40 research outputs found
Structured Traversal of Search Trees in Constraint-logic Object-oriented Programming
In this paper, we propose an explicit, non-strict representation of search
trees in constraint-logic object-oriented programming. Our search tree
representation includes both the non-deterministic and deterministic behaviour
during execution of an application. Introducing such a representation
facilitates the use of various search strategies. In order to demonstrate the
applicability of our approach, we incorporate explicit search trees into the
virtual machine of the constraint-logic object-oriented programming language
Muli. We then exemplarily implement three search algorithms that traverse the
search tree on-demand: depth-first search, breadth-first search, and iterative
deepening depth-first search. In particular, the last two strategies allow for
a complete search, which is novel in constraint-logic object-oriented
programming and highlights our main contribution. Finally, we compare the
implemented strategies using several benchmarks.Comment: Part of DECLARE 19 proceeding
Tagungsband zum 21. Kolloquium Programmiersprachen und Grundlagen der Programmierung
Das 21. Kolloquium Programmiersprachen und Grundlagen der Programmierung (KPS 2021) setzt eine traditionelle Reihe von Arbeitstagungen fort, die 1980 von den Forschungsgruppen der Professoren Friedrich L. Bauer (TU M眉nchen), Klaus Indermark (RWTH Aachen) und Hans Langmaack(CAU Kiel) ins Leben gerufen wurde.Die Veranstaltung ist ein offenes Forum f眉r alle interessierten deutschsprachigen Wissenschaftlerinnen und Wissenschaftler zum zwanglosen Austausch neuer Ideen und Ergebnisse aus den Forschungsbereichen Entwurf und Implementierung von Programmiersprachen sowie Grundlagen und Methodik des Programmierens. Dieser Tagungsband enth盲lt die wissenschaftlichen Beitr盲ge,die bei dem 21. Kolloquium dieser Tagungsreihe pr盲sentiert wurden, welches vom 27. bis 29. September 2021 in Kiel stattfand und von der Arbeitsgruppe Programmiersprachen und 脺bersetzerkonstruktion der Christian-Albrechts-Universit盲t zu Kiel organisiert wurde
Theory and Implementation of Software Bounded Model Checking
This thesis provides a detailed overview of the theory of software bounded model checking (SBMC) and its implementation in LLBMC, which is based on the LLVM compiler framework. The whole process from a C program to an SMT formula is described in detail. Furthermore, a theory of dynamic memory allocation is introduced which allows modelling C\u27s memory model with high precision. Finally, it is shown that LLBMC\u27s approach to software bounded model checking performs well compared to competing tools
STATIC AND DYNAMIC ANALYSES FOR PROTECTING THE JAVA SOFTWARE EXECUTION ENVIRONMENT
In my thesis, I present three projects on which I have worked during my Ph.D. studies. All of them focus on software protection in the Java environment with static and dynamic techniques for control-flow and data-dependency analysis. More specifically, the first two works are dedicated to the problem of deserialization of untrusted data in Java. In the first, I present a defense system that was designed for protecting the Java Virtual Machine, along with the results that were obtained. In the second, I present a recent research project that aims at automatic generation of deserialization attacks, to help identifying them and increasing protection. The last discussed work concerns another branch of software protection: the authentication on short-distance channels (or the lack thereof) in Android APKs. In said work, I present a tool that was built for automatically identifying the presence of high-level authentication in Android apps. I thoroughly discuss experiments, limitations and future work for all three projects, concluding with general principles that bring these works together, and can be applied when facing related security issues in high-level software protection
On the design and implementation of a virtual machine for process calculi
Disserta莽茫o de Doutoramento em Ci锚ncia de Computadores apresentada 脿 Faculdade de Ci锚ncias da Universidade do Port
Abstract Machines for Dynamic Computation
Laboratory for Foundations of Computer ScienceIn this thesis we address the challenges associated with the provision of dynamic software architectures. These are systems in which programs are constructed from separately compiled units with a facility for the replacement of these units at runtime. Typical examples of applications which will benefit from this dynamic approach are long-lived systems in which downtime is highly undesirable, for example, web-servers, database engines, and equipment controllers. In addition, dynamic software architectures are also gaining popularity with the recent advent of wide-area Internet applications, where it is often impractical to compile a program in its entirety or begin execution in a single step.
