose the best one to utilize.

Download or read book Tools and Algorithms for the Construction and Analysis of Systems written by Biere and published by Springer Nature. This book was released on 2020 with total page 399 pages. Available in PDF, EPUB and Kindle. Book excerpt:

Download or read book Tools for High Performance Computing 2015 written by Andreas Knüpfer and published by Springer. This book was released on 2016-07-27 with total page 184 pages. Available in PDF, EPUB and Kindle. Book excerpt: High Performance Computing (HPC) remains a driver that offers huge potentials and benefits for science and society. However, a profound understanding of the computational matters and specialized software is needed to arrive at effective and efficient simulations. Dedicated software tools are important parts of the HPC software landscape, and support application developers. Even though a tool is by definition not a part of an application, but rather a supplemental piece of software, it can make a fundamental difference during the development of an application. Such tools aid application developers in the context of debugging, performance analysis, and code optimization, and therefore make a major contribution to the development of robust and efficient parallel software. This book introduces a selection of the tools presented and discussed at the 9th International Parallel Tools Workshop held in Dresden, Germany, September 2-3, 2015, which offered an established forum for discussing the latest advances in parallel tools.

Download or read book NASA Formal Methods written by Jyotirmoy V. Deshmukh and published by Springer Nature. This book was released on 2022-05-19 with total page 848 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the proceedings of the 14th International Symposium on NASA Formal Methods, NFM 2022, held in Pasadena, USA, during May 24-27, 2022. The 33 full and 6 short papers presented in this volume were carefully reviewed and selected from 118submissions. The volume also contains 6 invited papers. The papers deal with advances in formal methods, formal methods techniques, and formal methods in practice. The focus on topics such as interactive and automated theorem proving; SMT and SAT solving; model checking; use of machine learning and probabilistic reasoning in formal methods; formal methods and graphical modeling languages such as SysML or UML; usability of formal method tools and application in industry, etc.

Download or read book Tools for High Performance Computing 2018 2019 written by Hartmut Mix and published by Springer Nature. This book was released on 2021-05-22 with total page 270 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book presents the proceedings of the 12th International Parallel Tools Workshop, held in Stuttgart, Germany, during September 17-18, 2018, and of the 13th International Parallel Tools Workshop, held in Dresden, Germany, during September 2-3, 2019. The workshops are a forum to discuss the latest advances in parallel tools for high-performance computing. High-performance computing plays an increasingly important role for numerical simulation and modeling in academic and industrial research. At the same time, using large-scale parallel systems efficiently is becoming more difficult. A number of tools addressing parallel program development and analysis has emerged from the high-performance computing community over the last decade, and what may have started as a collection of a small helper scripts has now matured into production-grade frameworks. Powerful user interfaces and an extensive body of documentation together create a user-friendly environment for parallel tools.

Download or read book Languages and Compilers for High Performance Computing written by Rudolf Eigenmann and published by Springer. This book was released on 2005-08-25 with total page 495 pages. Available in PDF, EPUB and Kindle. Book excerpt: The 17th International Workshop on Languages and Compilers for High Performance Computing was hosted by Purdue University in September 2004 on Purdue campus in West Lafayette, Indiana, USA.

Download or read book Detection of Intrusions and Malware and Vulnerability Assessment written by Diego Zamboni and published by Springer Science & Business Media. This book was released on 2008-07 with total page 288 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed proceedings of the 5th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2008, held in Paris, France in July 2008. The 13 revised full papers presented together with one extended abstract were carefully reviewed and selected from 42 submissions. The papers are organized in topical sections on attack prevention, malware detection and prevention, attack techniques and vulnerability assessment, and intrusion detection and activity correlation.

Download or read book Euro Par 2019 Parallel Processing Workshops written by Ulrich Schwardmann and published by Springer Nature. This book was released on 2020-05-29 with total page 765 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes revised selected papers from the workshops held at 25th International Conference on Parallel and Distributed Computing, Euro-Par 2019, which took place in Göttingen, Germany, in August 2019. The 53 full papers and 10 poster papers presented in this volume were carefully reviewed and selected from 77 submissions. Euro-Par is an annual, international conference in Europe, covering all aspects of parallel and distributed processing. These range from theory to practice, from small to the largest parallel and distributed systems and infrastructures, from fundamental computational problems to full-edged applications, from architecture, compiler, language and interface design and implementation to tools, support infrastructures, and application performance aspects. Chapter "In Situ Visualization of Performance-Related Data in Parallel CFD Applications" is available open access under a Creative Commons Attribution 4.0 International License via link.springer.com.

Download or read book ICT Systems Security and Privacy Protection written by Sabrina De Capitani di Vimercati and published by Springer. This book was released on 2017-05-17 with total page 587 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed proceedings of the 32nd IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection, SEC 2017, held in Rome, Italy, in May 2017. The 38 revised full papers presented were carefully reviewed and selected from 199 submissions. The papers are organized in the following topical sections: network security and cyber attacks; security and privacy in social applications and cyber attacks defense; private queries and aggregations; operating systems and firmware security; user authentication and policies; applied cryptography and voting schemes; software security and privacy; privacy; and digital signature, risk management, and code reuse attacks.

