Lightweight Snapshots and System-level Backtracking

We propose a new system-level abstraction, the lightweight immutable execution snapshot, which combines the immutable characteristics of checkpoints with the direct integration into the virtual memory subsystem of standard mutable address spaces. The abstraction can give arbitrary x86 programs and libraries system-level support for backtracking (akin to logic programming) and the ability to manipulate an entire address space as an immutable data structure (akin to functional programming). Our proposed implementation leverages modern x86 hardware-virtualization support

Symbolic Execution for Randomized Programs

We propose a symbolic execution method for programs that can draw random samples. In contrast to existing work, our method can verify randomized programs with unknown inputs and can prove probabilistic properties that universally quantify over all possible inputs. Our technique augments standard symbolic execution with a new class of \emph{probabilistic symbolic variables}, which represent the results of random draws, and computes symbolic expressions representing the probability of taking individual paths. We implement our method on top of the \textsc{KLEE} symbolic execution engine alongside multiple optimizations and use it to prove properties about probabilities and expected values for a range of challenging case studies written in C++, including Freivalds' algorithm, randomized quicksort, and a randomized property-testing algorithm for monotonicity. We evaluate our method against \textsc{Psi}, an exact probabilistic symbolic inference engine, and \textsc{Storm}, a probabilistic model checker, and show that our method significantly outperforms both tools.Comment: 47 pages, 9 figures, to appear at OOPSLA 202

ENSURING SPECIFICATION COMPLIANCE, ROBUSTNESS, AND SECURITY OF WIRELESS NETWORK PROTOCOLS

Several newly emerged wireless technologies (e.g., Internet-of-Things, Bluetooth, NFC)—extensively backed by the tech industry—are being widely adopted and have resulted in a proliferation of diverse smart appliances and gadgets (e.g., smart thermostat, wearables, smartphones), which has ensuingly shaped our modern digital life. These technologies include several communication protocols that usually have stringent requirements stated in their specifications. Failing to comply with such requirements can result in incorrect behaviors, interoperability issues, or even security vulnerabilities. Moreover, lack of robustness of the protocol implementation to malicious attacks—exploiting subtle vulnerabilities in the implementation—mounted by the compromised nodes in an adversarial environment can limit the practical utility of the implementation by impairing the performance of the protocol and can even have detrimental effects on the availability of the network. Even having a compliant and robust implementation alone may not suffice in many cases because these technologies often expose new attack surfaces as well as new propagation vectors, which can be exploited by unprecedented malware and can quickly lead to an epidemic