skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: PyPANDA: Taming the PANDAmonium of Whole System Dynamic Analysis
When working with real world programs, dynamic analyses often must be run on a whole-system instead of just a single binary. Existing whole-system dynamic analysis platforms generally require analyses to be written in compiled languages, a suboptimal choice for many iterative analysis tasks. Furthermore, these platforms leave analysts with a split view between the behavior of the system under analysis and the analysis itself---in particular the system being analyzed must commonly be controlled manually while analysis scripts are run. To improve this process, we designed and implemented PyPANDA, a Python interface to the PANDA dynamic analysis platform. PyPANDA unifies the gap between guest virtual machines behavior and analysis tasks; enables painless integrations with other program analysis tools; and greatly lowers the barrier of entry to whole-system dynamic analysis. The capabilities of PyPANDA are demonstrated by using it to dynamically evaluate the accuracy of three binary analysis frameworks, track heap allocations across multiple processes, and synchronize state between PANDA and a binary analysis platform. Significant challenges were overcome to integrate a scripting language into PANDA with minimal performance impact.  more » « less
Award ID(s):
1657199
PAR ID:
10251208
Author(s) / Creator(s):
; ; ; ; ;
Date Published:
Journal Name:
NDSS Binary Analysis Research Workshop
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; (, Journal of Low Power Electronics and Applications)
    In this work, we present an efficient Processing in MRAM-Accelerated De Bruijn Graph-based DNA Assembly platform, named PANDA, based on an optimized and hardware-friendly genome assembly algorithm. PANDA is able to assemble large-scale DNA sequence datasets from all-pair overlaps. We first design a PANDA platform that exploits MRAM as computational memory and converts it to a potent processing unit for genome assembly. PANDA can not only execute efficient bulk bit-wise X(N)OR-based comparison/addition operations heavily required for the genome assembly task but also a full set of 2-/3-input logic operations inside the MRAM chip. We then develop a highly parallel and step-by-step hardware-friendly DNA assembly algorithm for PANDA that only requires the developed in-memory logic operations. The platform is then configured with a novel data partitioning and mapping technique that provides local storage and processing to utilize the algorithm level’s parallelism fully. The cross-layer simulation results demonstrate that PANDA reduces the run time and power by a factor of 18 and 11, respectively, compared with CPU. Moreover, speed-ups of up to 2.5 to 10× can be obtained over other recent processing in-memory platforms to perform the same task, like STT-MRAM, ReRAM, and DRAM. 
    more » « less
  2. ; ; ; ; ; (, Proceedings of the ACM on Programming Languages)
    Binary program dependence analysis determines dependence between instructions and hence is important for many applications that have to deal with executables without any symbol information. A key challenge is to identify if multiple memory read/write instructions access the same memory location. The state-of-the-art solution is the value set analysis (VSA) that uses abstract interpretation to determine the set of addresses that are possibly accessed by memory instructions. However, VSA is conservative and hence leads to a large number of bogus dependences and then substantial false positives in downstream analyses such as malware behavior analysis. Furthermore, existing public VSA implementations have difficulty scaling to complex binaries. In this paper, we propose a new binary dependence analysis called BDA enabled by a randomized abstract interpretation technique. It features a novel whole program path sampling algorithm that is not biased by path length, and a per-path abstract interpretation avoiding precision loss caused by merging paths in traditional analyses. It also provides probabilistic guarantees. Our evaluation on SPECINT2000 programs shows that it can handle complex binaries such as gcc whereas VSA implementations from the-state-of-art platforms have difficulty producing results for many SPEC binaries. In addition, the dependences reported by BDA are 75 and 6 times smaller than Alto, a scalable binary dependence analysis tool, and VSA, respectively, with only 0.19% of true dependences observed during dynamic execution missed (by BDA). Applying BDA to call graph generation and malware analysis shows that BDA substantially supersedes the commercial tool IDA in recovering indirect call targets and outperforms a state-of-the-art malware analysis tool Cuckoo by disclosing 3 times more hidden payloads. 
