A compiler level intermediate representation based binary analysis system and its applications

Analyzing and optimizing programs from their executables has received a lot of attention recently in the research community. There has been a tremendous amount of activity in executable-level research targeting varied applications such as security vulnerability analysis, untrusted code analysis, malware analysis, program testing, and binary optimizations. The vision of this dissertation is to advance the field of static analysis of executables and bridge the gap between source-level analysis and executable analysis. The main thesis of this work is scalable static binary rewriting and analysis using compiler-level intermediate representation without relying on the presence of metadata information such as debug or symbolic information. In spite of a significant overlap in the overall goals of several source-code methods and executables-level techniques, several sophisticated transformations that are well-understood and implemented in source-level infrastructures have yet to become available in executable frameworks. It is a well known fact that a standalone executable without any meta data is less amenable to analysis than the source code. Nonetheless, we believe that one of the prime reasons behind the limitations of existing executable frameworks is that current executable frameworks define their own intermediate representations (IR) which are significantly more constrained than an IR used in a compiler. Intermediate representations used in existing binary frameworks lack high level features like abstract stack, variables, and symbols and are even machine dependent in some cases. This severely limits the application of well-understood compiler transformations to executables and necessitates new research to make them applicable. In the first part of this dissertation, we present techniques to convert the binaries to the same high-level intermediate representation that compilers use. We propose methods to segment the flat address space in an executable containing undifferentiated blocks of memory. We demonstrate the inadequacy of existing variable identification methods for their promotion to symbols and present our methods for symbol promotion. We also present methods to convert the physically addressed stack in an executable to an abstract stack. The proposed methods are practical since they do not employ symbolic, relocation, or debug information which are usually absent in deployed executables. We have integrated our techniques with a prototype x86 binary framework called \emph{SecondWrite} that uses LLVM as the IR. The robustness of the framework is demonstrated by handling executables totaling more than a million lines of source-code, including several real world programs. In the next part of this work, we demonstrate that several well-known source-level analysis frameworks such as symbolic analysis have limited effectiveness in the executable domain since executables typically lack higher-level semantics such as program variables. The IR should have a precise memory abstraction for an analysis to effectively reason about memory operations. Our first work of recovering a compiler-level representation addresses this limitation by recovering several higher-level semantics information from executables. In the next part of this work, we propose methods to handle the scenarios when such semantics cannot be recovered. First, we propose a hybrid static-dynamic mechanism for recovering a precise and correct memory model in executables in presence of executable-specific artifacts such as indirect control transfers. Next, the enhanced memory model is employed to define a novel symbolic analysis framework for executables that can perform the same types of program analysis as source-level tools. Frameworks hitherto fail to simultaneously maintain the properties of correct representation and precise memory model and ignore memory-allocated variables while defining symbolic analysis mechanisms. We exemplify that our framework is robust, efficient and it significantly improves the performance of various traditional analyses like global value numbering, alias analysis and dependence analysis for executables. Finally, the underlying representation and analysis framework is employed for two separate applications. First, the framework is extended to define a novel static analysis framework, \emph{DemandFlow}, for identifying information flow security violations in program executables. Unlike existing static vulnerability detection methods for executables, DemandFlow analyzes memory locations in addition to symbols, thus improving the precision of the analysis. DemandFlow proposes a novel demand-driven mechanism to identify and precisely analyze only those program locations and memory accesses which are relevant to a vulnerability, thus enhancing scalability. DemandFlow uncovers six previously undiscovered format string and directory traversal vulnerabilities in popular ftp and internet relay chat clients. Next, the framework is extended to implement a platform-specific optimization for embedded processors. Several embedded systems provide the facility of locking one or more lines in the cache. We devise the first method in literature that employs instruction cache locking as a mechanism for improving the average-case run-time of general embedded applications. We demonstrate that the optimal solution for instruction cache locking can be obtained in polynomial time. Since our scheme is implemented inside a binary framework, it successfully addresses the portability concern by enabling the implementation of cache locking at the time of deployment when all the details of the memory hierarchy are available

Thermomagnetic convection in stratified ferrofluids permeated with dusty particles through a porous medium

In the present note, the stability problem of an incompressible dusty stratified ferromagnetic fluid is investigated through a porous medium when the fluid layer is subjected to vertical magnetic field intensity. The governing nonlinear equations are linearized using perturbation technique and the cases of exponentially varying stratifications for various physical parameters are discussed. The system is found to be stable for stable stratification in both the absence and presence of magnetic field. For unstable stratification, the system has both stabilizing and destabilizing effects in the presence of magnetic field under certain conditions, whereas in the absence of magnetic field, the system has only destabilizing effect. The variations in the growth rate with respect to kinematic viscosity, medium porosity, medium permeability, square of Alfvén velocity and suspended particle parameter are also shown analytically

