Pushdown Control-Flow Analysis for Free

Traditional control-flow analysis (CFA) for higher-order languages, whether implemented by constraint-solving or abstract interpretation, introduces spurious connections between callers and callees. Two distinct invocations of a function will necessarily pollute one another's return-flow. Recently, three distinct approaches have been published which provide perfect call-stack precision in a computable manner: CFA2, PDCFA, and AAC. Unfortunately, CFA2 and PDCFA are difficult to implement and require significant engineering effort. Furthermore, all three are computationally expensive; for a monovariant analysis, CFA2 is in $O(2^n)$, PDCFA is in $O(n^6)$, and AAC is in $O(n^9 log n)$. In this paper, we describe a new technique that builds on these but is both straightforward to implement and computationally inexpensive. The crucial insight is an unusual state-dependent allocation strategy for the addresses of continuation. Our technique imposes only a constant-factor overhead on the underlying analysis and, with monovariance, costs only O(n3) in the worst case. This paper presents the intuitions behind this development, a proof of the precision of this analysis, and benchmarks demonstrating its efficacy.Comment: in Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 201

Sound and Precise Malware Analysis for Android via Pushdown Reachability and Entry-Point Saturation

We present Anadroid, a static malware analysis framework for Android apps. Anadroid exploits two techniques to soundly raise precision: (1) it uses a pushdown system to precisely model dynamically dispatched interprocedural and exception-driven control-flow; (2) it uses Entry-Point Saturation (EPS) to soundly approximate all possible interleavings of asynchronous entry points in Android applications. (It also integrates static taint-flow analysis and least permissions analysis to expand the class of malicious behaviors which it can catch.) Anadroid provides rich user interface support for human analysts which must ultimately rule on the "maliciousness" of a behavior. To demonstrate the effectiveness of Anadroid's malware analysis, we had teams of analysts analyze a challenge suite of 52 Android applications released as part of the Auto- mated Program Analysis for Cybersecurity (APAC) DARPA program. The first team analyzed the apps using a ver- sion of Anadroid that uses traditional (finite-state-machine-based) control-flow-analysis found in existing malware analysis tools; the second team analyzed the apps using a version of Anadroid that uses our enhanced pushdown-based control-flow-analysis. We measured machine analysis time, human analyst time, and their accuracy in flagging malicious applications. With pushdown analysis, we found statistically significant (p < 0.05) decreases in time: from 85 minutes per app to 35 minutes per app in human plus machine analysis time; and statistically significant (p < 0.05) increases in accuracy with the pushdown-driven analyzer: from 71% correct identification to 95% correct identification.Comment: Appears in 3rd Annual ACM CCS workshop on Security and Privacy in SmartPhones and Mobile Devices (SPSM'13), Berlin, Germany, 201

Doctor of Philosophy in Computer Science

dissertationControl-flow analysis of higher-order languages is a difficult problem, yet an important one. It aids in enabling optimizations, improved reliability, and improved security of programs written in these languages. This dissertation explores three techniques to improve the precision and speed of a small-step abstract interpreter: using a priority work list, environment unrolling, and strong function call. In an abstract interpreter, the interpreter is no longer deterministic and choices can be made in how the abstract state space is explored and trade-offs exist. A priority queue is one option. There are also many ways to abstract the concrete interpreter. Environment unrolling gives a slightly different approach than is usually taken, by holding off abstraction in order to gain precision, which can lead to a faster analysis. Strong function call is an approach to clean up some of the imprecision when making a function call that is introduced when abstractly interpreting a program. An alternative approach to building an abstract interpreter to perform static analysis is through the use of constraint solving. Existing techniques to do this have been developed over the last several decades. This dissertation maps these constraints to three different problems, allowing control-flow analysis of higher-order languages to be solved with tools that are already mature and well developed. The control-flow problem is mapped to pointer analysis of first-order languages, SAT, and linear-algebra operations. These mappings allow for fast and parallel implementations of control-flow analysis of higher-order languages. A recent development in the field of static analysis has been pushdown control-flow analysis, which is able to precisely match calls and returns, a weakness in the existing techniques. This dissertation also provides an encoding of pushdown control-flow analysis to linear-algebra operations. In the process, it demonstrates that under certain conditions (monovariance and flow insensitivity) that in terms of precision, a pushdown control-flow analysis is in fact equivalent to a direct style constraint-based formulation

Infusing Factor Viii-Expressing Platelets Or Megakaryocytes As A Novel Therapeutic Strategy For Hemophilia A

