This paper presents an extension of escape analysis for static detection of threats to data confidentiality in Java components, called field escape analysis. We augment existing escape analyses, which are typically based on points-to analysis for reference (or pointer) type, with data and control dependence analyses with respect to primitive type. To meet the demand of security analysis, we propose a graph representation, called primitive value dependence graph (PVDG), and a novel semantics for dependence analysis.We have built a static analysis tool for Java components called SecDetector. In the experimental evaluation, using different combinations of underlying analysis techniques (e.g., points-to analysis, dependence analysis), we evaluated trades-offs between precision and performance on five publicly-available J2EE applications. On the benchmarks examined, there are few false positives in our study. It provides evidence of the usefulness of our approach.
This article describes how with the development of cloud computing and virtualization technology, the desktop virtualization solution is becoming more and more mature. As a virtual desktop transport protocol, SPICE is used for deploying virtual desktops on servers and remote clients with high performance. However, it will take up a lot of network bandwidth and cause network congestion in a relatively poor network environment on video transmission. To solve this problem, a dynamic adjustment for video traffic (DCVS) in SPICE is proposed. It can dynamically adjust the bit rate of the video encoding according to the state of the virtual buffer and the feedback from client. The experiment results prove that DCVS can effectively reduce the video traffic and the probability of congestion.
This paper presents a static mutability analysis approach relying on escape information for Java components and uses the techniques to detect the security threats to data integrity before software components are deployed. In order to increase the precision of our analysis, we make a couple of significant modifications to mutability definitions based on previous work in the context of components.We extended our security analysis tool SecDetector with proposed mutability analysis, and used it to find potential threats to data integrity in Java components and lead developers to fix the security flaws. On the benchmarks in our experimental evaluation, we show that our tool can correctly find potential modification access violations with few false positives and provide evidence of the effectiveness of our techniques. While the analysis techniques are in the context of Java code, the basic concepts are applicable to other object-oriented programming languages as well.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.