scholarly journals Control flow driven splitting of loop nests at the source code level

2003 ◽  
Author(s):  
H. Falk ◽  
P. Marwedel
Keyword(s):  
Source Code ◽  
Control Flow ◽  
Loop Nests

scholarly journals Control Flow Driven Splitting of Loop Nests at the Source Code Level

2005 ◽  
pp. 215-229
Author(s):  
Heiko Falk ◽  
Peter Marwedel ◽  
Francky Catthoor
Keyword(s):  
Source Code ◽  
Control Flow ◽  
Loop Nests

scholarly journals An Android Inline Hooking Framework for the Securing Transmitted Data

Sensors ◽  
2020 ◽  
Vol 20 (15) ◽  
pp. 4201
Author(s):  
Yu-an Tan ◽  
Shuo Feng ◽  
Xiaochun Cheng ◽  
Yuanzhang Li ◽  
Jun Zheng
Keyword(s):  
Source Code ◽  
Control Flow ◽  
Security Policies ◽  
Unauthorized Access ◽  
Shared Objects ◽  
Android Applications ◽  
Runtime Performance ◽  
And Control

Information leaks can occur through many Android applications, including unauthorized access to sensors data. Hooking is an important technique for protecting Android applications and add security features to them even without its source code. Various hooking frameworks are developed to intercept events and process their own specific events. The hooking tools for Java methods are varied, however, the native hook has few methods. Besides, the commonly used Android hook frameworks cannot meet the requirement of hooking the native methods in shared libraries on non-root devices. Even though some approaches are able to hook these methods, they have limitations or are complicated to implement. In the paper, a feasible hooking approach for Android native methods is proposed and implemented, which does not need any modifications to both the Android framework and app’s code. In this approach, the method’s reference address is modified and control flow is redirected. Beyond that, this study combines this approach with VirtualXposed which aims to run it without root privileges. This hooking framework can be used to enforce security policies and monitor sensitive methods in shared objects. The evaluation of the scheme demonstrates its capability to perform hook operation without a significant runtime performance overhead on real devices and it is compatible and functional for the native hook.

scholarly journals A Context-Aware Neural Embedding for Function-Level Vulnerability Detection

Algorithms ◽  
2021 ◽  
Vol 14 (11) ◽  
pp. 335
Author(s):  
Hongwei Wei ◽  
Guanjun Lin ◽  
Lin Li ◽  
Heming Jia
Keyword(s):  
Data Flow ◽  
Short Term Memory ◽  
Source Code ◽  
Control Flow ◽  
Language Models ◽  
Software Systems ◽  
Support Vector ◽  
Context Aware ◽  
Vulnerability Detection ◽  
Feature Representations

Exploitable vulnerabilities in software systems are major security concerns. To date, machine learning (ML) based solutions have been proposed to automate and accelerate the detection of vulnerabilities. Most ML techniques aim to isolate a unit of source code, be it a line or a function, as being vulnerable. We argue that a code segment is vulnerable if it exists in certain semantic contexts, such as the control flow and data flow; therefore, it is important for the detection to be context aware. In this paper, we evaluate the performance of mainstream word embedding techniques in the scenario of software vulnerability detection. Based on the evaluation, we propose a supervised framework leveraging pre-trained context-aware embeddings from language models (ELMo) to capture deep contextual representations, further summarized by a bidirectional long short-term memory (Bi-LSTM) layer for learning long-range code dependency. The framework takes directly a source code function as an input and produces corresponding function embeddings, which can be treated as feature sets for conventional ML classifiers. Experimental results showed that the proposed framework yielded the best performance in its downstream detection tasks. Using the feature representations generated by our framework, random forest and support vector machine outperformed four baseline systems on our data sets, demonstrating that the framework incorporated with ELMo can effectively capture the vulnerable data flow patterns and facilitate the vulnerability detection task.

