Real Application Programs Research Articles

GENDA: A Graph Embedded Network Based Detection Approach on encryption algorithm of binary program

The cryptographic techniques are commonly used in software protection against malicious re-engineering. How to efficiently detect encryption algorithms used in the software to determine if they meet protection requirements is an interesting and significant task. However, existing encryption algorithm detection methods suffer from a high alarm rate or low efficiency as they fail to extract the complete program structure and semantic features of the encryption algorithms. In this article, we proposed GENDA, a graph embedding network-based detection method on encrypted binary code. We first analyze the characteristics of various encryption algorithms and construct the program graph for each encryption algorithm. Then the program graph is recursively embedded into the graph neural network as a basic unit, and the vector representation of the encryption algorithm graph is obtained. Finally, the type of encryption algorithm is determined by comparing the distance between these vectors. To evaluate GENDA, we collected a number of cryptographic libraries and real application programs from the open-source software. The experimental results show that GENDA can reach over a detection success rate of 92%. We also compared GENDA to existing state-of-the-art detection methods. The comparison results show that GENDA outperforms most of the existing methods.

EFlowC : 네트워크 관리를 위한 패킷 처리 언어

본 연구는 패킷 처리를 위한 고급 프로그래밍언어 eFlow를 제안하고 이를 지원하는 개발환경을 구현한다. 또한 개발자들이 가장 익숙하고 배우기 쉬운 C 언어를 기반으로 하여 C 언어의 문법과 의미를 유지하면서, 패킷 처리에 불필요한 기능들을 제거하고 패킷 처리에 필요한 패킷 데이터, 데이터베이스 및 스트링 바이트 정보 검사, 이벤트 처리 등을 수행하기 위한 고급 프로그래밍 언어를 설계하고, 기존의 언어나 컴파일러 기술을 적용하면서 패킷 처리를 위해 필요한 언어의 기능과 컴파일 과정을 설명한다. X11 등과 같은 DPIC 장비에 활용하기 위해 이식성과 확장성을 고려한 가상 기계인 eFVM을 설계하고, 이를 위한 컴파일러와 시뮬레이터 및 디버거와 같은 개발 환경을 갖추어 실제 많이 사용되고 있는 다양한 응용 프로그램을 실험하여 제안한 언어의 효용성을 평가하고 있다. 패킷 처리를 위해 갖추어야 할 고급 언어의 기능과 형식 및 그 의미를 정의한 연구가 거의 없이 이루어진 실험에 의의가 있다. In this paper, we propose a high-level programming language for packet processing called eFlowC and it supporting programming development environment. Based on the C language which is already familiar and easy to use to program developers, eFlowC maintains the similar syntax and semantics of C. Some features that are unnecessary for the packet processing has been removed from C, eFlowC is highly focused on performing packet data, database, string byte information checking and event processing. Design high-level programming languages and apply an existing language or compiler technology, language function and compilation process that is required for packet processing will be described. In order to use the DPIC device such as X11, we designed a virtual machine eFVM that takes into account the scalability and portability. We have evaluated the utility of the proposed language by experimenting a variety of real application programs with our programming environment such as compiler, simulator and debugger for eFVM. As there is little research that devoted to define the formats, meanings and functions of the packet processing language, this research is significant and expected to be a basis for the packet processing language.

EstiNet openflow network simulator and emulator

In this article, we introduce the EstiNet OpenFlow network simulator and emulator, and present its support for testing the functions and evaluating the performances of software-defined networks? OpenFlow controller?s application programs. EstiNet uses an unique kernel reentering simulation methodology to enable unmodified real applications to run on nodes in its simulated network. As a result, without any modification, real NOX/POX or Floodlight OpenFlow controllers can readily run on a host in an EstiNet simulated network to control thousands of simulated OpenFlow switches. EstiNet has the characteristics of a simulator and an emulator at the same time. It combines the advantages of the simulation and emulation approaches without their respective shortcomings. EstiNet uses real OpenFlow controller programs, real network application programs, and the real TCP/IP protocol stack in the Linux kernel to generate correct, accurate, and repeatable SDN application performance results. In this article, we compare EstiNet with ns-3 and Mininet regarding their capabilities, performance, and scalability.

