東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Run-Time Analysis and Security of Mu...

Li, Wen.

Linked to FindBook

Google Book

Amazon

博客來

Run-Time Analysis and Security of Multi-Language Systems.

Record Type:	Electronic resources : Monograph/item
Title/Author:	Run-Time Analysis and Security of Multi-Language Systems./
Author:	Li, Wen.
Published:	Ann Arbor : ProQuest Dissertations & Theses, : 2024,
Description:	167 p.
Notes:	Source: Dissertations Abstracts International, Volume: 85-12, Section: A.
Contained By:	Dissertations Abstracts International85-12A.
Subject:	Computer science. -
Online resource:	https://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=30812250
ISBN:	9798383110232

Run-Time Analysis and Security of Multi-Language Systems.
Li, Wen.

Run-Time Analysis and Security of Multi-Language Systems. - Ann Arbor : ProQuest Dissertations & Theses, 2024 - 167 p.

Source: Dissertations Abstracts International, Volume: 85-12, Section: A.

Thesis (Ph.D.)--Washington State University, 2024.

The contemporary software development landscape has witnessed a widespread integration of diverse programming languages, leveraging the specific advantages of each, such as the efficiency of C and the programmability of Python. This trend finds notable applications in prominent domains, including the Android operating system and advanced machine learning frameworks like PyTorch. However, adopting this multi-language approach has ushered in a series of great challenges for developers, necessitating the identification of robust solutions to tackle potential security vulnerabilities.Traditional techniques such as program analysis and fuzzing, initially designed for single-language software, face limitations in effectively uncovering vulnerabilities in multi-language systems. Program analysis grapples with challenges in comprehending the intricate control and data flows across diverse languages, often resulting in incomplete vulnerability detection. Conversely, greybox fuzzing encounters difficulties adapting to the nuances of various languages, leading to incomplete code coverage and complications in reproducing identified vulnerabilities. The intricacies within runtime systems supporting multilingual software exacerbate the security clearance predicament, as these systems are often constructed using multiple languages. This complexity adds an additional layer of difficulty for conventional security techniques, emphasizing the need for more adaptive and comprehensive approaches tailored to the unique challenges posed by the multifaceted nature of multi-language systems.{A0}Within the scope of my dissertation, I endeavored to tackle the intricate challenges posed by vulnerabilities in multi-language software through a comprehensive and multifaceted approach. This approach entailed conducting extensive empirical investigations into vulnerability susceptibility, facilitating the development of dynamic cross-language information flow analysis. Recognizing the pivotal significance of comprehensive test input coverage, I devised an integrated greybox fuzzing methodology. This innovative approach integrates sensitivity analysis and comprehensive whole-system coverage measurements, significantly enhancing the efficiency of the fuzzing process and vulnerability identification. Furthermore, I focused on fortifying runtime security by proposing a novel two-level collaborative fuzzing framework tailored explicitly for Python language runtime. This contribution was pivotal in reinforcing the software system's foundational safeguards, ensuring a robust defense mechanism against potential security threats.

ISBN: 9798383110232Subjects--Topical Terms:

523869
Computer science.
Subjects--Index Terms:

Fuzzing

Run-Time Analysis and Security of Multi-Language Systems.
LDR:03846nmm a2200421 4500 001 2401873
005 20241022111553.5
006 m o d
007 cr#unu||||||||
008 251215s2024 ||||||||||||||||| ||eng d
020 $a 9798383110232
035 $a (MiAaPQ)AAI30812250
035 $a AAI30812250
035 $a 2401873
040 $a MiAaPQ $c MiAaPQ
100 1 $a Li, Wen. $3 2156571
245 1 0 $a Run-Time Analysis and Security of Multi-Language Systems.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2024
300 $a 167 p.
500 $a Source: Dissertations Abstracts International, Volume: 85-12, Section: A.
500 $a Advisor: Cai, Haipeng.
502 $a Thesis (Ph.D.)--Washington State University, 2024.
520 $a The contemporary software development landscape has witnessed a widespread integration of diverse programming languages, leveraging the specific advantages of each, such as the efficiency of C and the programmability of Python. This trend finds notable applications in prominent domains, including the Android operating system and advanced machine learning frameworks like PyTorch. However, adopting this multi-language approach has ushered in a series of great challenges for developers, necessitating the identification of robust solutions to tackle potential security vulnerabilities.Traditional techniques such as program analysis and fuzzing, initially designed for single-language software, face limitations in effectively uncovering vulnerabilities in multi-language systems. Program analysis grapples with challenges in comprehending the intricate control and data flows across diverse languages, often resulting in incomplete vulnerability detection. Conversely, greybox fuzzing encounters difficulties adapting to the nuances of various languages, leading to incomplete code coverage and complications in reproducing identified vulnerabilities. The intricacies within runtime systems supporting multilingual software exacerbate the security clearance predicament, as these systems are often constructed using multiple languages. This complexity adds an additional layer of difficulty for conventional security techniques, emphasizing the need for more adaptive and comprehensive approaches tailored to the unique challenges posed by the multifaceted nature of multi-language systems.{A0}Within the scope of my dissertation, I endeavored to tackle the intricate challenges posed by vulnerabilities in multi-language software through a comprehensive and multifaceted approach. This approach entailed conducting extensive empirical investigations into vulnerability susceptibility, facilitating the development of dynamic cross-language information flow analysis. Recognizing the pivotal significance of comprehensive test input coverage, I devised an integrated greybox fuzzing methodology. This innovative approach integrates sensitivity analysis and comprehensive whole-system coverage measurements, significantly enhancing the efficiency of the fuzzing process and vulnerability identification. Furthermore, I focused on fortifying runtime security by proposing a novel two-level collaborative fuzzing framework tailored explicitly for Python language runtime. This contribution was pivotal in reinforcing the software system's foundational safeguards, ensuring a robust defense mechanism against potential security threats.
590 $a School code: 0251.
650 4 $a Computer science. $3 523869
650 4 $a Linguistics. $3 524476
650 4 $a Electrical engineering. $3 649834
653 $a Fuzzing
653 $a Multi-language analysis
653 $a Program analysis
653 $a Runtime analysis
653 $a Software security
653 $a Machine learning
690 $a 0984
690 $a 0544
690 $a 0800
690 $a 0290
710 2 $a Washington State University. $b School of Electrical Engineering and Computer Science. $3 3764368
773 0 $t Dissertations Abstracts International $g 85-12A.
790 $a 0251
791 $a Ph.D.
792 $a 2024
793 $a English
856 4 0 $u https://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=30812250