Doctor of Philosophy

dissertationToday's smartphones house private and confidential data ubiquitously. Mobile apps running on the devices can leak sensitive information by accident or intentionally. To understand application behaviors before running a program, we need to statically analyze it, tracking what data are accessed, where sensitive data ow, and what operations are performed with the data. However, automated identification of malicious behaviors in Android apps is challenging: First, there is a primary challenge in analyzing object-oriented programs precisely, soundly and efficiently, especially in the presence of exceptions. Second, there is an Android-specific challenge|asynchronous execution of multiple entry points. Third, the maliciousness of any given behavior is application-dependent and subject to human judgment. In this work, I develop a generic, highly precise static analysis of object-oriented code with multiple entry points, on which I construct an eective malware identification system with a human in the loop. Specically, I develop a new analysis-pushdown exception-ow analysis, to generalize the analysis of normal control flows and exceptional flows in object-oriented programs. To rene points-to information, I generalize abstract garbage collection to object-oriented programs and enhance it with liveness analysis for even better precision. To tackle Android-specic challenges, I develop multientry point saturation to approximate the eect of arbitrary asynchronous events. To apply the analysis techniques to security, I develop a static taint- ow analysis to track and propagate tainted sensitive data in the push-down exception-flow framework. To accelerate the speed of static analysis, I develop a compact and ecient encoding scheme, called G odel hashes, and integrate it into the analysis framework. All the techniques are realized and evaluated in a system, named AnaDroid. AnaDroid is designed with a human in the loop to specify analysis conguration, properties of interest and then to make the nal judgment and identify where the maliciousness is, based on analysis results. The analysis results include control- ow graphs highlighting suspiciousness, permission and risk-ranking reports. The experiments show that AnaDroid can lead to precise and fast identication of common classes of Android malware

Pruning, Pushdown Exception-Flow Analysis

Statically reasoning in the presence of exceptions and about the effects of exceptions is challenging: exception-flows are mutually determined by traditional control-flow and points-to analyses. We tackle the challenge of analyzing exception-flows from two angles. First, from the angle of pruning control-flows (both normal and exceptional), we derive a pushdown framework for an object-oriented language with full-featured exceptions. Unlike traditional analyses, it allows precise matching of throwers to catchers. Second, from the angle of pruning points-to information, we generalize abstract garbage collection to object-oriented programs and enhance it with liveness analysis. We then seamlessly weave the techniques into enhanced reachability computation, yielding highly precise exception-flow analysis, without becoming intractable, even for large applications. We evaluate our pruned, pushdown exception-flow analysis, comparing it with an established analysis on large scale standard Java benchmarks. The results show that our analysis significantly improves analysis precision over traditional analysis within a reasonable analysis time.Comment: 14th IEEE International Working Conference on Source Code Analysis and Manipulatio

Sound and Precise Malware Analysis for Android via Pushdown Reachability and Entry-Point Saturation

We present Anadroid, a static malware analysis framework for Android apps. Anadroid exploits two techniques to soundly raise precision: (1) it uses a pushdown system to precisely model dynamically dispatched interprocedural and exception-driven control-flow; (2) it uses Entry-Point Saturation (EPS) to soundly approximate all possible interleavings of asynchronous entry points in Android applications. (It also integrates static taint-flow analysis and least permissions analysis to expand the class of malicious behaviors which it can catch.) Anadroid provides rich user interface support for human analysts which must ultimately rule on the "maliciousness" of a behavior. To demonstrate the effectiveness of Anadroid's malware analysis, we had teams of analysts analyze a challenge suite of 52 Android applications released as part of the Auto- mated Program Analysis for Cybersecurity (APAC) DARPA program. The first team analyzed the apps using a ver- sion of Anadroid that uses traditional (finite-state-machine-based) control-flow-analysis found in existing malware analysis tools; the second team analyzed the apps using a version of Anadroid that uses our enhanced pushdown-based control-flow-analysis. We measured machine analysis time, human analyst time, and their accuracy in flagging malicious applications. With pushdown analysis, we found statistically significant (p < 0.05) decreases in time: from 85 minutes per app to 35 minutes per app in human plus machine analysis time; and statistically significant (p < 0.05) increases in accuracy with the pushdown-driven analyzer: from 71% correct identification to 95% correct identification.Comment: Appears in 3rd Annual ACM CCS workshop on Security and Privacy in SmartPhones and Mobile Devices (SPSM'13), Berlin, Germany, 201

Fast Flow Analysis with Godel Hashes

Abstract—Flow analysis, such as control-flow, data-flow, and exception-flow analysis, usually depends on relational operations on flow sets. Unfortunately, set related operations, such as inclusion and equality, are usually very expensive. They can easily take more than 97 % of the total analyzing time, even in a very simple analysis. We attack this performance bottleneck by proposing Gödel hashes to enable fast and precise flow analysis. Gödel hashes is an ultra compact, partial-order-preserving, fast and perfect hashing mechanism, inspired by the proofs of Gödel’s incompleteness theorems. Compared with array-, tree-, traditional hash-, and bit vector-backed set implementations, we find Gödel hashes to be tens or even hundreds of times faster for performance in the critical operations of inclusion and equality. We apply Gödel hashes in real-world analysis for object-oriented programs. The instrumented analysis is tens of times faster than the one with original data structures on DaCapo benchmarks. I

Significance of logistic regression scoring model based on natural killer cell-mediated cytotoxic pathway in the diagnosis of colon cancer

