Abstract program slicing on dependence condition graph

Abstract Many slicing techniques have been proposed based on the traditional Program Dependence Graph (PDG) representation. In traditional PDGs, the notion of dependency between statements is based on syntactic presence of a variable in the definition of another variable or on a conditional expression. Mastroeni and Zanardini first introduced the notion of semanticsbased data dependency, both at concrete and abstract domains, that helps in converting the traditional syntactic PDGs into more refined semanticsbased (abstract) PDGs by disregarding some false dependences from them. As a result, the slicing techniques based on these semantics-based (abstract) PDGs result into more precise slices. In this paper, we strictly improve this approach by (i) introducing the notion of semantic relevancy of statements, and (ii) combining it with conditional dependency. This allows us to transform syntactic PDGs into semantics-based (abstract) Dependence Condition Graphs (DCGs) that enable to identify the conditions for dependences between program points

K-Taint: an executable rewriting logic semantics for taint analysis in the K framework

The K framework is a rewrite logic-based framework for defining programming language semantics suitable for formal reasoning about programs and programming languages. In this paper, we present K-Taint, a rewriting logic-based executable semantics in the K framework for taint analysis of an imperative programming language. Our K semantics can be seen as a sound approximation of programs semantics in the corresponding security type domain. More specifically, as a foundation to this objective, we extend to the case of taint analysis the semantically sound flow-sensitive security type system by Hunt and Sands's, considering a support to the interprocedural analysis as well. With respect to the existing methods, K-Taint supports context- and flow-sensitive analysis, reduces false alarms, and provides a scalable solution. Experimental evaluation on several benchmark codes demonstrates encouraging results as an improvement in the precision of the analysis.This work is partially supported by the research grant (SB/FTP/ETA-315/2013) from the Science and Engineering Research Board (SERB), Department of Science and Technology, Government of India

Combining symbolic and numerical domains for information leakage analysis

We introduce an abstract domain for information-flow analysis of software. The proposal combines variable dependency analysis with numerical abstractions, yielding to accuracy and efficiency improvements. We apply the full power of the proposal to the case of database query languages as well. Finally, we present an implementation of the analysis, called Sails, as an instance of a generic static analyzer. Keeping the modular construction of the analysis, the tool allows one to tune the granularity of heap analysis and to choose the numerical domain involved in the reduced product. This way the user can tune the information leakage analysis at dierent levels of precision and efficiency

An internet-based IP protection scheme for circuit designs using linear feedback shift register (LFSR)-based locking

Abstract—Due to emerging trend of design reuse in VLSI circuits, the intellectual property (IP) of design faces serious challenges like forgery, theft, misappropriation etc. These in-creasing risks of design IP stored in design repositories, or the threat of hacking the same during its Internet-based trans-mission, mandates design file encryption and its appropriate watermarking. In this paper, we propose a novel Internet-based scheme to tackle this problem. Input to the proposed scheme is a generic graph corresponding to a digital system design. Watermarking of the graph and its encryption are achieved using a new linear feedback shift register(LFSR)-based locking scheme. The proposed scheme makes unauthorized disclosure of valuable designs almost infeasible, and can easily detect any alteration of the design file during transmission. It ensures authentication of the original designer as well as non-repudiation between the seller and the buyer. Empirical evidences on several well-known benchmark problem sets are encouraging. Index Terms—Intellectual property protection (IPP), Water-marking, Encryption, Decryption

Extending Abstract Interpretation to Dependency Analysis of Database Applications

Dependency information (data- and/or control-dependencies) among program variables and program statements is playing crucial roles in a wide range of software-engineering activities, e.g. program slicing, information flow security analysis, debugging, code-optimization, code-reuse, code-understanding. Most existing dependency analyzers focus on mainstream languages and they do not support database applications embedding queries and data-manipulation commands. The first extension to the languages for relational database management systems, proposed by Willmor et al. in 2004, suffers from the lack of precision in the analysis primarily due to its syntax-based computation and flow insensitivity. Since then no significant contribution is found in this research direction. This paper extends the Abstract Interpretation framework for static dependency analysis of database applications, providing a semantics-based computation tunable with respect to precision. More specifically, we instantiate dependency computation by using various relational and non-relational abstract domains, yielding to a detailed comparative analysis with respect to precision and efficiency. Finally, we present a prototype semDDA, a semantics-based Database Dependency Analyzer integrated with various abstract domains, and we present experimental evaluation results to establish the effectiveness of our approach. We show an improvement of the precision on an average of 6% in the interval, 11% in the octagon, 21% in the polyhedra and 7% in the powerset of intervals abstract domains, as compared to their syntax-based counterpart, for the chosen set of Java Server Page (JSP)-based open-source database-driven web applications as part of the GotoCode project

