8,920 research outputs found
Optimizing Abstract Abstract Machines
The technique of abstracting abstract machines (AAM) provides a systematic
approach for deriving computable approximations of evaluators that are easily
proved sound. This article contributes a complementary step-by-step process for
subsequently going from a naive analyzer derived under the AAM approach, to an
efficient and correct implementation. The end result of the process is a two to
three order-of-magnitude improvement over the systematically derived analyzer,
making it competitive with hand-optimized implementations that compute
fundamentally less precise results.Comment: Proceedings of the International Conference on Functional Programming
2013 (ICFP 2013). Boston, Massachusetts. September, 201
Towards sound refactoring in erlang
Erlang is an actor-based programming
language used extensively for building concurrent, reactive
systems that are highly available and suff er minimum
downtime. Such systems are often mission critical, making
system correctness vital. Refactoring is code restructuring
that improves the code but does not change
behaviour. While using automated refactoring tools is
less error-prone than performing refactorings manually,
automated refactoring tools still cannot guarantee that
the refactoring is correct, i.e., program behaviour is preserved.
This leads to lack of trust in automated refactoring
tools. We rst survey solutions to this problem
proposed in the literature. Erlang refactoring tools as
commonly use approximation techniques which do not
guarantee behaviour while some other works propose the
use of formal methodologies. In this work we aim to
develop a formal methodology for refactoring Erlang
code. We study behavioural preorders, with a special focus
on the testing preorder as it seems most suited to
our purpose.peer-reviewe
Towards Compatible and Interderivable Semantic Specifications for the Scheme Programming Language, Part I: Denotational Semantics, Natural Semantics, and Abstract Machines
We derive two big-step abstract machines, a natural semantics, and the valuation function of a denotational semantics based on the small-step abstract machine for Core Scheme presented by Clinger at PLDI'98. Starting from a functional implementation of this small-step abstract machine, (1) we fuse its transition function with its driver loop, obtaining the functional implementation of a big-step abstract machine; (2) we adjust this big-step abstract machine so that it is in defunctionalized form, obtaining the functional implementation of a second big-step abstract machine; (3) we refunctionalize this adjusted abstract machine, obtaining the functional implementation of a natural semantics in continuation style; and (4) we closure-unconvert this natural semantics, obtaining a compositional continuation-passing evaluation function which we identify as the functional implementation of a denotational semantics in continuation style. We then compare this valuation function with that of Clinger's original denotational semantics of Scheme
Session Types in a Linearly Typed Multi-Threaded Lambda-Calculus
We present a formalization of session types in a multi-threaded
lambda-calculus (MTLC) equipped with a linear type system, establishing for the
MTLC both type preservation and global progress. The latter (global progress)
implies that the evaluation of a well-typed program in the MTLC can never reach
a deadlock. As this formulated MTLC can be readily embedded into ATS, a
full-fledged language with a functional programming core that supports both
dependent types (of DML-style) and linear types, we obtain a direct
implementation of session types in ATS. In addition, we gain immediate support
for a form of dependent session types based on this embedding into ATS.
Compared to various existing formalizations of session types, we see the one
given in this paper is unique in its closeness to concrete implementation. In
particular, we report such an implementation ready for practical use that
generates Erlang code from well-typed ATS source (making use of session types),
thus taking great advantage of the infrastructural support for distributed
computing in Erlang.Comment: This is the original version of the paper on supporting programming
with dyadic session types in AT
Sound and Precise Malware Analysis for Android via Pushdown Reachability and Entry-Point Saturation
We present Anadroid, a static malware analysis framework for Android apps.
Anadroid exploits two techniques to soundly raise precision: (1) it uses a
pushdown system to precisely model dynamically dispatched interprocedural and
exception-driven control-flow; (2) it uses Entry-Point Saturation (EPS) to
soundly approximate all possible interleavings of asynchronous entry points in
Android applications. (It also integrates static taint-flow analysis and least
permissions analysis to expand the class of malicious behaviors which it can
catch.) Anadroid provides rich user interface support for human analysts which
must ultimately rule on the "maliciousness" of a behavior.
To demonstrate the effectiveness of Anadroid's malware analysis, we had teams
of analysts analyze a challenge suite of 52 Android applications released as
part of the Auto- mated Program Analysis for Cybersecurity (APAC) DARPA
program. The first team analyzed the apps using a ver- sion of Anadroid that
uses traditional (finite-state-machine-based) control-flow-analysis found in
existing malware analysis tools; the second team analyzed the apps using a
version of Anadroid that uses our enhanced pushdown-based
control-flow-analysis. We measured machine analysis time, human analyst time,
and their accuracy in flagging malicious applications. With pushdown analysis,
we found statistically significant (p < 0.05) decreases in time: from 85
minutes per app to 35 minutes per app in human plus machine analysis time; and
statistically significant (p < 0.05) increases in accuracy with the
pushdown-driven analyzer: from 71% correct identification to 95% correct
identification.Comment: Appears in 3rd Annual ACM CCS workshop on Security and Privacy in
SmartPhones and Mobile Devices (SPSM'13), Berlin, Germany, 201
- …