64 research outputs found
Solving parity games through fictitious play
The thesis aims to find an efficient algorithm for solving parity games. Parity games are graph-based, 0-sum, 2-person games with infinite plays. It is known that these games are determined: all nodes in these games are won by exactly one player. Solving parity games is equivalent to the model checking problem of modal mu-calculus; an efficient solution has important implications to program verification and controller synthesis. Although the decision problem of which player wins a given node is generally believed to be in PTIME, all known algorithms so far have been shown to run in (sub)exponential time. The design of existing algorithms either derives from the determinacy proof of parity games or from a purely graph theoretical perspective, using certain rank functions to iteratively search for an optimal solution. Since parity games are 2-person, 0-sum games, in this thesis I borrow ideas of game theory and investigate the viability of using fictitious play to solve them. Fictitious play is a method where two players choose strategies in strict alternation, and where these choices are “best responses” against the last k (so called bounded recall length) or against all strategies (unbounded recall length) of the other player chosen so far.
I use this method to design an algorithm that can solve partity games and
study its theoretical and experimental properties. For example, I prove that the basic algorithm solves fully connected games in polynomial time through a number of iterations that is bounded by a small constant. Although the proof is not extended to the general cases in the thesis, the basic algorithm performs demonstrably well against existing solvers in experiments over a large number and variety of games. In particular, the empirically obtained number of iterations that our basic algorithm requires appears to increase polynomially against the game sizes for all the games tested. Furthermore, the algorithm is conjectured to have a run time complexity bounded by O(n4 log2(n)) and I provide a discussion of strategy graphs and their emperically observed properties that motivates this conjecture.
One caveat of fictitious play with bounded recall length is that the algorithm may fail to converge to the optimal solution due to the presence of nonoptimal strategy cycles of length greater than 2. In this thesis, I observe that in practice such cases account for less than 0.01% of the games tested. Different cycle resolution methods are explored in the thesis to address this. One particular method combines our basic algorithm and the discrete strategy solver together such that the resulting algorithm is guaranteed to terminate with the optimal solution. Also, this combined solver shares the runtime performance of fictitious play.Open Acces
A logical deduction based clause learning algorithm for Boolean satisfiability problems
Clause learning is the key component of modern SAT solvers, while conflict analysis based on the implication graph is the mainstream technology to generate the learnt clauses. Whenever a clause in the clause database is falsified by the current variable assignments, the SAT solver will try to analyze the reason by using different cuts (i.e., the Unique Implication Points) on the implication graph. Those schemes reflect only the conflict on the current search subspace, does not reflect the inherent conflict directly involved in the rest space. In this paper, we propose a new advanced clause learning algorithm based on the conflict analysis and the logical deduction, which reconstructs a linear logical deduction by analyzing the relationship of different decision variables between the backjumping level and the current decision level. The logical deduction result is then added into the clause database as a newly learnt clause. The resulting implementation in Minisat improves the state-of-the-art performance in SAT solving
Declarative domain-specific languages and applications to network monitoring
Os Sistemas de Detecção de Intrusões em Redes de Computadores são provavelmente
usados desde que existem redes de computadores. Estes sistemas têm como objectivo
monitorizarem o tráfego de rede, procurando anomalias, comportamentos indesejáveis
ou vestígios de ataques conhecidos, por forma a manter utilizadores, dados, máquinas
e serviços seguros, garantindo que as redes de computadores são locais de trabalho
seguros.
Neste trabalho foi desenvolvido um Sistema de Detecção de Intrusões em Redes de
Computadores, chamado NeMODe (NEtwork MOnitoring DEclarative approach), que
fornece mecanismos de detecção baseados em Programação por Restrições, bem como
uma Linguagem Específica de Domínio criada para modelar ataques específicos, usando
para isso metodologias de programação declarativa, permitindo relacionar vários
pacotes de rede e procurar intrusões que se propagam por vários pacotes e ao longo do
tempo.
As principais contribuições do trabalho descrito nesta tese são:
Uma abordagem declarativa aos Sistema de Detecção de Intrusões em Redes
de Computadores, incluindo mecanismos de detecção baseados em Programação
por Restrições, permitindo a detecção de ataques distribuídos ao longo de vários
pacotes e num intervalo de tempo.
