PL/Systems Seminar

Malicious software, often referred to as malware, constitutes a major threat to the security of computer systems. Common malware includes viruses, worms, trojan horses, rootkits, spyware, and other types of malicious code. Malware is designed to cause damage to computer systems without the permission or informed consent of the owner. It can cause harm to user data, spread to other systems, or steal sensitive information on victim systems. In order to avoid detection, malware often tends to be evasive: it either actively conceals its presence or it remains inactive most of the time and only exhibits malicious behavior under certain circumstances. In this talk, I am going to present my Ph.D. research topic: Binary Analyses for Detecting and Analyzing Evasive Malware. I will introduce a binary analysis infrastructure for constructing reliable control flow graphs from binaries. I will also describe how I plan to leverage and extend this binary analysis infrastructure to analyze evasive malware.

Zhendong presented the core of a new programming paradigm.

Andreas will give a practice talk for his ASE paper Static Validation of C Preprocessor Macros.  Its abstract follows:

The widely used C preprocessor (CPP) is generally considered a source of difficulty for understanding and  maintaining C/C++ programs. The main reason for this difficulty is CPP’s purely lexical semantics, i.e., its treatment of both input and output as token streams. This can easily lead to errors that are difficult to diagnose, and it has been estimated that up to 20% of all macros are erroneous. To reduce such errors, more restrictive,  replacement languages for CPP have been proposed to limit expanded macros to be valid C syntactic units. However, there is no practical tool that can effectively validate CPP macros in legacy applications.

In this paper, we introduce a novel, general characterization of inconsistent macro usage as a strong indicator of  macro errors. Our key insight is that all applications of the same macro should behave similarly. In particular, we map each macro call c in a source file f to c’s normalized syntactic constructs within the abstract syntax tree (AST) for f’s preprocessed source, and use syntactic similarity as the basis for comparing macro calls of the same macro definition. Utilizing this characterization, we have developed an efficient algorithm to statically validate macro usage in C/C++ programs. We have implemented the algorithm; evaluation results show that our tool is effective in detecting common macro-related errors and reports few false positives, making it a practical tool for validating macro usage.

Foyzur presented “Do Crosscutting Concerns Cause Defects”.

Foyzur picked the paper as it is related to his current clone-bug analysis. The authors identified all the concern related methods and class and number of bugs in them. Then they correlated cross-cutting concerns and defects.  To identify whether their finding is merely an artefact of code size or has some real importance, the authors used stepwise regression analysis and PCA.

Taeho presents his a practice talk on his research in preparation for his qualifying exam.  Note that his talk will begin at 1p in Zhendong’s lab meeting and continue into the language-system seminar.  An overview of his talks follows:

Component technology has been widely utilized for software development due to its novel features such as modularity and bug isolation. Based on the technology, software operates by interoperating components. In other words, software resolve components, compose them, and utilize their functions. To accomplish reliable execution of software, it is necessary for components to interoperate each other in a secure manner. Otherwise, the software can fail to perform its intended operation and induce serious security holes that can be misused by attackers. However, although safe interoperability among components is one of requirements for reliable software, previous researches on the component security have mainly focused on bug hunting of individual components and detection of malicious components. In this talk, I am going to introduce my Ph.D research topic, “Detecting Unsafe Software Component Interoperation”, and present current research progress and future research direction.

Sophia will present an Oakland ‘09 paper with the title “BLUEPRINT - Robust Prevention of Cross-site Scripting Attacks for Existing Browsers” by Mike Ter Louw and V.N. Venkatakrishnan.

—
Abstract

“As social networking sites proliferate across the World Wide Web, complex user-created HTML content is rapidly becoming the norm rather than the exception. User-created web content is a notorious vector for cross-site scripting (XSS) attacks that target websites and confidential user data. In this threat climate, mechanisms that render web applications immune to XSS attacks have been of recent research interest.

A challenge for these security mechanisms is enabling web applications to accept complex HTML input from users, while disallowing malicious script content. This challenge is made difficult by anomalous web browser behaviors, which are often used as vectors for successful XSS attacks.

