138 research outputs found
Delegating Responsibility
Delegating Responsibility explores the politics of migration in the European Union and explains how the EU responded to the 2015–17 refugee crisis. Based on 86 interviews and fieldwork in Greece and Italy, Nicholas R. Micinski proposes a new theory of international cooperation on international migration. States approach migration policies in many ways—such as coordination, collaboration, subcontracting, and unilateralism—but which policy they choose is based on capacity and on credible partners on the ground. Micinski traces the fifty-year evolution of EU migration management, like border security and asylum policies, and shows how EU officials used “crises” as political leverage to further Europeanize migration governance. In two in-depth case studies, he explains how Italy and Greece responded to the most recent refugee crisis. He concludes with a discussion of policy recommendations regarding contemporary as well as long-term aspirations for migration management in the EU
Higher-Order, Data-Parallel Structured Deduction
State-of-the-art Datalog engines include expressive features such as ADTs
(structured heap values), stratified aggregation and negation, various
primitive operations, and the opportunity for further extension using FFIs.
Current parallelization approaches for state-of-art Datalogs target
shared-memory locking data-structures using conventional multi-threading, or
use the map-reduce model for distributed computing. Furthermore, current
state-of-art approaches cannot scale to formal systems which pervasively
manipulate structured data due to their lack of indexing for structured data
stored in the heap.
In this paper, we describe a new approach to data-parallel structured
deduction that involves a key semantic extension of Datalog to permit
first-class facts and higher-order relations via defunctionalization, an
implementation approach that enables parallelism uniformly both across sets of
disjoint facts and over individual facts with nested structure. We detail a
core language, , whose key invariant (subfact closure) ensures that each
subfact is materialized as a top-class fact. We extend to Slog, a
fully-featured language whose forms facilitate leveraging subfact closure to
rapidly implement expressive, high-performance formal systems. We demonstrate
Slog by building a family of control-flow analyses from abstract machines,
systematically, along with several implementations of classical type systems
(such as STLC and LF). We performed experiments on EC2, Azure, and ALCF's Theta
at up to 1000 threads, showing orders-of-magnitude scalability improvements
versus competing state-of-art systems
INTERACTION-BASED SECURITY FOR MOBILE APPS
Mobile operating systems pervade our modern lives. Security and privacy is of particular concern on these systems, as they have access to a wide range of sensitive resources. Apps access these sensitive resources to help users perform tasks. However, apps may use these sensitive resources in a way that the user does not expect. For example, an app may look up reviews of restaurants nearby, but also leak the user’s location to an ad service every hour.
I claim that interaction serves as a valuable component of security decisions, because the user’s interaction with the app’s user interface (UI) deeply informs their mental model of how apps access sensitive data. I introduce the notion of interaction-based security, wherein security decisions are driven by this interaction.
To help understand and enforce interaction-based security, I present four pieces of work. The first is Redexer, which performs binary instrumentation of off-the-shelf Android binaries. Binary instrumentation is a useful tool for enforcing and studying security properties. I demonstrate one example of how Redexer can be used to study location privacy in apps.
Android permissions constrain how data enters apps, but do not constrain how the information is used or where it goes. Information-flow allows us to formally define what it means for data to leak from applications, but it is unclear how to use information-flow policies for Android apps, because apps frequently declassify information. I define interaction-based declassification policies, and show how they can be used to define policies for several example apps. I then implement a symbolic executor which checks Android apps to ensure they respect these policies.
Next, I test the hypothesis that the app’s UI influences security decisions. I outline an app study that measures when apps use sensitive resources with respect to their UI. I then conduct a user study to measure how an app’s UI influences their expectation that a sensitive resource will be accessed. I find that interactivity plays a large role in determining user expectation of sensitive resource use, and that apps largely access sensitive resources interactively. I also find that users may not always understand background uses of these sensitive resources and using them expectation requires special care in some circumstances.
Last, I present a tool which can help a security auditor quickly understand how apps use resources. My tool uses a novel combination of app logging, symbolic execution, and abstract interpretation to infer a formula that holds on each per- mission use. I evaluate my tool on several moderately-sized apps and show that it infers the same formulas we laboriously found by hand
Algorithm of iterative transformation for effective modules of multicomponent isotropic composite
We consider the effective modules of Voigt, Reiss for isotropic elastic composites. We have reformed the method for constructing iterative transformation of the upper and lower estimates of fork (Voigt-Reuss) towards two-component composite in case of an arbitrary number of components. The method is based on the fact that effective modules of Voigt and Reuss can be regarded as elementary symmetric functions introduced by Gauss. The conditions, which the iteratively – transformed efficient modules must fulfill at every iteration, are shown
Algorithm of constructing hybrid effective modules for elastic isotropic composites
The algorithm of constructing of new effective elastic characteristics of two-component composites based on the superposition of the models of Reiss and Voigt, Hashin and Strikman, as well as models of the geometric average for effective modules. These effective characteristics are inside forks Voigt and Reiss. Additionally, the calculations of the stress-strain state of composite structures with new effective characteristics give more accurate prediction than classical models do
SymDroid: Symbolic Execution for Dalvik Bytecode
Apps on Google's Android mobile device platform are written in Java, but are compiled to a special bytecode language called Dalvik. In this paper, we introduce SymDroid, a symbolic executor that operates directly on Dalvik bytecode. SymDroid begins by first translating Dalvik into mu-Dalvik, a simpler language that has only 16 instructions, in contrast to Dalvik's more than 200 instructions. We present a formalism for SymDroid's symbolic executor, which can be described with a small number of operational semantics rules; this semantics may be of independent interest. In addition to modeling bytecode instructions, SymDroid also contains models of some key portions of the Android platform, including libraries and the platform's lifecycle control code. We evaluated SymDroid in two ways. First, we ran it on the Android Compatibility Test Suite, and found it passed all tests except ones that used library or system routines we have not yet implemented. On this test suite, SymDroid runs about twice as slow as the Dalvik VM, and about twice as fast as the Java VM. Second, we used SymDroid to discover the (path) conditions under which contacts may be accessed on an Android app, and found it was able to do so successfully. These results suggest that SymDroid, while still a prototype, is a promising first step in enabling direct, precise analysis of Android apps
Synthesizing framework models for symbolic execution
Symbolic execution is a powerful program analysis technique, but it is difficult to apply to programs built using frameworks such as Swing and Android, because the framework code itself is hard to symbolically execute. The standard solution is to manually create a framework model that can be symbolically executed, but developing and maintaining a model is difficult and error-prone. In this paper, we present Pasket, a new system that takes a first step toward automatically generating Java framework models to support symbolic execution. Pasket's focus is on creating models by instantiating design patterns. Pasket takes as input class, method, and type information from the framework API, together with tutorial programs that exercise the framework. From these artifacts and Pasket's internal knowledge of design patterns, Pasket synthesizes a framework model whose behavior on the tutorial programs matches that of the original framework. We evaluated Pasket by synthesizing models for subsets of Swing and Android. Our results show that the models derived by Pasket are sufficient to allow us to use off-the-shelf symbolic execution tools to analyze Java programs that rely on frameworks.National Science Foundation (U.S.) (CCF-1139021)National Science Foundation (U.S.) (CCF-1139056)National Science Foundation (U.S.) (CCF-1161775
- …