Our approach to dynamic software architectures differs from earlier attempts in that we guarantee the safety of the replacement operation. This is done by founding our techniques on the rigour of strong typing. In the first half of the thesis we take an existing static software architecture with strong typing facilities and modular program construction, namely the Standard ML platform, and equip it with facilities for separate-compilation and code-replacement of modules. The resulting dynamic software architecture, which we call Dynamic ML, ensures the safety of replacement through an effective use of state-of-the-art advances in the fields of types in compilation and abstract machines.
In the latter half of the thesis we extend Dynamic ML with a facility for distributed execution and adapt our code-replacement model accordingly. This will permit the construction of larger dynamic architectures, for example, across a distributed network of workstations. We also perform a mechanical verification of the distributed algorithm by model checking, to gain further confidence in the correctness of our approach. At the end of the thesis we outline an implementation of our techniques for the Java language, demonstrating the portability of our approach
Towards Improved Homomorphic Encryption for Privacy-Preserving Deep Learning
Menci贸n Internacional en el t铆tulo de doctorDeep Learning (DL) has supposed a remarkable transformation for many fields, heralded
by some as a new technological revolution. The advent of large scale models has increased
the demands for data and computing platforms, for which cloud computing has become
the go-to solution. However, the permeability of DL and cloud computing are reduced
in privacy-enforcing areas that deal with sensitive data. These areas imperatively call for
privacy-enhancing technologies that enable responsible, ethical, and privacy-compliant
use of data in potentially hostile environments.
To this end, the cryptography community has addressed these concerns with what
is known as Privacy-Preserving Computation Techniques (PPCTs), a set of tools that
enable privacy-enhancing protocols where cleartext access to information is no longer
tenable. Of these techniques, Homomorphic Encryption (HE) stands out for its ability
to perform operations over encrypted data without compromising data confidentiality or
privacy. However, despite its promise, HE is still a relatively nascent solution with efficiency
and usability limitations. Improving the efficiency of HE has been a longstanding
challenge in the field of cryptography, and with improvements, the complexity of the
techniques has increased, especially for non-experts.
In this thesis, we address the problem of the complexity of HE when applied to DL.
We begin by systematizing existing knowledge in the field through an in-depth analysis
of state-of-the-art for privacy-preserving deep learning, identifying key trends, research
gaps, and issues associated with current approaches. One such identified gap lies in the
necessity for using vectorized algorithms with Packed Homomorphic Encryption (PaHE),
a state-of-the-art technique to reduce the overhead of HE in complex areas. This thesis
comprehensively analyzes existing algorithms and proposes new ones for using DL with
PaHE, presenting a formal analysis and usage guidelines for their implementation.
Parameter selection of HE schemes is another recurring challenge in the literature,
given that it plays a critical role in determining not only the security of the instantiation
but also the precision, performance, and degree of security of the scheme. To address
this challenge, this thesis proposes a novel system combining fuzzy logic with linear
programming tasks to produce secure parametrizations based on high-level user input
arguments without requiring low-level knowledge of the underlying primitives.
Finally, this thesis describes HEFactory, a symbolic execution compiler designed to
streamline the process of producing HE code and integrating it with Python. HEFactory
implements the previous proposals presented in this thesis in an easy-to-use tool. It provides
a unique architecture that layers the challenges associated with HE and produces
simplified operations interpretable by low-level HE libraries. HEFactory significantly reduces
the overall complexity to code DL applications using HE, resulting in an 80% length
reduction from expert-written code while maintaining equivalent accuracy and efficiency.El aprendizaje profundo ha supuesto una notable transformaci贸n para muchos campos
que algunos han calificado como una nueva revoluci贸n tecnol贸gica. La aparici贸n de modelos
masivos ha aumentado la demanda de datos y plataformas inform谩ticas, para lo cual,
la computaci贸n en la nube se ha convertido en la soluci贸n a la que recurrir. Sin embargo,
la permeabilidad del aprendizaje profundo y la computaci贸n en la nube se reduce en los
谩mbitos de la privacidad que manejan con datos sensibles. Estas 谩reas exigen imperativamente
el uso de tecnolog铆as de mejora de la privacidad que permitan un uso responsable,
茅tico y respetuoso con la privacidad de los datos en entornos potencialmente hostiles.
