Improving dynamic code analysis by code abstraction

In this paper, our aim is to propose a model for code abstraction, based on abstract interpretation, allowing us to improve the precision of a recently proposed static analysis by abstract interpretation of dynamic languages. The problem we tackle here is that the analysis may add some spurious code to the string-to-execute abstract value and this code may need some abstract representations in order to make it analyzable. This is precisely what we propose here, where we drive the code abstraction by the analysis we have to perform

Abstract Program Slicing: an Abstract Interpretation-based approach to Program Slicing

In the present paper we formally define the notion of abstract program slicing, a general form of program slicing where properties of data are considered instead of their exact value. This approach is applied to a language with numeric and reference values, and relies on the notion of abstract dependencies between program components (statements). The different forms of (backward) abstract slicing are added to an existing formal framework where traditional, non-abstract forms of slicing could be compared. The extended framework allows us to appreciate that abstract slicing is a generalization of traditional slicing, since traditional slicing (dealing with syntactic dependencies) is generalized by (semantic) non-abstract forms of slicing, which are actually equivalent to an abstract form where the identity abstraction is performed on data. Sound algorithms for computing abstract dependencies and a systematic characterization of program slices are provided, which rely on the notion of agreement between program states

A proof system for Abstract Non-Interference

In this paper, we provide an inductive proof system for a notion of abstractnon-interference which fits in every field of computer science wherewe are interested in observing how different programs data interfere witheach other. The idea is to abstract from language-based security and considergenerically data as distinguished between internal (that has to beprotected by the program) and observable. In this more general contextwe derive a proof system which allows us to characterise abstract noninterferenceproperties inductively on the syntactic structure of programs.We finally show how this framework can be instantiated to language-basedsecurity

Abstract Program Slicing: An Abstract Interpretation-Based Approach to Program Slicing

n the present article, we formally define the notion of abstract program slicing, a general form of program slicing where properties of data are considered instead of their exact value. This approach is applied to a language with numeric and reference values and relies on the notion of abstract dependencies between program statements. The different forms of (backward) abstract slicing are added to an existing formal framework where traditional, nonabstract forms of slicing could be compared. The extended framework allows us to appreciate that abstract slicing is a generalization of traditional slicing, since each form of traditional slicing (dealing with syntactic dependencies) is generalized by a semantic (nonabstract) form of slicing, which is actually equivalent to an abstract form where the identity abstraction is performed on data. Sound algorithms for computing abstract dependencies and a systematic characterization of program slices are provided, which rely on the notion of agreement between program states

Proving abstract non-interference

Abstract. In this paper we introduce a compositional proof-system for certifying abstract non-interference in programming languages. Certifying abstract noninterference means proving that no unauthorized flow of information is observable by the attacker from confidential to public data. The properties of the computation that an attacker may observe are specified as an abstract domain. Assertions specify the secrecy of a program relatively to the given attacker and the proofsystem specifies how these assertions can be composed in a syntax-directed a la Hoare deduction of secrecy. We prove that the proof-system is sound relatively to the standard semantics of an imperative programming language. This provides a sound proof-system for both certifying secrecy in language-based security and deriving attackers which do not violate secrecy inductively on program’s syntax