Hypokalemic Quadriparesis Associated with Dengue: A Case Series

Dengue is an important viral cause of febrile illness in tropical and subtropical regions. Manifestations may range from an asymptomatic infection to life threatening hemorrhagic fever and shock syndrome. Neurological presentations of this disease are rare. Here, we are presenting a case series of three confirmedcases of dengue fever with hypokalemic paralysis presenting as acute pure motor reversible quadriparesis. A clinician should keep dengue virus associated hypokalemic paralysis in mind while dealing with a case of fever with quadriparesis

Retrofitting Security in COTS Software with Binary Rewriting

We present a practical tool for inserting security features against low-level software attacks into third-party, proprietary or otherwise binary-only software. We are motivated by the inability of software users to select and use low-overhead protection schemes when source code is unavailable to them, by the lack of information as to what (if any) security mechanisms software producers have used in their toolchains, and the high overhead and inaccuracy of solutions that treat software as a black box. Our approach is based on SecondWrite, an advanced binary rewriter that operates without need for debugging information or other assist. Using SecondWrite, we insert a variety of defenses into program binaries. Although the defenses are generally well known, they have not generally been used together because they are implemented by different (non-integrated) tools. We are also the first to demonstrate the use of such mechanisms in the absence of source code availability. We experimentally evaluate the effectiveness and performance impact of our approach. We show that it stops all variants of low-level software attacks at a very low performance overhead, without impacting original program functionality

Applying Dijkstras Algorithm in Routing Process

Network is defined as a combination of two or more nodes which are connected with each other. It allows nodes to exchange data from each other along the data connections. Routing is a process of finding the path between source and destination upon request of data transmission. There are various routing algorithms which helps in determining the path and distance over the network traffic. For routing of nodes, we can use many routing protocols. Dijkstrarsquos algorithm is one of the best shortest path search algorithms. Our focus and aim is to find the shortest path from source node to destination node. For finding the minimum path this algorithm uses the connection matrix and weight matrix Thus, a matrix consisting of paths from source node to each node is formed. We then choose a column of destination from path matrix formed and we get the shortest path. In a similar way, we choose a column from a mindis matrix for finding the minimum distance from source node to destination node. It has been applied in computer networking for routing of systems and in google maps to find the shortest possible path from one location to another location.nbs

Evaluation of antioxidant potential of alcoholic stem bark extracts of Bauhinia variegata Linn.

The present study was carried out for the evaluation of in-vitro antioxidant potential of alcoholic stem bark (ALSB) extract of Bauhinia variegata Linn. Dried stem bark extract of B. variegata Linn. was screened to evaluate its free radical scavenging effect. Various methods like DPPH assay, reducing power assay, percentage scavenging activity of hydrogen peroxide and superoxide radical scavenging activity were used for screening in-vitro antioxidant potential. Antioxidant potentials were concentration dependent which were compared with standard antioxidants such as butylated hydroxyanisole (BHA) and ascorbic acid. The maximum scavenging effect of B. variegata Linn. alcoholic stem bark extract on  DPPH free radical, superoxide radical and hydrogen peroxide was 72.19 + 0.20, 81.60 + 0.22 and 76.06 + 0.16 respectively at a concentration of 2500 ?g/mL.  It was clearly indicated that the alcoholic extract of the stem bark has significant in vitro antioxidant activity. Currently available synthetic antioxidants like butylated hydroxyanisole (BHA), butylated hydroxyl toluene (BHT), Ascorbic acid and gallic acid appear to be associated with hepatotoxicity and many others negative health effects. Therefore, natural antioxidants may be preferred over the synthetic antioxidants

A non-interventional, prospective, multicentric real life Indian study to assess safety and effectiveness of un-denatured type 2 collagen in management of osteoarthritis

Background: Osteoarthritis (OA) is the most common musculoskeletal condition affecting the quality of life. Undenatured collagen type II has emerged as one of the promising treatment options in treatment of OA. Despite being available in India, clinical safety and efficacy have not been evaluated. We performed a non-interventional, real-life study to determine its safety and efficacy in Indian population.Methods: A non-interventional, real-life study was performed in patients with OA of knee by 18 orthopaedicians in India. Patients enrolled were followed-up at day 30 (visit 2), day 60 (visit 3) and day 90 (visit 4). Efficacy was assessed by Western Ontario McMaster Osteoarthritis Index (WOMAC) and Visual Analogue scale (VAS) on each visit. Safety was assessed by incidence of suspected adverse events (AEs), and abnormal laboratory parameters.Results: Among 291 enrolled patients 226 patients completed the study. Mean age of the population was 56.2±8.7 years and 53.3% of them were females. In 291 patients included in safety analysis, at least one treatment emergent adverse event (TEAE) was seen in 4.47% patients. None of the AEs were serious or resulted in termination of patient from the study. Nausea (1.37%) and headache (1.03%) were the common AEs. Treatment with undenatured collagen type II was associated with significant reduction in WOMAC score (p<0.0001) and VAS scores (p<0.0001) from baseline to day 90.Conclusions: Undenatured collagen type II is safe and efficacious in Indian patients with OA. This can be considered early in the initial management of OA

