A Tool Which Mines Partial Execution Traces to Improve Static Analysis

Constructing More Complete Control Flow Graphs Utilizing Directed Gray-Box Fuzzing

Applied Sciences ◽

10.3390/app11031351 ◽

2021 ◽

Vol 11 (3) ◽

pp. 1351

Author(s):

Kailong Zhu ◽

Yuliang Lu ◽

Hui Huang ◽

Lu Yu ◽

Jiazhen Zhao

Keyword(s):

Static Analysis ◽

Feedback Mechanism ◽

Control Flow ◽

Test Cases ◽

Malware Analysis ◽

Complete Control ◽

Advantages And Disadvantages ◽

Execution Traces ◽

Flow Graphs ◽

Iterative Feedback

Control Flow Graphs (CFGs) provide fundamental data for many program analyses, such as malware analysis, vulnerability detection, code similarity analysis, etc. Existing techniques for constructing control flow graphs include static, dynamic, and hybrid analysis, which each having their own advantages and disadvantages. However, due to the difficulty of resolving indirect jump relations, the existing techniques are limited in completeness. In this paper, we propose a practical technique that applies static analysis and dynamic analysis to construct more complete control flow graphs. The main innovation of our approach is to adopt directed gray-box fuzzing (DGF) instead of coverage-based gray-box fuzzing (CGF) used in the existing approach to generate test cases that can exercise indirect jumps. We first employ a static analysis to construct the static CFGs without indirect jump relations. Then, we utilize directed gray-box fuzzing to generate test cases and resolve indirect jump relations by monitoring the execution traces of these test cases. Finally, we combine the static CFGs with indirect jump relations to construct more complete CFGs. In addition, we also propose an iterative feedback mechanism to further improve the completeness of CFGs. We have implemented our technique in a prototype and evaluated it through comparing with the existing approaches on eight benchmarks. The results show that our prototype can resolve more indirect jump relations and construct more complete CFGs than existing approaches.

Download Full-text

Static Analysis of Functionally Graded Cantilever Beam Using Finite Element Method

i-manager’s Journal on Future Engineering and Technology ◽

10.26634/jfet.4.4.174 ◽

2009 ◽

Vol 4 (4) ◽

pp. 54-56

Author(s):

N. V. Ramesh Maganti ◽

◽

Mohan Rao N. ◽

Keyword(s):

Finite Element Method ◽

Finite Element ◽

Static Analysis ◽

Cantilever Beam ◽

Functionally Graded ◽

Element Method

Download Full-text

Effects of openings on the seismic behavior and performance level of concrete shear walls

10.31224/osf.io/phfyd ◽

2019 ◽

Author(s):

Hossein Alimohammadi ◽

Mostafa Dalvi Esfahani ◽

Mohammadali Lotfollahi Yaghin

Keyword(s):

Static Analysis ◽

Cross Section ◽

Seismic Behavior ◽

Shear Walls ◽

Shear Wall ◽

Constant Cross Section ◽

Added Resistance ◽

Different Shapes ◽

And Performance ◽

Abaqus Software

In this study, the seismic behavior of the concrete shear wall considering the opening with different shapes and constant cross-section has been studied, and for this purpose, several shear walls are placed under the increasingly non-linear static analysis (Pushover). These case studies modeled in 3D Abaqus Software, and the results of the ductility coefficient, hardness, energy absorption, added resistance, the final shape, and the final resistance are compared to shear walls without opening.