BackgroundThe poor clinical accuracy to predict the survival of colon cancer patients is associated with a high incidence rate and a poor 3-year survival rate. This study aimed to identify the poor prognostic biomarkers of colon cancer from natural killer cell-mediated cytotoxic pathway (NKCP), and establish a logistical regression scoring model to predict its prognosis.MethodsBased on the expressions and methylations of NKCP-related genes (NRGs) and the clinical information, dimensionality reduction screening was performed to establish a logistic regression scoring model to predict survival and prognosis. Risk score, clinical stage, and ULBP2 were used to establish a logistic regression scoring model to classify the 3-year survival period and compare with each other. Comparison of survival, tumor mutation burden (TMB), estimation of immune invasion, and prediction of chemotherapeutic drug IC50 were performed between low- and high-risk score groups.ResultsThis study found that ULBP2 was significantly overexpressed in colon cancer tissues and colon cancer cell lines. The logistic regression scoring model was established to include six statistically significant features: S = 1.70 × stage – 9.32 × cg06543087 + 6.19 × cg25848557 + 1.29 × IFNA1 + 0.048 × age + 4.37 × cg21370856 − 8.93, which was used to calculate risk score of each sample. The risk scores, clinical stage, and ULBP2 were classified into three-year survival, the 3-year prediction accuracy based on 10-fold cross-validation was 80.17%, 67.24, and 59.48%, respectively. The survival time of low-risk score group was better than that of the high-risk score group. Moreover, compared to high-risk score group, low-risk score group had lower TMB [2.20/MB (log10) vs. 2.34/MB (log10)], higher infiltration score of M0 macrophages (0.17 vs. 0.14), and lower mean IC50 value of oxaliplatin (3.65 vs 3.78) (p &lt; 0.05).ConclusionsThe significantly upregulated ULBP2 was a poor prognostic biomarker of colon cancer. The risk score based on the six-feature logistic regression model can effectively predict the 3-year survival time. High-risk score group demonstrated a poorer prognosis, higher TMB, lower M0 macrophage infiltration score, and higher IC50 value of oxaliplatin. The six-feature logistic scoring model has certain clinical significance in colon cancer

Macrophage Migration Inhibitory Factor as a Chaperone Inhibiting Accumulation of Misfolded SOD1

SummaryMutations in superoxide dismutase (SOD1) cause amyotrophic lateral sclerosis (ALS), a neurodegenerative disease characterized by loss of motor neurons and accompanied by accumulation of misfolded SOD1 onto the cytoplasmic faces of intracellular organelles, including mitochondria and the endoplasmic reticulum (ER). Using inhibition of misfolded SOD1 deposition onto mitochondria as an assay, a chaperone activity abundant in nonneuronal tissues is now purified and identified to be the multifunctional macrophage migration inhibitory factor (MIF), whose activities include an ATP-independent protein folding chaperone. Purified MIF is shown to directly inhibit mutant SOD1 misfolding. Elevating MIF in neuronal cells suppresses accumulation of misfolded SOD1 and its association with mitochondria and the ER and extends survival of mutant SOD1-expressing motor neurons. Accumulated MIF protein is identified to be low in motor neurons, implicating correspondingly low chaperone activity as a component of vulnerability to mutant SOD1 misfolding and supporting therapies to enhance intracellular MIF chaperone activity

Extensive Crosstalk between O-GlcNAcylation and Phosphorylation Regulates Akt Signaling

O-linked N-acetylglucosamine glycosylations (O-GlcNAc) and O-linked phosphorylations (O-phosphate), as two important types of post-translational modifications, often occur on the same protein and bear a reciprocal relationship. In addition to the well documented phosphorylations that control Akt activity, Akt also undergoes O-GlcNAcylation, but the interplay between these two modifications and the biological significance remain unclear, largely due to the technique challenges. Here, we applied a two-step analytic approach composed of the O-GlcNAc immunoenrichment and subsequent O-phosphate immunodetection. Such an easy method enabled us to visualize endogenous glycosylated and phosphorylated Akt subpopulations in parallel and observed the inhibitory effect of Akt O-GlcNAcylations on its phosphorylation. Further studies utilizing mass spectrometry and mutagenesis approaches showed that O-GlcNAcylations at Thr 305 and Thr 312 inhibited Akt phosphorylation at Thr 308 via disrupting the interaction between Akt and PDK1. The impaired Akt activation in turn resulted in the compromised biological functions of Akt, as evidenced by suppressed cell proliferation and migration capabilities. Together, this study revealed an extensive crosstalk between O-GlcNAcylations and phosphorylations of Akt and demonstrated O-GlcNAcylation as a new regulatory modification for Akt signaling

Introduced through poetry translation or not? Recontextualizing avant-garde nature of Chinese new poetry from the perspective of cosmopolitanism

AbstractTranslation could function as an act of epistemological force of intrusion into the domestic poetic paradigm amid cross-cultural encounter. Chinese New Poetry at the early 20th century featuring Chinese national avant-garde spirit, worked a poetic paradigm shift against classical Chinese poetry, which was in alignment with Chinese Vernacular Movement and the May Fourth New Literature Movement. The inheritance of the traditional Chinese cultural treasure combined with the appropriated forms of foreign poems in creating Chinese New Poetry has contributed to promoting Chinese vernacular language from the periphery to the centre in China’s society then. The paper offers a re-examination of the critical role of the translations of foreign poems in promoting Chinese New Poetry in the early 20th century. It argues that Chinese New Poetry is a hybridized poetic genre with avant-garde spirit encapsulated in the globalization process, challenging the traditional conceptualization of Chinese poetry and reenergizing Chinese poetic prosperity. The intense interactions with the cultural foreignness via the translational activities have helped Chinese New Poetry towards a direction of modernity and openness. By drawing on the cosmopolitanism perspective, the paper relates the dialectic relationship between poetry translation with the genesis of Chinese New Poetry to the wider context of world literature