Fingerprinting of Sahaj Vati, additive for natural lovastatin production

The lovastatin has been used in hypercholesterolemia and heart diseases for therapeutic as well as preventative purposes and it is naturally obtained from filamentous fungi such as Aspergillus through biotechnological approach. The additives in fungal media which enhances the fungal growth should also increase the production of lovastatin. Finger printing of Sahaj Vati, a herbo-mineral formulation comprising mixture of Plumbago zeylanica, Curcuma longa, Shilajeet, Commiphora mukul and Clerodendrum phlomidis powder to be added in medium for fungal growth. The fungal growth activity of both batches of Sahaj Vati was tested for fungal isolate of A. flavus by contact measure through hyphal development restraint test utilizing Potato dextrose agar (PDA) and SMKY medium followed by chromatographic and different techniques for standardization. Sahaj Vati has lower antifungal index & increased the fungal biomass and separation of compound was higher in mobile phase Benzene: Ethyl acetate: Pyridine: 5:4.9:0.1 & Hexane: Chloroform: Pyridine: 2.7:1. Sahaj Vati increased the growth and biomass of A. flauvs which may be used for natural production of lovastatin

Evaluation of computerized health management information system for primary health care in rural India

<p>Abstract</p> <p>Background</p> <p>The Comprehensive Rural Health Services Project Ballabgarh, run by All India Institute of Medical Sciences (AIIMS), New Delhi has a computerized Health Management Information System (HMIS) since 1988. The HMIS at Ballabgarh has undergone evolution and is currently in its third version which uses generic and open source software. This study was conducted to evaluate the effectiveness of a computerized Health Management Information System in rural health system in India.</p> <p>Methods</p> <p>The data for evaluation were collected by in-depth interviews of the stakeholders i.e. program managers (authors) and health workers. Health Workers from AIIMS and Non-AIIMS Primary Health Centers were interviewed to compare the manual with computerized HMIS. A cost comparison between the two methods was carried out based on market costs. The resource utilization for both manual and computerized HMIS was identified based on workers' interviews.</p> <p>Results</p> <p>There have been no major hardware problems in use of computerized HMIS. More than 95% of data was found to be accurate. Health workers acknowledge the usefulness of HMIS in service delivery, data storage, generation of workplans and reports. For program managers, it provides a better tool for monitoring and supervision and data management. The initial cost incurred in computerization of two Primary Health Centers was estimated to be Indian National Rupee (INR) 1674,217 (USD 35,622). Equivalent annual incremental cost of capital items was estimated as INR 198,017 (USD 4213). The annual savings is around INR 894,283 (USD 11,924).</p> <p>Conclusion</p> <p>The major advantage of computerization has been in saving of time of health workers in record keeping and report generation. The initial capital costs of computerization can be recovered within two years of implementation if the system is fully operational. Computerization has enabled implementation of a good system for service delivery, monitoring and supervision.</p

A multi-targeted approach to suppress tumor-promoting inflammation

Cancers harbor significant genetic heterogeneity and patterns of relapse following many therapies are due to evolved resistance to treatment. While efforts have been made to combine targeted therapies, significant levels of toxicity have stymied efforts to effectively treat cancer with multi-drug combinations using currently approved therapeutics. We discuss the relationship between tumor-promoting inflammation and cancer as part of a larger effort to develop a broad-spectrum therapeutic approach aimed at a wide range of targets to address this heterogeneity. Specifically, macrophage migration inhibitory factor, cyclooxygenase-2, transcription factor nuclear factor-κB, tumor necrosis factor alpha, inducible nitric oxide synthase, protein kinase B, and CXC chemokines are reviewed as important antiinflammatory targets while curcumin, resveratrol, epigallocatechin gallate, genistein, lycopene, and anthocyanins are reviewed as low-cost, low toxicity means by which these targets might all be reached simultaneously. Future translational work will need to assess the resulting synergies of rationally designed antiinflammatory mixtures (employing low-toxicity constituents), and then combine this with similar approaches targeting the most important pathways across the range of cancer hallmark phenotypes