1,757 research outputs found
Particle-based and Meshless Methods with Aboria
Aboria is a powerful and flexible C++ library for the implementation of
particle-based numerical methods. The particles in such methods can represent
actual particles (e.g. Molecular Dynamics) or abstract particles used to
discretise a continuous function over a domain (e.g. Radial Basis Functions).
Aboria provides a particle container, compatible with the Standard Template
Library, spatial search data structures, and a Domain Specific Language to
specify non-linear operators on the particle set. This paper gives an overview
of Aboria's design, an example of use, and a performance benchmark
Dynamic Race Prediction in Linear Time
Writing reliable concurrent software remains a huge challenge for today's
programmers. Programmers rarely reason about their code by explicitly
considering different possible inter-leavings of its execution. We consider the
problem of detecting data races from individual executions in a sound manner.
The classical approach to solving this problem has been to use Lamport's
happens-before (HB) relation. Until now HB remains the only approach that runs
in linear time. Previous efforts in improving over HB such as causally-precedes
(CP) and maximal causal models fall short due to the fact that they are not
implementable efficiently and hence have to compromise on their race detecting
ability by limiting their techniques to bounded sized fragments of the
execution. We present a new relation weak-causally-precedes (WCP) that is
provably better than CP in terms of being able to detect more races, while
still remaining sound. Moreover it admits a linear time algorithm which works
on the entire execution without having to fragment it.Comment: 22 pages, 8 figures, 1 algorithm, 1 tabl
Deciding Quantifier-Free Presburger Formulas Using Parameterized Solution Bounds
Given a formula in quantifier-free Presburger arithmetic, if it has a
satisfying solution, there is one whose size, measured in bits, is polynomially
bounded in the size of the formula. In this paper, we consider a special class
of quantifier-free Presburger formulas in which most linear constraints are
difference (separation) constraints, and the non-difference constraints are
sparse. This class has been observed to commonly occur in software
verification. We derive a new solution bound in terms of parameters
characterizing the sparseness of linear constraints and the number of
non-difference constraints, in addition to traditional measures of formula
size. In particular, we show that the number of bits needed per integer
variable is linear in the number of non-difference constraints and logarithmic
in the number and size of non-zero coefficients in them, but is otherwise
independent of the total number of linear constraints in the formula. The
derived bound can be used in a decision procedure based on instantiating
integer variables over a finite domain and translating the input
quantifier-free Presburger formula to an equi-satisfiable Boolean formula,
which is then checked using a Boolean satisfiability solver. In addition to our
main theoretical result, we discuss several optimizations for deriving tighter
bounds in practice. Empirical evidence indicates that our decision procedure
can greatly outperform other decision procedures.Comment: 26 page
A Survey of Symbolic Execution Techniques
Many security and software testing applications require checking whether
certain properties of a program hold for any possible usage scenario. For
instance, a tool for identifying software vulnerabilities may need to rule out
the existence of any backdoor to bypass a program's authentication. One
approach would be to test the program using different, possibly random inputs.
As the backdoor may only be hit for very specific program workloads, automated
exploration of the space of possible inputs is of the essence. Symbolic
execution provides an elegant solution to the problem, by systematically
exploring many possible execution paths at the same time without necessarily
requiring concrete inputs. Rather than taking on fully specified input values,
the technique abstractly represents them as symbols, resorting to constraint
solvers to construct actual instances that would cause property violations.
Symbolic execution has been incubated in dozens of tools developed over the
last four decades, leading to major practical breakthroughs in a number of
prominent software reliability applications. The goal of this survey is to
provide an overview of the main ideas, challenges, and solutions developed in
the area, distilling them for a broad audience.
The present survey has been accepted for publication at ACM Computing
Surveys. If you are considering citing this survey, we would appreciate if you
could use the following BibTeX entry: http://goo.gl/Hf5FvcComment: This is the authors pre-print copy. If you are considering citing
this survey, we would appreciate if you could use the following BibTeX entry:
http://goo.gl/Hf5Fv
Early Packet Rejection Using Dynamic Binary Decision Diagram
A firewall is a hardware or software device that performs inspection on a given incoming/outgoing packets and decide whether to allow/deny the packet from entering/leaving the system. Firewall filters the packets by using a set of rules called firewall policies. The policies define what type of packets should be allowed or discarded. These policies describe the field values that the packet header must contain in order to match a policy in the firewall. The decision for any given packet is made by finding the first matching firewall policy, if any.
In a traditional firewall, the packet filter goes through each policy in the list until a matching rule is found; the same process is again repeated for every packet that enters the firewall. The sequential lookup that the firewall uses to find the matching rule is time consuming and the total time it takes to perform the lookup increases as the policy in the list increases. Nowadays, a typical enterprise based firewall will have 1000+ firewall policy in it, which is normal.
A major threat to network firewalls is specially crafted malicious packets that target the bottom rules of the firewall’s entire set of filtering rules. This attack’s main objective is to overload the firewall by processing a flood of network traffic that is matched against almost all the filtering rules before it gets rejected by a bottom rule. As a consequence of this malicious flooding network traffic, the firewall performance will decrease and the processing time of network traffic may increase significantly
The current research work is based on the observation that an alternative method for
the firewall policies can provide a faster lookup and hence a better filtering performance. The method proposed in this research relies on a basic fact that the policy c a n be represented as a simple Boolean expression. Thus, Binary Decision Diagrams (BDDs) are used as a basis for the representation of access list in this study.
The contribution of this research work is a proposed method for representing firewall
Policies using BDDs to improve the performance of packet filtering. The proposed mechanism is called Static Shuffling Binary Decision Diagram (SS-BDD), and is based on restructuring of the Binary Decision Diagram (BDD) by using byte-wise data structure instead of using Field-wise data structure. Real world traffic is used during the simulation phase to prove the performance of packet filtering. The numerical results obtained by the simulation shows that the proposed technique improves the performance for packet filtering significantly on medium to long access lists. Furthermore, using BDDs for representing the firewall policies provides other
Useful characteristics that makes this a beneficial approach to in real world
- …