Download Full-text

Static Analysis Based Correctness Verification for Mandatory Access Control Framework

Chinese Journal of Computers ◽

10.3724/sp.j.1016.2009.00730 ◽

2009 ◽

Vol 32 (4) ◽

pp. 730-739 ◽

Cited By ~ 1

Author(s):

Xin-Song WU ◽

Zhou-Yi ZHOU ◽

Ye-Ping HE ◽

Hong-Liang LIANG ◽

Chun-Yang YUAN

Keyword(s):

Access Control ◽

Static Analysis ◽

Mandatory Access Control ◽

Control Framework

Download Full-text

S6801 User's Guide. Version 1.0. Static Analysis of Plane Frame and Truss Structures

10.21236/ada236736 ◽

1989 ◽

Author(s):

Frank R. Johnson

Keyword(s):

Static Analysis ◽

Truss Structures ◽

Plane Frame

Download Full-text

Regional and industry characteristics of trade and economic cooperation of the EEU countries

Voprosy regionalnoj ekonomiki ◽

10.21499/2078-4023-2018--3-140-148 ◽

2018 ◽

Vol 35 (3) ◽

pp. 140-148

Author(s):

P. M. Taranov ◽

A. N. Gerasimov

Keyword(s):

International Trade ◽

Static Analysis ◽

Economic Cooperation ◽

Regional Structure ◽

Trade Study ◽

Structure Of Trade

In the paper, trends and patterns of development of trade and economic cooperation of the EEU countries are analyzed. The authors, based on the economic-static analysis of international trade, study the features of the transformation of the commodity and regional structure of trade. Conclusions are drawn about the reasons for the existing features and trends in the development of intraregional economic cooperation.

Download Full-text

Static Analysis

10.1007/3-540-57264-3 ◽

1993 ◽

Cited By ~ 3

Keyword(s):

Static Analysis

Download Full-text

Platform Independent Analysis of Probabilities on Multithreaded Programs

International Journal of Software Innovation ◽

10.4018/ijsi.2013070104 ◽

2013 ◽

Vol 1 (3) ◽

pp. 48-65

Author(s):

Yuting Chen

Keyword(s):

Operating System ◽

Static Analysis ◽

Main Idea ◽

Experimental Results ◽

Machine To Machine ◽

Concurrent Program ◽

Acceptable Accuracy ◽

Multithreaded Programs ◽

Independent Analysis ◽

And Performance

A concurrent program is intuitively associated with probability: the executions of the program can produce nondeterministic execution program paths due to the interleavings of threads, whereas some paths can always be executed more frequently than the others. An exploration of the probabilities on the execution paths is expected to provide engineers or compilers with support in helping, either at coding phase or at compile time, to optimize some hottest paths. However, it is not easy to take a static analysis of the probabilities on a concurrent program in that the scheduling of threads of a concurrent program usually depends on the operating system and hardware (e.g., processor) on which the program is executed, which may be vary from machine to machine. In this paper the authors propose a platform independent approach, called ProbPP, to analyzing probabilities on the execution paths of the multithreaded programs. The main idea of ProbPP is to calculate the probabilities on the basis of two kinds of probabilities: Primitive Dependent Probabilities (PDPs) representing the control dependent probabilities among the program statements and Thread Execution Probabilities (TEPs) representing the probabilities of threads being scheduled to execute. The authors have also conducted two preliminary experiments to evaluate the effectiveness and performance of ProbPP, and the experimental results show that ProbPP can provide engineers with acceptable accuracy.

Download Full-text

Of Massive Static Analysis Data

2013 IEEE Seventh International Conference on Software Security and Reliability Companion ◽

10.1109/sere-c.2013.10 ◽

2013 ◽

Cited By ~ 3

Author(s):

Aurelien Delaitre ◽

Vadim Okun ◽

Elizabeth Fong

Keyword(s):

Static Analysis ◽

Analysis Data

Download Full-text

Combining static analysis with probabilistic models to enable market-scale Android inter-component analysis

ACM SIGPLAN Notices ◽

10.1145/2914770.2837661 ◽

2016 ◽

Vol 51 (1) ◽

pp. 469-484 ◽

Cited By ~ 8

Author(s):

Damien Octeau ◽

Somesh Jha ◽

Matthew Dering ◽

Patrick McDaniel ◽

Alexandre Bartel ◽

...

Keyword(s):

Static Analysis ◽

Probabilistic Models ◽

Component Analysis

Download Full-text