Maximizing control flow concurrency in BPMN workflow models through syntactic means

2018 ◽  
Vol 24 (2) ◽  
pp. 357-383 ◽  
Author(s):  
Wai Yin Mok
Keyword(s):  
Polynomial Time ◽  
Process Model ◽  
Source Code ◽  
Real Life ◽  
Control Flow ◽  
Code Optimization ◽  
Design Phase ◽  
Modeling Tools ◽  
Content Type ◽  
Polynomial Time Algorithms

Purpose Concurrency is a desirable property that enhances workflow efficiency. The purpose of this paper is to propose six polynomial-time algorithms that collectively maximize control flow concurrency for Business Process Model and Notation (BPMN) workflow models. The proposed algorithms perform model-level transformations on a BPMN model during the design phase of the model, thereby improving the workflow model’s execution efficiency. Design/methodology/approach The approach is similar to source code optimization, which solely works with syntactic means. The first step makes implicit synchronizations of interdependent concurrent control flows explicit by adding parallel gateways. After that, every control flow can proceed asynchronously. The next step then generates an equivalent sequence of execution hierarchies for every control flow such that they collectively provide maximum concurrency for the control flow. As a whole, the proposed algorithms add a valuable feature to a BPMN modeling tool to maximize control flow concurrency. Findings In addition, this paper introduces the concept of control flow independence, which is a user-determined semantic property of BPMN models that cannot be obtained by any syntactic means. But, if control flow independence holds in a BPMN model, the model’s determinism is guaranteed. As a result, the proposed algorithms output a model that can be proved to be equivalent to the original model. Originality/value This paper adds value to BPMN modeling tools by providing polynomial-time algorithms that collectively maximize control flow concurrency in a BPMN model during the design phase of the model. As a result, the model’s execution efficiency will increase. Similar to source code optimization, these algorithms perform model-level transformations on a BPMN model through syntactic means; and the transformations performed to each control flow are guaranteed to be equivalent to the control flow. Furthermore, a case study on a real-life new employee preparation process is provided to demonstrate the proposed algorithms’ usefulness on increasing the process’s execution efficiency.

scholarly journals Hybrid Obfuscation Using Signals and Encryption

2018 ◽  
Vol 2018 ◽  
pp. 1-6
Author(s):  
Bahare Hashemzade ◽  
Ali Maroosi
Keyword(s):  
Software Security ◽  
Source Code ◽  
Control Flow ◽  
Control Flow Graph ◽  
High Complexity ◽  
Flow Graph ◽  
Normal Code ◽  
Ambiguous Data ◽  
Signal Method ◽  
A Performance

Obfuscation of software and data is one of the subcategories of software security. Hence, the outlines of the obfuscation problem and its various methods have been studied in this article. This paper proposes a hybrid of two signals and encryption obfuscation to hide the behaviour program and prevent reconstruction of the normal code by hackers. The usual signal method is strong enough for obfuscation, but its problem is the high complexity because of a lot of call and return instructions. In this study, a new dispatcher was added to the source code to reconstruct the original control flow graph from the hidden one to solve the problem of the signal method. This dispatcher code is encrypted to preclude access by the hacker. In this paper, the potency that makes the obfuscation strong has been increased and the resilience that makes the obfuscation poor has been decreased. The results of a comparison of the similarity among the ambiguous data with its original code and with available efficient methods present a performance advantage of the proposed hybrid obfuscation algorithm.

Technique of Javascript Code Obfuscation Based on Control Flow Tansformations

2014 ◽  
Vol 519-520 ◽  
pp. 391-394
Author(s):  
Zhi Yue Wang ◽  
Wei Min Wu
Keyword(s):  
Rapid Development ◽  
Source Code ◽  
Control Flow ◽  
Experimental Results ◽  
Web Development ◽  
Code Obfuscation ◽  
Scripting Language ◽  
Commercial Applications

With the rapid development of scripting language, javascript has been widely used in the application and web development industry.One of the main disadvantages of javascript for developers of commercial applications is the ease by which customers and competitors can study, analyze, and reuse the source code . Therefore, this paper proposes a technique of javascript code obfuscation based on control flow tansformations. The experimental results prove that,its effective protect javascript source code.

scholarly journals Constructing program animations using a pattern based approach

2007 ◽  
Vol 4 (2) ◽  
pp. 97-114 ◽  
Author(s):  
da Cruz ◽  
Rangel Henriques ◽  
João Varanda
Keyword(s):  
Source Code ◽  
Program Comprehension ◽  
Control Flow ◽  
Rule Base ◽  
Program Execution ◽  
Source Program ◽  
Visualization Of Data ◽  
And Control ◽  
Compiler Techniques ◽  
Rewriting Rules