Uma Linguagem Específica de Domínio baseada nos conceitos de Programação
por Restrições, usada para descrever os ataques nos quais estamos interessados
em detectar.
Um compilador para a Linguagem Específica de Domínio fornecida pelo sistema
NeMODe, capaz de gerar múltiplos detectores de ataques baseados em Gecode,
Adaptive Search e MiniSat; ### Abstract:
Network Intrusion Detection Systems (NIDSs) are in use probably ever since there
are computer networks, with the purpose of monitoring network traffic looking for
anomalies, undesired behaviors or a trace of known intrusions to keep both users, data,
hosts and services safe, ensuring computer networks are a secure place to work.
In this work, we developed a Network Intrusion Detection System (NIDS) called
NeMODe (NEtwork MOnitoring DEclarative approach), which provides a detection
mechanism based on Constraint Programming (CP) together with a Domain Specific
Language (DSL) crafted to model the specific intrusions using declarative methodologies,
able to relate several network packets and look for intrusions which span several
network packets.
The main contributions of the work described in this thesis are:
A declarative approach to Network Intrusion Detection Systems, including detection
mechanisms based on several Constraint Programming approaches, allowing
the detection of network intrusions which span several network packets and spread
over time.
A Domain Specific Language (DSL) based on Constraint Programming methodologies,
used to describe the network intrusions which we are interested in finding
on the network traffic.
A compiler for the DSL able to generate multiple detection mechanisms based on
Gecode, Adaptive Search and MiniSat
On the Configuration of More and Less Expressive Logic Programs
The decoupling between the representation of a certain problem, i.e., its
knowledge model, and the reasoning side is one of main strong points of
model-based Artificial Intelligence (AI). This allows, e.g. to focus on
improving the reasoning side by having advantages on the whole solving process.
Further, it is also well-known that many solvers are very sensitive to even
syntactic changes in the input. In this paper, we focus on improving the
reasoning side by taking advantages of such sensitivity. We consider two
well-known model-based AI methodologies, SAT and ASP, define a number of
syntactic features that may characterise their inputs, and use automated
configuration tools to reformulate the input formula or program. Results of a
wide experimental analysis involving SAT and ASP domains, taken from respective
competitions, show the different advantages that can be obtained by using input
reformulation and configuration. Under consideration in Theory and Practice of
Logic Programming (TPLP).Comment: Under consideration in Theory and Practice of Logic Programming
(TPLP
Symbolic reactive synthesis
In this thesis, we develop symbolic algorithms for the synthesis of reactive systems. Synthesis, that is the task of deriving correct-by-construction implementations from formal specifications, has the potential to eliminate the need for the manual—and error-prone—programming task. The synthesis problem can be formulated as an infinite two-player game, where the system player has the objective to satisfy the specification against all possible actions of the environment player. The standard synthesis algorithms represent the underlying synthesis game explicitly and, thus, they scale poorly with respect to the size of the specification. We provide an algorithmic framework to solve the synthesis problem symbolically. In contrast to the standard approaches, we use a succinct representation of the synthesis game which leads to improved scalability in terms of the symbolically represented parameters. Our algorithm reduces the synthesis game to the satisfiability problem of quantified Boolean formulas (QBF) and dependency quantified Boolean formulas (DQBF). In the encodings, we use propositional quantification to succinctly represent different parts of the implementation, such as the state space and the transition function. We develop highly optimized satisfiability algorithms for QBF and DQBF. Based on a counterexample-guided abstraction refinement (CEGAR) loop, our algorithms avoid an exponential blow-up by using the structure of the underlying symbolic encodings. Further, we extend the solving algorithms to extract certificates in the form of Boolean functions, from which we construct implementations for the synthesis problem. Our empirical evaluation shows that our symbolic approach significantly outperforms previous explicit synthesis algorithms with respect to scalability and solution quality.In dieser Dissertation werden symbolische Algorithmen für die Synthese von reaktiven Systemen entwickelt. Synthese, d.h. die Aufgabe, aus formalen Spezifikationen korrekte Implementierungen abzuleiten, hat das Potenzial, die manuelle und fehleranfällige Programmierung überflüssig zu machen. Das Syntheseproblem kann als unendliches