Motivated by this problem, we present a new XSS defense strategy designed to be effective in widely deployed existing web browsers, despite anomalous browser behavior. Our approach seeks to minimize trust placed on browsers for interpreting untrusted content. We implemented this approach in a tool called BLUEPRINT that was integrated with several popular web applications. We evaluated BLUEPRINT against a barrage of stress tests that demonstrate strong resistance to attacks, excellent compatibility with web browsers and reasonable performance overheads.”

Earl will present

/Snugglebug: A Powerful Approach to Weakest Preconditions /
by Satish Chandra, Stephen Fink, and Manu Sridharan, IBM Research

which will appear in PLDI 2009.

This week, Chris will offer a practice talk for his ICSE 2009 paper. Let’s help him to make this talk perfect.

Here is the paper information:
Does Distributed Development Affect Software Quality? An Empirical Case Study of Windows Vista (Christian Bird, Nachiappan Nagappan, Premkumar Devanbu, Harald Gall, Brendan Murphy) Winner of ACM SIGSOFT Distinguished Papers Award

Abstract: It is believed that distributed software development is more challenging than collocated development.  Literature on distributed development in software engineering discusses various challenges, including cultural barriers, expertise transfer difficulties, and communication and coordination overhead.  We evaluate this belief by examining the development of Windows Vista and comparing the failures of components that were developed in a distributed fashion with those developed by collocated teams.  We found a negligible difference in failures.  This difference becomes even less significant when controlling for the number of developers working on a binary.  We also examine component characteristics such as code churn, complexity, dependency information, and test coverage to investigate if less complex components are distributed and find little difference between distributed and collocated components.  Further, we examine the software process used during the Vista development cycle and present ways in which the development process utilized may be insensitive to geography by mitigating issues.

This week, Enyi (Thomas Brushington) present some related research papers of James Larus who will visit us this Thurday and offer a distingushed guest talk.

Here are some paper information:

James Larus, Spending Moore’s Dividend, Communications of the ACM, vol. 52, no. 5, pp. 62-69, Association for Computing Machinery, Inc., May 2009
http://doi.acm.org/10.1145/1506409.1506425

Galen C. Hunt, James R. Larus, Singularity: Rethinking the Software Stack, ACM SIGOPS Operating Systems Review, vol. 41, no. 2, pp. 37-49, Association for Computing Machinery, Inc., April 2007
http://research.microsoft.com/pubs/69431/osr2007_rethinkingsoftwarestack.pdf

Trishul M. Chilimbi, Mark D. Hill, James R. Larus: Cache-Conscious Structure Layout. PLDI 1999: 1-12
http://doi.acm.org/10.1145/301618.301633

Trishul M. Chilimbi, Bob Davidson, James R. Larus: Cache-Conscious Structure Definition. PLDI 1999: 13-24
http://doi.acm.org/10.1145/301618.301635

James R. Larus: Compiling Lisp Programs for Parallel Execution. Lisp and Symbolic Computation 4(1): 29-99 (1991)
http://dx.doi.org/10.1007/BF01806061

Zhongxian will discuss the POPL paper:

Equality Saturation:A New Approach to Optimization

——————————

abstract: Optimizations in a traditional compiler are applied sequentially, with each optimization destructively modifying the program to produce a transformed program that is then passed to the next optimization. We present a new approach for structuring the optimization phase of a compiler. In our approach, optimizations take the form of equality analyses that add equality information to a common intermediate representation. The optimizer works by repeatedly applying these analyses to infer equivalences between program fragments, thus saturating the intermediate representation with equalities. Once saturated, the intermediate representation encodes multiple optimized versions of the input program. At this point, a profitability heuristic picks the final optimized program from the various programs represented in the saturated representation. Our proposed way of structuring optimizers has a variety of benefits over previous approaches: our approach obviates the need to worry about optimization ordering, enables the use of a global optimization heuristic that selects among fully optimized programs, and can be used to perform translation validation, even on compilers other than our own. We present our approach, formalize it, and describe our choice of intermediate representation. We also present experimental results showing that our approach is practical in terms of time and space overhead, is effective at discovering intricate optimization opportunities, and is effective at performing translation validation for a realistic optimizer.

You can download it via: http://www.cs.ucsd.edu/~rtate/publications/eqsat/

Best

Zhongxian