Con este fin, la comunidad criptogr谩fica ha abordado estas preocupaciones con las
denominadas t茅cnicas de la preservaci贸n de la privacidad en el c贸mputo, un conjunto de
herramientas que permiten protocolos de mejora de la privacidad donde el acceso a la informaci贸n
en texto claro ya no es sostenible. Entre estas t茅cnicas, el cifrado homom贸rfico
destaca por su capacidad para realizar operaciones sobre datos cifrados sin comprometer
la confidencialidad o privacidad de la informaci贸n. Sin embargo, a pesar de lo prometedor
de esta t茅cnica, sigue siendo una soluci贸n relativamente incipiente con limitaciones
de eficiencia y usabilidad. La mejora de la eficiencia del cifrado homom贸rfico en la
criptograf铆a ha sido todo un reto, y, con las mejoras, la complejidad de las t茅cnicas ha
aumentado, especialmente para los usuarios no expertos.
En esta tesis, abordamos el problema de la complejidad del cifrado homom贸rfico
cuando se aplica al aprendizaje profundo. Comenzamos sistematizando el conocimiento
existente en el campo a trav茅s de un an谩lisis exhaustivo del estado del arte para el aprendizaje
profundo que preserva la privacidad, identificando las tendencias clave, las lagunas
de investigaci贸n y los problemas asociados con los enfoques actuales. Una de las
lagunas identificadas radica en el uso de algoritmos vectorizados con cifrado homom贸rfico
empaquetado, que es una t茅cnica del estado del arte que reduce el coste del cifrado
homom贸rfico en 谩reas complejas. Esta tesis analiza exhaustivamente los algoritmos existentes
y propone nuevos algoritmos para el uso de aprendizaje profundo utilizando cifrado
homom贸rfico empaquetado, presentando un an谩lisis formal y unas pautas de uso para su
implementaci贸n.
La selecci贸n de par谩metros de los esquemas del cifrado homom贸rfico es otro reto recurrente
en la literatura, dado que juega un papel cr铆tico a la hora de determinar no s贸lo la
seguridad de la instanciaci贸n, sino tambi茅n la precisi贸n, el rendimiento y el grado de seguridad del esquema. Para abordar este reto, esta tesis propone un sistema innovador que
combina la l贸gica difusa con tareas de programaci贸n lineal para producir parametrizaciones
seguras basadas en argumentos de entrada de alto nivel sin requerir conocimientos
de bajo nivel de las primitivas subyacentes.
Por 煤ltimo, esta tesis propone HEFactory, un compilador de ejecuci贸n simb贸lica dise帽ado
para agilizar el proceso de producci贸n de c贸digo de cifrado homom贸rfico e integrarlo
con Python. HEFactory es la culminaci贸n de las propuestas presentadas en esta
tesis, proporcionando una arquitectura 煤nica que estratifica los retos asociados con el
cifrado homom贸rfico, produciendo operaciones simplificadas que pueden ser interpretadas
por bibliotecas de bajo nivel. Este enfoque permite a HEFactory reducir significativamente
la longitud total del c贸digo, lo que supone una reducci贸n del 80% en la
complejidad de programaci贸n de aplicaciones de aprendizaje profundo que usan cifrado
homom贸rfico en comparaci贸n con el c贸digo escrito por expertos, manteniendo una precisi贸n
equivalente.Programa de Doctorado en Ciencia y Tecnolog铆a Inform谩tica por la Universidad Carlos III de MadridPresidenta: Mar铆a Isabel Gonz谩lez Vasco.- Secretario: David Arroyo Guarde帽o.- Vocal: Antonis Michala
Taming complexity of industrial printing systems using a constraint-based DSL: An industrial experience report
Flexible printing systems are highly complex systems that consist of printers, that print individual sheets of paper, and finishing equipment, that processes sheets after printing, for example, assembling a book. Integrating finishing equipment with printers involves the development of control software that configures the devices, taking hardware constraints into account. This control software is highly complex to realize due to (1) the intertwined nature of printing and finishing, (2) the large variety of print products and production options for a given product, and (3) the large range of finishers produced by different vendors. We have developed a domain-specific language called CSX that offers an interface to constraint solving specific to the printing domain. We use it to model printing and finishing devices and to automatically derive constraint solver-based environments for automatic configuration. We evaluate CSX on its coverage of the printing domain in an industrial context, and we report on lessons learned on using a constraint-based DSL in an industrial context