76 research outputs found
Formally Specifying and Proving Operational Aspects of Forensic Lucid in Isabelle
A Forensic Lucid intensional programming language has been proposed for
intensional cyberforensic analysis. In large part, the language is based on
various predecessor and codecessor Lucid dialects bound by the higher-order
intensional logic (HOIL) that is behind them. This work formally specifies the
operational aspects of the Forensic Lucid language and compiles a theory of its
constructs using Isabelle, a proof assistant system.Comment: 23 pages, 3 listings, 3 figures, 1 table, 1 Appendix with theorems,
pp. 76--98. TPHOLs 2008 Emerging Trends Proceedings, August 18-21, Montreal,
Canada. Editors: Otmane Ait Mohamed and Cesar Munoz and Sofiene Tahar. The
individual paper's PDF is at
http://users.encs.concordia.ca/~tphols08/TPHOLs2008/ET/76-98.pd
The use of machine learning with signal- and NLP processing of source code to fingerprint, detect, and classify vulnerabilities and weaknesses with MARFCAT
We present a machine learning approach to static code analysis and
fingerprinting for weaknesses related to security, software engineering, and
others using the open-source MARF framework and the MARFCAT application based
on it for the NIST's SATE2010 static analysis tool exposition workshop found at
http://samate.nist.gov/SATE2010Workshop.htmlComment: 33 pages, 11 tables; some results presented at SATE2010; NIST,
October 2011; shorter version of v5 appears in the NIST technical report at
http://samate.nist.gov/docs/NIST_Special_Publication_500-283.pdf#page=49
where its presentation is found at
http://samate.nist.gov/docs/SATE2010/SATE10_13_Marfcat_Mokhov.pdf and the
MARFCAT OSS release at
http://sourceforge.net/projects/marf/files/Applications/MARFCAT
Intensional Cyberforensics
This work focuses on the application of intensional logic to cyberforensic
analysis and its benefits and difficulties are compared with the
finite-state-automata approach. This work extends the use of the intensional
programming paradigm to the modeling and implementation of a cyberforensics
investigation process with backtracing of event reconstruction, in which
evidence is modeled by multidimensional hierarchical contexts, and proofs or
disproofs of claims are undertaken in an eductive manner of evaluation. This
approach is a practical, context-aware improvement over the finite state
automata (FSA) approach we have seen in previous work. As a base implementation
language model, we use in this approach a new dialect of the Lucid programming
language, called Forensic Lucid, and we focus on defining hierarchical contexts
based on intensional logic for the distributed evaluation of cyberforensic
expressions. We also augment the work with credibility factors surrounding
digital evidence and witness accounts, which have not been previously modeled.
The Forensic Lucid programming language, used for this intensional
cyberforensic analysis, formally presented through its syntax and operational
semantics. In large part, the language is based on its predecessor and
codecessor Lucid dialects, such as GIPL, Indexical Lucid, Lucx, Objective
Lucid, and JOOIP bound by the underlying intensional programming paradigm.Comment: 412 pages, 94 figures, 18 tables, 19 algorithms and listings; PhD
thesis; v2 corrects some typos and refs; also available on Spectrum at
http://spectrum.library.concordia.ca/977460
- …