Fast Summary-based Whole-program Analysis to Identify Unsafe Memory Accesses in Rust

Rust is one of the most promising systems programming languages to fundamentally solve the memory safety issues that have plagued low-level software for over forty years. However, to accommodate the scenarios where Rust's type rules might be too restrictive for certain systems programming and where programmers opt for performance over security checks, Rust opens security escape hatches allowing writing unsafe source code or calling unsafe libraries. Consequently, unsafe Rust code and directly-linked unsafe foreign libraries may not only introduce memory safety violations themselves but also compromise the entire program as they run in the same monolithic address space as the safe Rust. This problem can be mitigated by isolating unsafe memory objects (those accessed by unsafe code) and sandboxing memory accesses to the unsafe memory. One category of prior work utilizes existing program analysis frameworks on LLVM IR to identify unsafe memory objects and accesses. However, they suffer the limitations of prolonged analysis time and low precision. In this paper, we tackled these two challenges using summary-based whole-program analysis on Rust's MIR. The summary-based analysis computes information on demand so as to save analysis time. Performing analysis on Rust's MIR exploits the rich high-level type information inherent to Rust, which is unavailable in LLVM IR. This manuscript is a preliminary study of ongoing research. We have prototyped a whole-program analysis for identifying both unsafe heap allocations and memory accesses to those unsafe heap objects. We reported the overhead and the efficacy of the analysis in this paper

DroidAnalytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware

Abstract—Smartphones and mobile devices are rapidly becoming indispensable devices for many users. Unfortunately, they also become fertile grounds for hackers to deploy malware. There is an urgent need to have a “security analytic & forensic system ” which can facilitate analysts to examine, dissect, associate and correlate large number of mobile applications. An effective analytic system needs to address the following questions: How to automatically collect and manage a high volume of mobile malware? How to analyze a zeroday suspicious application, and compare or associate it with existing malware families in the database? How to reveal similar malicious logic in various malware, and to quickly identify the new malicious code segment? In this paper, we present the design and implementation of DroidAnalytics, a signature based analytic system to automatically collect, manage, analyze and extract android malware. The system facilitates analysts to retrieve, associate and reveal malicious logics at the “opcode level”. We demonstrate the efficacy of DroidAnalytics using 150,368 Android applications, and successfully determine 2,494 Android malware from 102 different families, with 342 of them being zero-day malware samples from six different families. To the best of our knowledge, this is the first reported case in showing such a large Android malware analysis/detection. The evaluation shows the DroidAnalytics is a valuable tool and is effective in analyzing malware repackaging and mutations. I

DroidTrace: A Ptrace Based Android Dynamic Analysis System with Forward Execution Capability

Abstract—Android, being an open source smartphone operating system, enjoys a large community of developers who create new mobile services and applications. However, it also attracts malware writers to exploit Android devices in order to distribute malicious apps in the wild. In fact, Android malware are becoming more sophisticated and they use advanced “dynamic loading ” techniques like Java reflection or native code execution to bypass security detection. To detect dynamic loading, one has to use dynamic analysis. Currently, there are only a handful of Android dynamic analysis tools available, and they all have shortcomings in detecting dynamic loading. The aim of this paper is to design and implement a dynamic analysis system which allows analysts to perform systematic analysis of dynamic payloads with malicious behaviors. We propose “DroidTrace”, a ptrace based dynamic analysis system with forward execution capability. Our system uses ptrace to monitor selected system calls of the target process which is running the dynamic payloads, and classifies the payloads behaviors through the system call sequence, e.g., behaviors such as file access, network connection, inter-process communication and even privilege escalation. Also, DroidTrace performs “physical modification ” to trigger different dynamic loading behaviors within an app. Using DroidTrace, we carry out a large scale analysis on 36,170 dynamic payloads in 50,000 apps and 294 malware in 10 families (four of them are zero-day) with various dynamic loading behaviors. I

Frequency Regulation of Electric Vehicle Aggregator Considering User Requirements with Limited Data Collection

