Peirce's sign theory as an open-source R package.

Throughout Peirce’s writing, we witness his developing vision of a machine that scientists will eventually be able to create. Nadin (2010) raised the question:Why do computer scientists continue to ignore Peirce’s sign theory? A review of the literature on Peirce’s theory and the semiotics machine reveals that many authors discussed the machine;however, they donot differentiate between a physical computer machine and its software. This paper discusses the problematic issues involved in converting Peirce’s theory into a programming language, machine and software application. We demonstrate this challenge by introducing Peirce’s sign theory as a software application that runs under an open-source R environmen

super-Charging Object-Oriented Programming Through Precise Typing of Open Recursion

We present a new variation of object-oriented programming built around three simple and orthogonal constructs: classes for storing object state, interfaces for expressing object types, and mixins for reusing and overriding implementations. We show that the latter can be made uniquely expressive by leveraging a novel feature that we call precisely-typed open recursion. This features uses "this" and "super" annotations to express the requirements of any given partial method implementation on the types of respectively the current object and the inherited definitions. Crucially, the fact that mixins do not introduce types nor subtyping relationships means they can be composed even when the overriding and overridden methods have incomparable types. Together with advanced type inference and structural typing support provided by the MLscript programming language, we show that this enables an elegant and powerful solution to the Expression Problem

Detecting Server-Side Web Applications with Unrestricted File Upload Vulnerabilities

Vulnerable web applications fundamentally undermine website security as they often expose critical infrastructures and sensitive information behind them to potential risks and threats. Web applications with unrestricted file upload vulnerabilities allow attackers to upload a file with malicious code, which can be later executed on the server by attackers to enable various attacks such as information exfiltration, spamming, phishing, and spreading malware. This dissertation presents our research in building two novel frameworks to detect server-side applications vulnerable to unrestricted file uploading attacks. We design the innovative model that holistically characterizes both data and control flows using a graphbased data structure. Such a model makes effortless critical program analysis mechanisms, such as static analysis and constraint modeling. We build the interpreter to model a web program by symbolically interpreting its abstract syntax tree (AST). Our research has led to three complementary systems that can effectively detect unrestricted file uploading vulnerabilities. The first system, namely UChecker, leverages satisfiability modulo theory to perform detection, whereas the second system, namely UFuzzer, detects such vulnerability by intelligently synthesizing code snippets and performing fuzzing. We also proposed the third system to mitigate the challenge of path explosion that the previous two systems suffered and enable a computationally efficient model generation process for large programs. We have deployed all of our systems, namely UGraph, to scan many server-side applications. They have identified 49 vulnerable PHP-based web applications that are previously unknown, including 11 CVEs

Agent-Based Modeling: The Right Mathematics for the Social Sciences?

This study provides a basic introduction to agent-based modeling (ABM) as a powerful blend of classical and constructive mathematics, with a primary focus on its applicability for social science research.� The typical goals of ABM social science researchers are discussed along with the culture-dish nature of their computer experiments. The applicability of ABM for science more generally is also considered, with special attention to physics. Finally, two distinct types of ABM applications are summarized in order to illustrate concretely the duality of ABM: Real-world systems can not only be simulated with verisimilitude using ABM; they can also be efficiently and robustly designed and constructed on the basis of ABM principles. �

Row and Bounded Polymorphism via Disjoint Polymorphism

Polymorphism and subtyping are important features in mainstream OO languages. The most common way to integrate the two is via ?_{< :} style bounded quantification. A closely related mechanism is row polymorphism, which provides an alternative to subtyping, while still enabling many of the same applications. Yet another approach is to have type systems with intersection types and polymorphism. A recent addition to this design space are calculi with disjoint intersection types and disjoint polymorphism. With all these alternatives it is natural to wonder how they are related. This paper provides an answer to this question. We show that disjoint polymorphism can recover forms of both row polymorphism and bounded polymorphism, while retaining key desirable properties, such as type-safety and decidability. Furthermore, we identify the extra power of disjoint polymorphism which enables additional features that cannot be easily encoded in calculi with row polymorphism or bounded quantification alone. Ultimately we expect that our work is useful to inform language designers about the expressive power of those common features, and to simplify implementations and metatheory of feature-rich languages with polymorphism and subtyping

Implementing Built-in Properties for the Java Programming Language

The purpose of this project is to improve the programming experience of using the Java language by implementing properties as a built-in facility. In this project, the Java compiler tool, and the Java documentation tool were modified. In addition, a new Java annotation processor that generates Java BeanInfo source files was created. These new features result in a more productive development environment for the Java programming language