On Improving Real-Time Interrupt Latencies of Hybrid Operating Systems with Two-Level Hardware Interrupts

In this paper, we propose to implement hybrid operating systems based on two-level hardware interrupts. We analyze and model the worst-case real-time interrupt latency for RTAI and identify the key component for its optimization. Then, we propose our methodology to implement hybrid operating systems with two-level hardware interrupts by combining the real-time kernel and the time sharing OS (Operating System) kernel. Based on the methodology, we discuss the important issues for the implementation. Finally, we implement a hybrid system called RTLinux-THIN (Real-Time LINUX with Two-level Hardware INterrupts) on the ARM architecture by combining ARM Linux kernel 2.6.9 and μC/OS-II. We conduct experiments on a set of real application programs including mplayer, Bonnie, and iperf, and compare the interrupt latency and interrupt task distributions for RTLinux-THIN (with and without cache locking), RTAI, Linux, and Linux with RT patch on a hardware platform based on Intel PXA270 processor. The results show that our scheme not only provides an easy method for implementing hybrid systems but also achieves the performance improvement for both the time sharing and real-time subsystems.

Low-energy off-chip SDRAM memory systems for embedded applications

Memory systems are dominant energy consumers, and thus many energy reduction techniques for memory buses and devices have been proposed. For practical energy reduction practices, we have to take into account the interaction between a processor and cache memories together with application programs. Furthermore, energy characterization of memory systems must be accurate enough to justify various techniques. In this article, we build an in-house energy simulator for memory systems that is accelerated by special hardware support while maintaining accuracy. We explore energy behavior of memory systems for various values of the processor and memory clock frequencies and cache configuration. Each experiment is performed with 24M instruction steps of real application programs to guarantee accuracy.The simulator is based on precise energy characterization of memory systems including buses, bus drivers, and memory devices by a cycle-accurate energy measurement technique. We characterize energy consumption of each component by an energy state machine whose states and transitions are associated with the dynamic and static energy costs, respectively. Our approach easily characterizes the energy consumption of complex SDRAMs. We divide and quantify energy components of main memory systems for high-level reduction. The energy simulator enables us to devise practical energy reduction schemes by providing the actual amount of reduction out of the total energy consumption in main memory systems. We introduce several practical energy reduction techniques for SDRAM memory systems and demonstrate energy reduction ratio over the SDRAM memory systems with commercial SDRAM controller chipsets. We classify the SDRAM memory systems into high-performance and mid-performance classes and achieve suitable system configurations for each class. For instance, a typical high-performance 32-bit, 64 MB SDRAM memory system consumes 19.6 mJ, 33.8 mJ, 35.4 mJ, and 37.0 mJ for 24M instructions of an MP3 decoder, a JPEG compressor, a JPEG decompressor, and an MPEG4 decoder, respectively. Our reduction scheme saves 12.7 mJ, 15.1 mJ, 15.5 mJ, and 14.8 mJ, and the reduction ratios are 64.8%, 44.6%, 43.8%, and 40.1%, respectively, without compromising execution speed.

A new methodology for easily constructing extensible and high-fidelity TCP/IP network simulators

This paper proposes a new methodology for easily constructing extensible and high-fidelity TCP/IP network simulators. The methodology uses a kernel-reentering technique to reuse the existing real-life network protocol stacks, real application programs that generate traffic, and real utility programs that configure, monitor, or gather network statistics to the maximum extent. Only an event scheduler and some modifications to the kernel are needed to “glue” these existing components to collectively simulate a network. A simulator constructed this way has many advantages that a traditional network simulator cannot provide. First, reuse of real-life implementation in the simulator can generate more accurate results than a traditional simulator that abstracts a lot of away from the real implementation. Second, it can save much time and effort that would be needed if a high-fidelity simulator is developed from scratch. Third, because real application programs cannot distinguish a simulated network constructed by the simulator from a real one, all existing real-life and future application programs can directly run on any node in a simulated network.

Implementation of tertiary storage file system with partial migration mechanism on an 8 mm tape archiver and its performance evaluation

Recently the demand for large-scale file systems has been increasing for global information systems, multimedia databases and so on. However, current commercial hierarchical file management systems are not efficient enough to handle huge data files. Migration of a whole file from a tape to a disk takes a very long time. Usually, users are not interested in a whole image but only in a small portion of it. Thus, there is no need for full migration. We designed and implemented a partially migratable file system based on 8 mm tape archivers. The file system transfers only the necessary portion of a file onto the disk. Two real application programs, radiometric/geometric correction and NDVI (Normalized Difference Vegetation Index) generation, were chosen and executed using our experimental file system. Large performance improvements were achieved compared to the conventional file-level migration scheme. © 1999 Scripta Technica, Syst Comp Jpn, 30(3): 23–30, 1999