    more » « less
  3. ; ; ; ; ; (, Materials Horizons)
    We introduce the polymer analysis and discovery array (PANDA), an automated system for high-throughput electrodeposition and functional characterization of polymer films. The PANDA is a custom, modular, and low-cost system based on a CNC gantry that we have modified to include a syringe pump, potentiostat, and camera with a telecentric lens. This system can perform fluid handling, electrochemistry, and transmission optical measurements on samples in custom 96-well plates that feature transparent and conducting bottoms. We begin by validating this platform through a series of control fluid handling and electrochemistry experiments to quantify the repeatability, lack of cross-contamination, and accuracy of the system. As a proof-of-concept experimental campaign to study the functional properties of a model polymer film, we optimize the electrochromic switching of electrodeposited poly(3,4-ethylenedioxythiophene):poly(styrene sulfonate) (PEDOT:PSS) films. In particular, we explore the monomer concentration, deposition time, and deposition voltage using an array of experiments selected by Latin hypercube sampling. Subsequently, we run an active learning campaign based upon Bayesian optimization to find the processing conditions that lead to the highest electrochromic switching of PEDOT:PSS. This self-driving lab integrates optical and electrochemical characterization to constitute a novel, automated approach for studying functional polymer films. 
    more » « less
  4. ; ; ; ; ; (, Schloss Dagstuhl – Leibniz-Zentrum für Informatik)
    Papadopoulos, Alessandro V (Ed.)
    The rigid timing requirement of real-time applications biases the analysis to focus on the worst-case performances. Such a focus cannot provide enough information to optimize the system’s typical resource and energy consumption. In this work, we study the real-time scheduling of parallel tasks on a multi-speed heterogeneous platform while minimizing their typical-case CPU energy consumption. Dynamic power management (DPM) policy is integrated to determine the minimum number of cores required for each task while guaranteeing worst-case execution requirements (under all circumstances). A Hungarian Algorithm-based task partitioning technique is proposed for clustered multi-core platforms, where all cores within the same cluster run at the same speed at any time, while different clusters may run at different speeds. To our knowledge, this is the first work aiming to minimize typical-case CPU energy consumption (while ensuring the worst-case timing correctness for all tasks under any execution condition) through DPM for parallel tasks in a clustered platform. We demonstrate the effectiveness of the proposed approach with existing power management techniques using experimental results and simulations. The experimental results conducted on the Intel Xeon 2680 v3 12-core platform show around 7%-30% additional energy savings. 
    more » « less
  5. (, SimAUD 2018 Society for Modeling and Simulation International)
    This research introduces a novel lyophilized hydrogel for double-skin envelope (DSE) integration as a dynamic louver system to provide dehumidification of moisture, daylighting modulation, and recuperation of water condensate. The work links empirical experiments for thermal, optical, and sorption properties of the hygrothermal materials alongside system scale analytical models to inform energy and water conservation measures. The system scale analyses are conducted with LBNL WINDOW7 in combination with numerical analytical models, in addition to select computational fluid dynamic (CFD) studies for development of louver geometries to optimize sorption effectiveness in the DSE cavity airstream. Effective heat transfer and visible transmittance values for the dynamic states of the DSE hygrothermal louver system are then linked to building scale analyses in the Rhino- Grasshopper platform using the Honeybee plug-in to run EnergyPlus. The dynamic state envelope system is assessed through annual integration modeling for hothumid climate conditions. The work introduces new aspects in simulation modeling with integration of the standard mechanical air-handling system functions to be coupled with multi-state dynamic properties for the envelope system in building scale analyses. A sorption coefficient is identified for analytical modeling of the DSE hygrothermal louver cavity thermodynamics. The work also integrates a new calculation tool in the simulation platform for evaluating potential water recuperation 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email