High penetration of renewable energy in the power grid causes serious frequency deviations. Large-scale integrations of electric vehicles (EVs) in the power grid provide considerable vehicle-to-grid potential for frequency regulation. Existing frequency regulation strategies with aggregated EVs realize accurate power control that relies on complete information interaction between the EV aggregator and individual EVs. However, the data collection for all EV parameters is not applicable due to privacy protection and the limited communication environment. Considering the limited data collection from grid-connected EVs, this paper provides a novel frequency regulation strategy and tends to address the uncertain influence from EV users’ charging requirements, the EV aggregator’s power regulation, and the frequency regulation performance. Firstly, considering the influence of the limited data collection by EVs on the users’ requirement of traveling and regulation preference, a probabilistic evaluation model for the available regulation capacity of the EV aggregator and the probabilistic control method for EVs are developed. Then, a frequency regulation strategy with error correction control and progressive regulation recovery is developed to simultaneously guarantee the system frequency regulation performance and the regulation requirements of EV users. Finally, case studies are carried out to validate the effectiveness of frequency regulation strategy for decreasing the uncertain influence from the limited data collection, ensuring the EV users’ requirements, and improving the system frequency stability

Phenolic Composition and Antioxidant Properties of Different Peach [Prunus persica (L.) Batsch] Cultivars in China

China is an important centre of diversity for Prunus persica. In the present study, 17 Chinese peach cultivars were evaluated for phenolic content and antioxidant activity. Neochlorogenic acid (NCHA), chlorogenic acid (CHA), procyanidin B1 (B1), catechin (CAT), cyanidin-3-O-glucoside (C3G), quercetin-3-O-galactoside (Q3GAL), quercetin-3-O-glucoside (Q3GLU), quercetin-3-O-rutinoside (Q3R), and kaempferol-3-O-rutinoside (K3R) were identified and quantified. CHA and CAT were the predominant components in both the peel and pulp of this fruit. In general, peel extracts showed higher antioxidant activities than the pulp counterparts, consistent with the observed higher phenolic content. The melting peach cultivar “Xinyu” showed the highest antioxidant potency composite (APC) index. The principal component analysis (PCA) of peel phenolics showed a clear distinction between the melting peach and nectarine. Overall, peach cultivars rich in hydroxycinnamates and flavan-3-ols showed relatively higher antioxidant activities and might be excellent sources of phytochemicals and natural antioxidants

Effects of riboflavin/ultraviolet-A scleral collagen cross-linking on regional scleral thickness and expression of MMP-2 and MT1-MMP in myopic guinea pigs

Objective To investigate the effects of scleral collagen cross-linking (SXL) using riboflavin and ultraviolet A (UVA) light on the scleral thickness of different regions and expression of matrix metalloproteinase 2 (MMP-2) and membrane-type MMP-1 (MT1-MMP) in guinea pigs with lens-induced myopia. Methods Forty-eight 4-week-old guinea pigs were assigned to three groups (n = 16 per group): SXL group, lens-induced myopia (LIM) group, and control group. The sclera of the right eye of the guinea pig in the SXL group was surgically exposed, riboflavin was dropped on the treatment area for 10 minutes before the 30-minute UVA irradiation. The same surgical procedure was performed in the LIM group without UVA irradiation. The -10.00 D lenses were then placed on the right eyes of guinea pigs in the SXL and LIM groups for six weeks. The control group received no treatment. The left eyes were untreated in all groups. The ocular axial length (AXL) and refraction were measured at 4 weeks and 10 weeks of age. 10-week-old guinea pigs were sacrificed, and the right eyes were enucleated and evenly divided for preparation of hematoxylin and eosin (HE) stained sections, quantitative real-time polymerase chain reaction (qPCR) and western blotting. The scleral thickness of different regions was measured on HE stained sections. The temporal half of the sclera was harvested to measure the expression of MMP-2 and MT1-MMP by qPCR and western blotting. Results The AXL was significantly shorter, and the degree of myopic refraction was significantly lower in the SXL group than those in the LIM group at 10 weeks of age. The scleral thickness of the cross-linked area was significantly greater in the SXL group than that of the corresponding area in the LIM group, while the scleral thickness of the untreated nasal side was not significantly different between the SXL group and the LIM group. The expression of MMP-2 and MT1-MMP of the cross-linked sclera was significantly downregulated compared with that of the corresponding area in the LIM group. Conclusion Riboflavin/UVA SXL could slow myopia progression and thicken the cross-linked sclera in guinea pigs, which might be related to the downregulation of MMP-2 and MT1-MMP expression during the scleral remodeling process