Zweispielerspiel verstanden werden, bei dem der Systemspieler das Ziel hat, die Spezifikation gegen alle möglichen Handlungen des Umgebungsspielers zu erfüllen. Die Standardsynthesealgorithmen stellen das zugrunde liegende Synthesespiel explizit dar und skalieren daher schlecht in Bezug auf die Größe der Spezifikation. Diese Arbeit präsentiert einen algorithmischen Ansatz, der das Syntheseproblem symbolisch löst. Im Gegensatz zu den Standardansätzen wird eine kompakte Darstellung des Synthesespiels verwendet, die zu einer verbesserten Skalierbarkeit der symbolisch dargestellten Parameter führt. Der Algorithmus reduziert das Synthesespiel auf das Erfüllbarkeitsproblem von quantifizierten booleschen Formeln (QBF) und abhängigkeitsquantifizierten booleschen Formeln (DQBF). In den Kodierungen verwenden wir propositionale Quantifizierung, um verschiedene Teile der Implementierung, wie den Zustandsraum und die Übergangsfunktion, kompakt darzustellen. Wir entwickeln hochoptimierte Erfüllbarkeitsalgorithmen für QBF und DQBF. Basierend auf einer gegenbeispielgeführten Abstraktionsverfeinerungsschleife (CEGAR) vermeiden diese Algorithmen ein exponentielles Blow-up, indem sie die Struktur der zugrunde liegenden symbolischen Kodierungen verwenden. Weiterhin werden die Lösungsalgorithmen um Zertifikate in Form von booleschen Funktionen erweitert, aus denen Implementierungen für das Syntheseproblem abgeleitet werden. Unsere empirische Auswertung zeigt, dass unser symbolischer Ansatz die bisherigen expliziten Synthesealgorithmen in Bezug auf Skalierbarkeit und Lösungsqualität deutlich übertrifft
Parity games : descriptive complexity and algorithms for new solvers
Parity games are 2-person, 0-sum, graph-based, and determined games
that form an important foundational concept in formal methods (see e.g.,
[Zie98]), and their exact computational complexity has been an open problem
for over twenty years now.
In this thesis, we study algorithms that solve parity games in that they
determine which nodes are won by which player, and where such decisions
are supported with winning strategies. We modify and so improve a known
algorithm but also propose new algorithmic approaches to solving parity
games and to understanding their descriptive complexity.
For all of our contributions, we write our own custom frameworks, in the
Scala programming language, to perform tailored experiments and empirical
studies to demonstrate and support our theoretical findings.
First, we improve on one of the solver algorithms, based on small progress
measures [Jur00], by use of concurrency. We show that, for many parity
games, it is possible to deliver extra performance using this technique in a
multi-core environment.
Second, we design algorithms to reduce the computational complexity
of parity games, and create implementations to observe and evaluate the
behaviours of these reductions in our experimental settings. The measure
Rabin index, arising from the design of the said algorithm, is shown to be a
new descriptive complexity for parity games.
Finally, we define a new family of attractors and derive new parity game solvers from them. Although these new solvers are “partial”, in that they
do not solve all parity games completely, our experiments show that they do
solve a set of benchmark games (i.e., games with known structures) designed
to stress test solvers from PGSolver toolkit [FL10] completely, and some of
these partial solvers deliver favourable performance against a known high
performance solver in many circumstances
Variability Bugs in Highly Configurable Systems: A Qualitative Analysis
Variability-sensitive verification pursues effective analysis of the exponentially many variants of a program family. Several variability-aware techniques have been proposed, but researchers still lack examples of concrete bugs induced by variability, occurring in real large-scale systems. A collection of real world bugs is needed to evaluate tool implementations of variability-sensitive analyses by testing them on real bugs. We present a qualitative study of 98 diverse variability bugs (i.e., bugs that occur in some variants and not in others) collected from bug-fixing commits in the Linux, Apache, BusyBox, and Marlin repositories. We analyze each of the bugs, and record the results in a database. For each bug, we create a self-contained simplified version and a simplified patch, in order to help researchers who are not experts on these subject studies to understand them, so that they can use these bugs for evaluation of their tools. In addition, we provide single-function versions of the bugs, which are useful for evaluating intra-procedural analyses. A web-based user interface for the database allows to conveniently browse and visualize the collection of bugs. Our study provides insights into the nature and occurrence of variability bugs in four highly-configurable systems implemented in C/C++, and shows in what ways variability hinders comprehension and the uncovering of software bugs.</jats:p
- …