Implementation of tertiary storage file system with partial migration mechanism on an 8 mm tape archiver and its performance evaluation

Recently the demand for large-scale file systems has been increasing for global information systems, multimedia databases and so on. However, current commercial hierarchical file management systems are not efficient enough to handle huge data files. Migration of a whole file from a tape to a disk takes a very long time. Usually, users are not interested in a whole image but only in a small portion of it. Thus, there is no need for full migration. We designed and implemented a partially migratable file system based on 8 mm tape archivers. The file system transfers only the necessary portion of a file onto the disk. Two real application programs, radiometric/geometric correction and NDVI (Normalized Difference Vegetation Index) generation, were chosen and executed using our experimental file system. Large performance improvements were achieved compared to the conventional file-level migration scheme. © 1999 Scripta Technica, Syst Comp Jpn, 30(3): 23–30, 1999

Scheduling expression DAGs for minimal register need

Generating schedules for expression DAGs that use a minimal number of registers is a classical NP-complete optimization problem. Up to now an exact solution could only be computed for small DAGs (with up to 20 nodes), using a trivial O( n!) enumeration algorithm. We present a new algorithm with worst-case complexity O( n2 2 n ) and very good average behavior. Applying a dynamic programming scheme and reordering techniques, our algorithm is able to defer the combinatorial explosion and to generate an optimal schedule not only for small DAGs but also for medium-sized ones with up to 50 nodes, a class that contains nearly all DAGs encountered in typical application programs. Experiments with randomly generated DAGs and large DAGs from real application programs confirm that the new algorithm generates optimal schedules quite fast. We extend our algorithm to cope with delay slots and multiple functional units, two common features of modern superscalar processors.

Symbolic analysis techniques for program parallelization

Existing parallelizing compilers have been shown to detect and exploit only small portions of parallelism in real application programs. A core problem is the difficulty to collect sufficient information from the program to utilize the underlying multiprocessor architecture. Symbolic analysis is the key component to support compilers in parametrizing codes by the number of processors as well as array sizes and to enable performance analyzers examining programs with program unknowns. We present a variety of novel symbolic analysis techniques that are crucial for a new generation of parallelizing compilers and performance analysis tools to handle non-linear array index functions, complex loop bounds, and deal with unknown problem, array and machine sizes which is critical for programming languages such as High Performance Fortran. This includes counting solutions to a system of constraints, computing lower and upper bounds of symbolic expressions, and comparing symbolic expressions. We have implemented all of these techniques as part of a state-of-the-art parallelizing compiler and a performance estimator. Experimental results will be shown that demonstrate the effectiveness of our symbolic analysis.

Generating optimal contiguous evaluations for expression DAGs

We consider the NP-complete problem of generating contiguous evaluations for expression DAGs with a minimal number of registers. We present two algorithms that generate optimal contiguous evaluation for a given DAG. The first is a modification of a complete search algorithm that omits the generation of redundant evaluations. The second algorithm generates only the most promising evaluations by splitting the DAG into trees with import and export nodes and evaluating the trees with a modified labeling scheme. Experiments with randomly generated DAGs and large DAGs from real application programs confirm that the new algorithms generate optimal contiguous evaluations quite fast.

A concurrency analysis tool suite for Ada programs

Cats (Concurrency Analysis Tool Suite) is designed to satisfy several criteria: it must analyze implementation-level Ada source code and check user-specified conditions associated with program source code; it must be modularized in a fashion that supports flexible composition with other tool components, including integration with a variety of testing and analysis techniques; and its performance and capacity must be sufficient for analysis of real application programs. Meeting these objectives together is significantly more difficult than meeting any of them alone. We describe the design and rationale of Cats and report experience with an implementation. The issues addressed here are primarily practical concerns for modularizing and integrating tools for analysis of actual source programs. We also report successful application of Cats to major subsystems of a (nontoy) highly concurrent user interface system.

The network communication manager: A transport station for the SGB network

Firstly, the need for a transport station in a ×25 private network environment is briefly examined. Next the end-to-end protocol and related notions are detailed. Then, explanations are provided concerning a possible way of bridging between the transport station and the ×25 handler. Afterwards it is shown how the transport station interfaces with the user's real time application programs and offers the generalized services of a genuine network access method. Finally, an overview of the implementation is given.