CUP: Comprehensive User-Space Protection for C/C++

Memory corruption vulnerabilities in C/C++ applications enable attackers to execute code, change data, and leak information. Current memory sanitizers do no provide comprehensive coverage of a program's data. In particular, existing tools focus primarily on heap allocations with limited support for stack allocations and globals. Additionally, existing tools focus on the main executable with limited support for system libraries. Further, they suffer from both false positives and false negatives. We present Comprehensive User-Space Protection for C/C++, CUP, an LLVM sanitizer that provides complete spatial and probabilistic temporal memory safety for C/C++ program on 64-bit architectures (with a prototype implementation for x86_64). CUP uses a hybrid metadata scheme that supports all program data including globals, heap, or stack and maintains the ABI. Compared to existing approaches with the NIST Juliet test suite, CUP reduces false negatives by 10x (0.1%) compared to the state of the art LLVM sanitizers, and produces no false positives. CUP instruments all user-space code, including libc and other system libraries, removing them from the trusted code base

Identifying Influential Bloggers: Time Does Matter

Blogs have recently become one of the most favored services on the Web. Many users maintain a blog and write posts to express their opinion, experience and knowledge about a product, an event and every subject of general or specific interest. More users visit blogs to read these posts and comment them. This "participatory journalism" of blogs has such an impact upon the masses that Keller and Berry argued that through blogging "one American in tens tells the other nine how to vote, where to eat and what to buy" \cite{keller1}. Therefore, a significant issue is how to identify such influential bloggers. This problem is very new and the relevant literature lacks sophisticated solutions, but most importantly these solutions have not taken into account temporal aspects for identifying influential bloggers, even though the time is the most critical aspect of the Blogosphere. This article investigates the issue of identifying influential bloggers by proposing two easily computed blogger ranking methods, which incorporate temporal aspects of the blogging activity. Each method is based on a specific metric to score the blogger's posts. The first metric, termed MEIBI, takes into consideration the number of the blog post's inlinks and its comments, along with the publication date of the post. The second metric, MEIBIX, is used to score a blog post according to the number and age of the blog post's inlinks and its comments. These methods are evaluated against the state-of-the-art influential blogger identification method utilizing data collected from a real-world community blog site. The obtained results attest that the new methods are able to better identify significant temporal patterns in the blogging behaviour

Models of Social Groups in Blogosphere Based on Information about Comment Addressees and Sentiments

This work concerns the analysis of number, sizes and other characteristics of groups identified in the blogosphere using a set of models identifying social relations. These models differ regarding identification of social relations, influenced by methods of classifying the addressee of the comments (they are either the post author or the author of a comment on which this comment is directly addressing) and by a sentiment calculated for comments considering the statistics of words present and connotation. The state of a selected blog portal was analyzed in sequential, partly overlapping time intervals. Groups in each interval were identified using a version of the CPM algorithm, on the basis of them, stable groups, existing for at least a minimal assumed duration of time, were identified.Comment: Gliwa B., Ko\'zlak J., Zygmunt A., Models of Social Groups in Blogosphere Based on Information about Comment Addressees and Sentiments, in the K. Aberer et al. (Eds.): SocInfo 2012, LNCS 7710, pp. 475-488, Best Paper Awar

FRAMER: a tagged-pointer capability system with memory safety applications

Security mechanisms for systems programming languages, such as fine-grained memory protection for C/C++, authorize operations at runtime using access rights associated with objects and pointers. The cost of such fine-grained capability-based security models is dominated by metadata updates and lookups, making efficient metadata management the key for minimizing performance impact. Existing approaches reduce metadata management overheads by sacrificing precision, breaking binary compatibility by changing object memory layout, or wasting space with excessive alignment or large shadow memory spaces. We propose FRAMER, a capability framework with object granu- larity. Its sound and deterministic per-object metadata management mechanism enables direct access to metadata by calculating their location from a tagged pointer to the object and a compact sup- plementary table. This may improve the performance of memory safety, type safety, thread safety and garbage collection, or any so- lution that needs to map pointers to metadata. FRAMER improves over previous solutions by simultaneously (1) providing a novel encoding that derives the location of per-object metadata with low memory overhead and without any assumption of objects’ align- ment or size, (2) offering flexibility in metadata placement and size, (3) saving space by removing any padding or re-alignment, and (4) avoiding internal object memory layout changes. We evaluate FRAMER with a use case on memory safety