Tailored design of NKT-stimulatory glycolipids for polarization of immune responses

Natural killer T (NKT) cell is a distinct population of T lymphocytes that can rapidly release massive amount of Th1 and Th2 cytokines upon the engagement of their T cell receptor with glycolipids presented by CD1d. The secreted cytokines can promote cell-mediated immunity to kill tumor cells and intracellular pathogens, or suppress autoreactive immune cells in autoimmune diseases. Thus, NKT cell is an attractive target for developing new therapeutics to manipulate immune system. The best-known glycolipid to activate NKT cells is α-galactosylceramide (α-GalCer), which has been used as a prototype for designing new NKT stimulatory glycolipids. Many analogues have been generated by modification of the galactosyl moiety, the acyl chain or the phytosphingosine chain of α-GalCer. Some of the analogues showed greater abilities than α-GalCer in polarizing immune responses toward Th1 or Th2 dominance. Among them, several analogues containing phenyl groups in the lipid tails were more potent in inducing Th1-skewed cytokines and exhibited greater anticancer efficacy than α-GalCer. Analyses of the correlation between structure and activity of various α-GalCer analogues on the activation of iNKT cell revealed that CD1d–glycolipid complexes interacted with the same population of iNKT cell expressing similar T-cell receptor Vβ as α-GalCer. On the other hand, those phenyl glycolipids with propensity for Th1 dominant responses showed greater binding avidity and stability than α-GalCer for iNKT T-cell receptor when complexed with CD1d. Thus, it is the avidity and stability of the ternary complexes of CD1d-glycolipid-iNKT TCR that dictate the polarity and potency of immune responses. These findings provide a key to the rationale design of immune modulating glycolipids with desirable Th1/Th2 polarity for clinical application. In addition, elucidation of α-GalCer-induced anergy, liver damage and accumulation of myeloid derived suppressor cells has offered explanation for its lacklustre anti-cancer activities in clinical trials. On other hand, the lack of such drawbacks in glycolipid analogues containing phenyl groups in the lipid tails of α-GalCer coupled with the greater binding avidity and stability of CD1d-glycolipid complex for iNKT T-cell receptor, account for their superior anti-cancer efficacy in tumor bearing mice. Further clinical development of these phenyl glycolipids is warranted

Multiple novel prostate cancer susceptibility signals identified by fine-mapping of known risk loci among Europeans

Genome-wide association studies (GWAS) have identified numerous common prostate cancer (PrCa) susceptibility loci. We have fine-mapped 64 GWAS regions known at the conclusion of the iCOGS study using large-scale genotyping and imputation in 25 723 PrCa cases and 26 274 controls of European ancestry. We detected evidence for multiple independent signals at 16 regions, 12 of which contained additional newly identified significant associations. A single signal comprising a spectrum of correlated variation was observed at 39 regions; 35 of which are now described by a novel more significantly associated lead SNP, while the originally reported variant remained as the lead SNP only in 4 regions. We also confirmed two association signals in Europeans that had been previously reported only in East-Asian GWAS. Based on statistical evidence and linkage disequilibrium (LD) structure, we have curated and narrowed down the list of the most likely candidate causal variants for each region. Functional annotation using data from ENCODE filtered for PrCa cell lines and eQTL analysis demonstrated significant enrichment for overlap with bio-features within this set. By incorporating the novel risk variants identified here alongside the refined data for existing association signals, we estimate that these loci now explain ∼38.9% of the familial relative risk of PrCa, an 8.9% improvement over the previously reported GWAS tag SNPs. This suggests that a significant fraction of the heritability of PrCa may have been hidden during the discovery phase of GWAS, in particular due to the presence of multiple independent signals within the same regio

Obfuscation-based analysis of sql injection attacks

Abstract—In this paper, we propose an obfuscation/deobfuscation based technique to detect the presence of possible SQL Injection Attacks (SQLIA) in a query before submitting it to a DBMS. This technique combines static and dynamic analysis. In the static phase, the queries in the application are replaced by queries in obfuscated form. The main idea behind obfuscation is to isolate all the atomic formulas from other control elements of the query. During the dynamic phase, the user inputs are merged into the obfuscated atomic formulas, and the dynamic verifier analysis the presence of possible SQLIA at atomic formula level. Finally, a deobfuscation step is performed to recover the original query before submitting it to the DBMS. Keywords-SQL Injection Attack; Obfuscation; Deobfuscation; I