The aim of this paper is to discuss how our pattern-based strategy for the visualization of data and control flow can effectively be used to animate the program and exhibit its behavior. That result allows us to propose its use for Program Comprehension. The animator uses well known compiler techniques to inspect the source code in order to extract the necessary information to visualize it and understand program execution. We convert the source program into an internal decorated (or attributed) abstract syntax tree and then we visualize the structure by traversing it, and applying visualization rules at each node according to a pre-defined rule-base. In order to calculate the next step in the program execution, a set of rewriting rules are applied to the tree. The visualization of this new tree is shown and the program animation is constructed using an iterative process. No changes are made in the source code, and the execution is simulated step by step. Several examples of visualization are shown to illustrate the approach and support our idea of applying it in the context of a Program Comprehension environment.

scholarly journals Automatic migration from synchronous to asynchronous JavaScript APIs

2021 ◽  
Vol 5 (OOPSLA) ◽  
pp. 1-27
Author(s):  
Satyajit Gokhale ◽  
Alexi Turcotte ◽  
Frank Tip
Keyword(s):  
Static Analysis ◽  
Source Code ◽  
Empirical Evaluation ◽  
Control Flow ◽  
Behavioral Changes ◽  
Call Graph ◽  
Sequential Control ◽  
Application Programming ◽  
Programming Interfaces ◽  
Higher Order Functions

The JavaScript ecosystem provides equivalent synchronous and asynchronous Application Programming Interfaces (APIs) for many commonly used I/O operations. Synchronous APIs involve straightforward sequential control flow that makes them easy to use and understand, but their "blocking" behavior may result in poor responsiveness or performance. Asynchronous APIs impose a higher syntactic burden that relies on callbacks, promises, and higher-order functions. On the other hand, their nonblocking behavior enables applications to scale better and remain responsive while I/O requests are being processed. While it is generally understood that asynchronous APIs have better performance characteristics, many applications still rely on synchronous APIs. In this paper, we present a refactoring technique for assisting programmers with the migration from synchronous to asynchronous APIs. The technique relies on static analysis to determine where calls to synchronous API functions can be replaced with their asynchronous counterparts, relying on JavaScript's async/await feature to minimize disruption to the source code. Since the static analysis is potentially unsound, the proposed refactorings are presented as suggestions that must be reviewed and confirmed by the programmer. The technique was implemented in a tool named Desynchronizer. In an empirical evaluation on 12 subject applications containing 316 synchronous API calls, Desynchronizer identified 256 of these as candidates for refactoring. Of these candidates, 244 were transformed successfully, and only 12 resulted in behavioral changes. Further inspection of these cases revealed that the majority of these issues can be attributed to unsoundness in the call graph.

Non-Trivial Software Clone Detection Using Program Dependency Graph

2017 ◽  
Vol 8 (2) ◽  
pp. 1-24 ◽  
Author(s):  
Pratiksha Gautam ◽  
Hemraj Saini
Keyword(s):  
Source Code ◽  
Hybrid Approach ◽  
Dependency Graph ◽  
Control Flow ◽  
Control Flow Graph ◽  
Code Clones ◽  
Levels Of Abstraction ◽  
Flow Graph ◽  
Program Dependence Graph ◽  
Basic Blocks

Code clones are copied fragments that occur at different levels of abstraction and may have different origins in a software system. This article presents an approach which shows the significant parts of source code. Further, by using significant parts of a source code, a control flow graph can be generated. This control flow graph represents the statements of a code/program in the form of basic blocks or nodes and the edges represent the control flow between those basic blocks. A hybrid approach, named the Program Dependence Graph (PDG) is also presented in this article for the detection of non-trivial code clones. The program dependency graph approach consists of two approaches as a control dependency graph and a data dependency graph. The control dependency graph is generated by using a control flow graph. This article proposes an approach which can easily generate control flow graphs and by using control flow graph and reduced flowgraph approach, the trivial software clone, a similar textual structure, can be detected.The proposed approach is based on a tokenization concept.

Sign in / Sign up

Export Citation Format

Share Document