Approximately 1:5000 males have the most common inherited form of severe bleeding, hemophilia A, a deficiency of functional coagulation factor VIII. Patients with severe hemophilia A suffer from recurrent bleeding with significant morbidity and mortality with 20-30% of these patients developing antibodies to infused Factor (F) VIII therapy. One area of on-going research for treatments for these patients is ectopically expressing FVIII in megakaryocytes and platelets. This FVIII, termed pFVIII, is stored in alpha granules of platelets and is capable of restoring hemostasis in FVIIInull mice, even in the presence of circulating inhibitors. pFVIII has been proposed to be used for gene therapy for patients with hemophilia A, intractable inhibitors, and life-threatening bleeds. However, prior studies by us have shown that high levels of pFVIII can injure developing megakaryocytes. Combined with the known risk of prolonged thrombocytopenia following bone marrow transplantation, this may limit its utility of this strategy. Because of these limitations, we now propose an alternative therapeutic pFVIII strategy of infusing pFVIII-expressing megakaryocytes or platelets. We envision that such a product would be generated beginning with induced-pluripotent stem cells (iPSCs). iPSC-derived megakaryocytes, termed iMks, that are modified to express pFVIII may then be used to improved hemostasis in problematic inhibitor patients with hemophilia A. As proof-of-principle, we demonstrate that improved hemostasis can be achieved in vitro and in vivo with human pFVIII-expressing murine platelet. Infusion of such platelets can provide several days of improved hemostasis in FVIIInull mice. They were effective in the presence of inhibitors, and the efficacy of pFVIII was enhanced by recombinant factor VIIa. Human pFVIII-expressing iMks also improved hemostasis in vitro and derived platelets from infused human pFVIII-iMks improved hemostasis in FVIIInull mice. These studies indicate the potential therapeutic use of recurrent pFVIII-expressing megakaryocyte or platelet infusions with prolonged hemostatic coverage that may be additive with present-day bypassing agents in hemophilia A patients with clinically relevant neutralizing inhibitors

The Unwatched Pot

From the inside out: The staff of the Gell-Mann Zweig Library are going through it. Edith, who had been transferred to another branch has just been transferred back and promoted, bumping their ex, Augustine, down a step. On their first day back, Edith ends up turning their contentious ongoing flirtationship with Heidi, a different co-worker, into… something else. Meanwhile, both Green and Heidi’s chronic nightmares have taken a turn for the strange devolving into encoded messages and countdowns. And Felix is there. Doing his best. Slowly but surely the five of them are going to have to grapple with the nature of their existence and the fact that it very well may be coming to an end. From the outside in: The Server is up for potential termination due to its lackluster results in an ongoing study of five rogue AI. As a final measure, the server’s creators, the observers, are shutting off observation for the next 60 days in hopes of a change, praying the old adage, “the watched pot never boils over,” will come through

Wickline v. State: The Emerging Liability of Third Party Health Care Payors

This Comment examines the issue of liability of third party health care payors in light of the decision in Wickline v. State. The author argues that third party payor liability for modern medicine is experiencing a tension that revolves around the need for quality medical care and the concurrent problem of the rising cost of medical services. The author further argues that third party payors are being pressured by California courts to provide carefully designed benefit programs that allow physicians to make quality health care decisions without having to worry about the payment source of additional costs. The author assesses the effect of third party payor liability for poor health care, and attempts to determine whether its cost outweighs its benefit

To Free a Family: The Journey of Mary Walker

Investigating a Family’s Unique History To Free a Family, by Sydney Nathans, is that rare find: an untold story of the antebellum world, reconstructed by sleuthing and persisting over time. Nathans’s search began with his discovery of a wrenching letter, written in 1859, from on...

The Real Wheat Question

n/

The Code of Honor; or Rules for the Government of Principals and Seconds in Duelling

The Code of Honor lays out the rules and duties of the principal participants of a duel as well as their seconds. Chapter titles include: The Person Insulted, Before Challenge Sent, Second\u27s Duty Before Challenge Sent, Duty of Challengee and His Second Before Fighting, and Duty of Principals and Seconds on the Ground. The author, John Lyde Wilson (1784-1849) was a lawyer, politician and the 49th governor of South Carolina serving from 1822 to 1824.https://digitalcommons.winthrop.edu/rarebooks/1008/thumbnail.jp

For The Good of Association: The Call-and-Response Communication Ethics of the Early NAACP

This dissertation is an exploration of the formation of the National Association for the Advancement of Colored People (NAACP), from the standpoint of communication studies. In particular, this dissertation is based on the research of several crucial, communicative artifacts, including: “The Call” penned by William English Walling; the addresses, speeches, and the panel discussion of the Negro National Conference; and the editorial of the first issue The Crisis magazine. The contention is that the communication of the NAACP was catalyzed by a communication ethic, nominated as call-and-response communication ethics. Therefore, this dissertation elucidates the four practices of call-and-response communication ethics: Provocation, convocation, evocation, and “polyvocation” and it announces the implications of call-and-reponse communication ethics for this current historical moment