Download or read book Novel Techniques in Recovering Embedding and Enforcing Policies for Control Flow Integrity written by Yan Lin and published by Springer Nature. This book was released on 2021-04-30 with total page 106 pages. Available in PDF, EPUB and Kindle. Book excerpt: There are three fundamental components in Control-Flow Integrity (CFI) enforcement. The first component is accurately recovering the policy (CFG). Usually, the more precise the policy is, the more security CFI improves, but precise CFG generation was considered hard without the support of source code. The second component is embedding the CFI policy securely. Current CFI enforcement usually inserts checks before indirect branches to consult a read-only table which stores the valid CFG information. However, this kind of read-only table can be overwritten by some kinds of attacks (e.g., the Rowhammer attack and data-oriented programming). The third component is to efficiently enforce the CFI policy. In current approaches CFI checks are always executed whenever there is an indirect control flow transfer. Therefore, it is critical to minimize the performance impact of CFI checks. In this book, we propose novel solutions to handle these three fundamental components. To generate a precise CFI policy without the support of the source code, we systematically study two methods which recover CFI policy based on function signature matching at the binary level and propose our novel rule- and heuristic-based mechanism to more accurately recover function signature. To embed CFI policy securely, we design a novel platform which encodes the policy into the machine instructions directly without relying on consulting any read-only data structure, by making use of the idea of instruction-set randomization. Each basic block is encrypted with a key derived from the CFG. To efficiently enforce CFI policy, we make use of a mature dynamic code optimization platform called DynamoRIO to enforce the policy so that we are only required to do the CFI check when needed.

Download or read book Scalable Dynamic Analysis of Binary Code written by Ulf Kargén and published by Linköping University Electronic Press. This book was released on 2019-08-22 with total page 86 pages. Available in PDF, EPUB and Kindle. Book excerpt: In recent years, binary code analysis, i.e., applying program analysis directly at the machine code level, has become an increasingly important topic of study. This is driven to a large extent by the information security community, where security auditing of closed-source software and analysis of malware are important applications. Since most of the high-level semantics of the original source code are lost upon compilation to executable code, static analysis is intractable for, e.g., fine-grained information flow analysis of binary code. Dynamic analysis, however, does not suffer in the same way from reduced accuracy in the absence of high-level semantics, and is therefore also more readily applicable to binary code. Since fine-grained dynamic analysis often requires recording detailed information about every instruction execution, scalability can become a significant challenge. In this thesis, we address the scalability challenges of two powerful dynamic analysis methods whose widespread use has, so far, been impeded by their lack of scalability: dynamic slicing and instruction trace alignment. Dynamic slicing provides fine-grained information about dependencies between individual instructions, and can be used both as a powerful debugging aid and as a foundation for other dynamic analysis techniques. Instruction trace alignment provides a means for comparing executions of two similar programs and has important applications in, e.g., malware analysis, security auditing, and plagiarism detection. We also apply our work on scalable dynamic analysis in two novel approaches to improve fuzzing — a popular random testing technique that is widely used in industry to discover security vulnerabilities. To use dynamic slicing, detailed information about a program execution must first be recorded. Since the amount of information is often too large to fit in main memory, existing dynamic slicing methods apply various time-versus-space trade-offs to reduce memory requirements. However, these trade-offs result in very high time overheads, limiting the usefulness of dynamic slicing in practice. In this thesis, we show that the speed of dynamic slicing can be greatly improved by carefully designing data structures and algorithms to exploit temporal locality of programs. This allows avoidance of the expensive trade-offs used in earlier methods by accessing recorded runtime information directly from secondary storage without significant random-access overhead. In addition to being a standalone contribution, scalable dynamic slicing also forms integral parts of our contributions to fuzzing. Our first contribution uses dynamic slicing and binary code mutation to automatically turn an existing executable into a test generator. In our experiments, this new approach to fuzzing achieved about an order of magnitude better code coverage than traditional mutational fuzzing and found several bugs in popular Linux software. The second work on fuzzing presented in this thesis uses dynamic slicing to accelerate the state-of-the-art fuzzer AFL by focusing the fuzzing effort on previously unexplored parts of the input space. For the second dynamic analysis technique whose scalability we sought to improve — instruction trace alignment — we employed techniques used in speech recognition and information retrieval to design what is, to the best of our knowledge, the first general approach to aligning realistically long program traces. We show in our experiments that this method is capable of producing meaningful alignments even in the presence of significant syntactic differences stemming from, for example, the use of different compilers or optimization levels.

Download or read book Detection of Intrusions and Malware and Vulnerability Assessment written by Lorenzo Cavallaro and published by Springer Nature. This book was released on 2022-06-24 with total page 229 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the proceedings of the 19th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2022, held in Cagliari, Italy, in June – July 2021. The 10 full papers and 1 short paper presented in this volume were carefully reviewed and selected from 39 submissions.