EffectiveSan: Type and Memory Error Detection using Dynamically Typed C/C++

Low-level programming languages with weak/static type systems, such as C and C++, are vulnerable to errors relating to the misuse of memory at runtime, such as (sub-)object bounds overflows, (re)use-after-free, and type confusion. Such errors account for many security and other undefined behavior bugs for programs written in these languages. In this paper, we introduce the notion of dynamically typed C/C++, which aims to detect such errors by dynamically checking the "effective type" of each object before use at runtime. We also present an implementation of dynamically typed C/C++ in the form of the Effective Type Sanitizer (EffectiveSan). EffectiveSan enforces type and memory safety using a combination of low-fat pointers, type meta data and type/bounds check instrumentation. We evaluate EffectiveSan against the SPEC2006 benchmark suite and the Firefox web browser, and detect several new type and memory errors. We also show that EffectiveSan achieves high compatibility and reasonable overheads for the given error coverage. Finally, we highlight that EffectiveSan is one of only a few tools that can detect sub-object bounds errors, and uses a novel approach (dynamic type checking) to do so.Comment: To appear in the Proceedings of 39th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI2018

Κβαντική αλυσίδα Ising σε ανομοιογενές εγκάρσιο μαγνητικό πεδίο

Οι κβαντικές αλλαγές φάσεις συμβαίνουν σε μηδενική θερμοκρασία καθώς μια μη θερμική παράμετρος του συστήματος μεταβάλλεται. Η συμπεριφορά αυτή οφείλεται στις κβαντικές διακυμάνσεις οι οποίες οδηγούν το σύστημα σε αλλαγή της θεμελιώδους κατάστασης του, με αποτέλεσμα να καταστρέφουν την τάξη μακράς εμβέλειας στο απόλυτο μηδέν. Στην παρούσα εργασία μελετάμε το κβαντικό μοντέλο Ising σε εγκάρσιο μαγνητικό πεδίο στην μια διάσταση το οποίο παρουσιάζει κβαντική αλλαγή φάσης. Ο προσδιορισμός του κρίσιμου σημείου γίνεται με δύο διαφορετικούς τρόπους (i) Διαγωνοποιώντας την Χαμιλτονιανή του συστήματος (ii) Μέσω της απεικόνισης του σε κλασσικό σύστημα, η οποία γίνεται και στην περίπτωση όπου το μαγνητικό πεδίο και οι αλληλεπιδράσεις μεταξύ των spins είναι, εν γένει, διαφορετικές. Τέλος παρουσιάζουμε τα αποτελέσματα προσομοίωσης που έγιναν, μέσω του αλγόριθμου Metropolis, για το δύο διαστάσεων κλασσικό Ising μοντέλο. Συγκεκριμένα προσομοιώσαμε το μοντέλο στην περίπτωση που οι αλληλεπιδράσεις είναι ίδιες κατά τις δύο διευθύνσεις του πλέγματος, ενώ στην περίπτωση των διαφορετικών αλληλεπιδράσεων συγκρίναμε τα αποτελέσματα με την σχέση των Kramers-Wannier.Quantum phase transitions occur at zero temperature by tuning a non-thermal parameter of the system. This behavior is due to quantum fluctuations, which drive the system in change of its ground state, destroying the long range order at absolute zero. At the present thesis we study the one dimensional Ising model in transverse magnetic field which has a quantum phase transition. The quantum critical point is specified in two ways: (i) By the diagonalization of the Hamiltonian (ii) Mapping to a classical system, which is also done for the case where the magnetic field and interactions among spins are, generally, different. Next we present the results of simulations, via the Metropolis algorithm, for the two dimensional Ising classical model. Specifically, we simulate the model in the case of equal interactions in both directions and in the case of different interactions we compare our results with the Kramers-Wannier relation