Memory errors are one of the most common vulnerabilities for the popularity of memory unsafe languages including C and C++. Once exploited, it can easily lead to system crash (i.e., denial-of-service attacks) or allow adversaries to fully compromise the victim system. This paper proposes MEDS, a practical memory error detector. MEDS significantly enhances its detection capability by approximating two ideal properties, called an infinite gap and an infinite heap. The approximated infinite gap of MEDS setups large inaccessible memory region between objects (i.e., 4 MB), and the approximated infinite heap allows MEDS to fully utilize virtual address space (i.e., 45-bits memory space). The key idea of MEDS in achieving these properties is a novel user-space memory allocation mechanism, MEDSALLOC. MEDSALLOC leverages a page aliasing mechanism, which allows MEDS to maximize the virtual memory space utilization but minimize the physical memory uses. To highlight the detection capability and practical impacts of MEDS, we evaluated and then compared to Google's state-of-the-art detection tool, Ad-dressSanitizer. MEDS showed three times better detection rates on four real-world vulnerabilities in Chrome and Firefox. More importantly, when used for a fuzz testing, MEDS was able to identify 68.3% more memory errors than AddressSanitizer for the same amount of a testing time, highlighting its practical aspects in the software testing area. In terms of performance overhead, MEDS slowed down 108% and 86% compared to native execution and AddressSanitizer, respectively, on real-world applications including Chrome, Firefox, Apache, Nginx, and OpenSSL.
A variety of advantages from sounds such as measurement and accessibility introduces a new opportunity for mobile applications to offer broad types of interesting, valuable functionalities, supporting a richer user experience. However, in spite of the growing interests on mobile sound applications, few or no works have been done in focusing on managing an audio device effectively. More specifically, their low level of real-time capability for audio resources makes it challenging to satisfy tight timing requirements of mobile sound applications, e.g., a high sensing rate of acoustic sensing applications. To address this problem, this work presents the SounDroid framework, an audio device management framework for real-time audio requests from mobile sound applications. The design of SounDroid is based on the requirement analysis of audio requests as well as an understanding of the audio playback procedure including the audio request scheduling and dispatching on Android. It then incorporates both real-time audio request scheduling algorithms, called EDF-V and AFDS, and dispatching optimization techniques into mobile platforms, and thus improves the quality-ofservice of mobile sound applications. Our experimental results with the prototype implementation of SounDroid demonstrate that it is able to enhance scheduling performance for audio requests, compared to traditional mechanisms (by up to 40% improvement), while allowing deterministic dispatching latency.
The last several years have seen a rapid increase in smart phone use. Android offers an open-source software platform on smart phones, that includes a Linux-based kernel, Java applications, and middleware. The Android middleware provides system libraries and services to facilitate the development of performance-sensitive or device-specific functionalities, such as screen display, multimedia, and web browsing. Android keeps track of which applications make use of which system services for some pre-defined functionalities, and which application is running in the foreground attracting the user's attention. Such information is valuable in capturing application characteristics and can be useful for resource management tailored to application requirements. However, the Linuxbased Android kernel does not utilize such information for I/O resource management. This paper is the first work, to the best of our knowledge, to attempt to understand application characteristics through Android architecture and to incorporate those characteristics into disk and network I/O management. Our proposed approach, Aciom (Application Characteristics-aware I/O Management), requires no modification to applications and characterizes application I/O requests as time-sensitive, bursty, or plain, depending on which system services are involved and which application receives the user's focus. Aciom then provides differentiated I/O management services for different types of I/O requests, supporting minimum bandwidth reservations for time-sensitive requests and placing maximum bandwidth limits on bursty requests. We present the design of Aciom and a prototype implementation on Android. Our experimental results show that Aciom is quite effective in handling disk and network I/O requests in support of time-sensitive applications in the presence of bursty I/O requests.
MOTIVATIONMobile sensing applications (MS apps) are coming into the spotlight as next generation applications on smartphones. These applications continuously monitor a user's situational contexts using mobile sensors and provide the user with proactive services. To prevent obesity and help weight control, for instance, the smartphone can track daily calories expended by physical activity. A number of such applications will be running simultaneously and contribute to the quality of user experiences through diverse services.Despite their usefulness, many of these applications are not widely deployed yet. This is because they require a considerable amount of resources in a consistent manner. According to our measurement, indoor place tracking with ambient sound fingerprint continuously consumes about 50% of CPU utilization and 600mW of energy on Nexus One phone; note that GPS consumes about 450mW on average. With such high CPU overhead, the smartphone is able to support only a small number of the applications. The performance of other user-interactive applications would be degraded due to the CPU conflict. Also, such continuous energy consumption shortens the battery lifetime. VISIONIn this poster, we present the vision of mobile GPUaccelerated context processing for sensing applications on smartphones. The key idea is to leverage Graphics Processing Units (GPUs) on smartphones for context processing. By offloading a part of computation into GPUs, the GPU-accelerated context processing disburdens a smartphone's CPUs and thus achieves performance and energy benefits. A number of GPU-enhanced MS apps would be able to run in the background while little causing the foreground applications to slug or the smartphone battery to be depleted in the middle of a day.The key design philosophies of GPUs share many analogies with the major workload characteristics of MS apps. GPUs are inherently designed to support highly parallel, iterative computation workload; continuous stream of voluminous data under low-latency and high bandwidth requirement. A typical example would be the real-time processing of a large dataset of textures and polygons through a well-defined pipeline consisting of Gouraud shading, anti-aliasing, etc. Similarly, many MS apps consist of pipelines with multi-step operations, each of which is an iterative signal processing operation such as FFT. Executing these operations often involves piece-wise computation on a large volume of windowed frames of raw data, in which we can expect a large potential of parallelism as in the common GPU tasks. More similarities lie in that many MS apps impose latency requirements, e.g., a few hundreds of milliseconds in hand gesture recognition. Moreover, the use of GPUs instead of CPUs often yields great energy-saving benefits, which is a critical issue in mobile systems. Figure 1 shows the overall architecture. The Application Broker interacts with MS apps through a set of APIs we provide; the support for APIs is essential due to the lack of knowledge about underlying execution...
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.