Dissertation/Thesis Abstract

Elicitation of a Program's Behaviors
by Miles, Craig S., Ph.D., University of Louisiana at Lafayette, 2015, 134; 10002454
Abstract (Summary)

Programmers, software testers, and cyber-security analysts have a need to understand the behaviors that their programs might exhibit. We consider a program's behaviors to be its actions manifesting some effect beyond its own internal state. A program generally exhibits such behaviors by making API calls. One particularly powerful strategy for gaining an understanding of a program's behaviors is to witness their exhibition as the program runs. However, in order to witness a program's behaviors, one must first be able to elicit the program into exhibiting them. In the present work, a method is presented that serves to automatically and efficiently elicit a program into exhibiting many or all of its potential behaviors. The method works by guiding concolic execution towards the control flow paths along which a program's behaviors are more likely to be exhibited. First, an upfront interprocedural data flow analysis is employed to compute how API call statements reach one another and various other program points with respect to the program's control flow. The resulting information is then used to guide the path selection of concolic execution so as to give preference to paths along which more API call statements can be reached. An evaluation of the presented method shows that it more efficiently elicits program behaviors than does usage of non-guided concolic execution. In particular, the percentage increase in API call statements executed using our behavior elicitation method as compared to a common non-guided strategy ranged from 2% up to 287%, with a median percentage gain of 69.74%.

Indexing (document details)
Advisor: Lakhotia, Arun
Commitee: Dasgupta, Subrata, Maida, Anthony, Wu, Hongyi
School: University of Louisiana at Lafayette
Department: Computer Science
School Location: United States -- Louisiana
Source: DAI-B 77/06(E), Dissertation Abstracts International
Subjects: Computer science
Keywords: Concolic execution, Dynamic analysis, Elicitation, Static analysis, Symbolic execution
Publication Number: 10002454
ISBN: 978-1-339-41963-3
Copyright © 2020 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy