TU Darmstadt / ULB / TUbiblio

Access-Path Abstraction: Scaling Field-Sensitive Data-Flow Analysis with Unbounded Access Paths

Lerch, Johannes and Späth, Johannes and Bodden, Eric and Mezini, Mira (2015):
Access-Path Abstraction: Scaling Field-Sensitive Data-Flow Analysis with Unbounded Access Paths.
In: Proceedings of the 2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE), Washington, DC, USA, IEEE Computer Society, In: Automated Software Engineering (ASE), 2015 30th IEEE/ACM International Conference on, Lincoln, Nebraska, USA, 9.-13. November 2015, [Online-Edition: https://dl.acm.org/citation.cfm?id=2916135&picked=prox],
[Conference or Workshop Item]

Abstract

Precise data-flow analyses frequently model field accesses through access paths with varying length. While using longer access paths increases precision, their size must be bounded to assure termination, and should anyway be small to enable a scalable analysis. We present Access-Path Abstraction, which for the first time combines efficiency with maximal precision. At control-flow merge points Access-Path Abstraction represents all those access paths that are rooted at the same base variable through this base variable only. The full access paths are reconstructed on demand where required. This makes it unnecessary to bound access paths to a fixed maximal length. Experiments with Stanford SecuriBench and the Java Class Library compare our open-source implementation against a field-based approach and against a field-sensitive approach that uses bounded access paths. The results show that the proposed approach scales as well as a field-based approach, whereas the approach using bounded access paths runs out of memory.

Item Type: Conference or Workshop Item
Erschienen: 2015
Creators: Lerch, Johannes and Späth, Johannes and Bodden, Eric and Mezini, Mira
Title: Access-Path Abstraction: Scaling Field-Sensitive Data-Flow Analysis with Unbounded Access Paths
Language: English
Abstract:

Precise data-flow analyses frequently model field accesses through access paths with varying length. While using longer access paths increases precision, their size must be bounded to assure termination, and should anyway be small to enable a scalable analysis. We present Access-Path Abstraction, which for the first time combines efficiency with maximal precision. At control-flow merge points Access-Path Abstraction represents all those access paths that are rooted at the same base variable through this base variable only. The full access paths are reconstructed on demand where required. This makes it unnecessary to bound access paths to a fixed maximal length. Experiments with Stanford SecuriBench and the Java Class Library compare our open-source implementation against a field-based approach and against a field-sensitive approach that uses bounded access paths. The results show that the proposed approach scales as well as a field-based approach, whereas the approach using bounded access paths runs out of memory.

Title of Book: Proceedings of the 2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE)
Place of Publication: Washington, DC, USA
Publisher: IEEE Computer Society
Uncontrolled Keywords: Analytical models;Computational modeling;Context;Explosions;Open source software;Scalability;Target tracking;access path;field sensitive;static analysis;Engineering, E1
Divisions: 20 Department of Computer Science
20 Department of Computer Science > Software Technology
DFG-Collaborative Research Centres (incl. Transregio)
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres
Profile Areas
Profile Areas > Cybersecurity (CYSEC)
Zentrale Einrichtungen
20 Department of Computer Science > EC SPRIDE
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres > CRC 1119: CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments
Event Title: Automated Software Engineering (ASE), 2015 30th IEEE/ACM International Conference on
Event Location: Lincoln, Nebraska, USA
Event Dates: 9.-13. November 2015
Date Deposited: 29 Jan 2016 13:22
Official URL: https://dl.acm.org/citation.cfm?id=2916135&picked=prox
Export:
Suche nach Titel in: TUfind oder in Google

Optionen (nur für Redakteure)

View Item View Item