Virtual Machine Code Research Articles

Deep Learning for Cybersecurity Classification: Utilizing Depth-Wise CNN and Attention Mechanism on VM-Obfuscated Data

With the increasing use of sophisticated obfuscation techniques, malware detection remains a critical challenge in cybersecurity. This paper introduces a novel deep learning approach to classify malware obfuscated by virtual machine (VM) code. We specifically explore the application of depth-wise convolutional neural networks (CNNs) combined with a spatial attention mechanism to tackle VM-protected cybersecurity datasets. To address the scarcity of obfuscated malware samples, the dataset was generated using VMProtect to ensure the models were trained on real examples of modern obfuscated malware. The effectiveness of our approach is demonstrated through extensive experiments on both regular malware and obfuscated malware, where our model achieved accuracies of nearly 100% and 93.55% in classifying the regular malware and the obfuscated malware, respectively.

Translation certification for smart contracts

Compiler correctness is an old problem, but with the emergence of smart contracts on blockchains that problem presents itself in a new light. Smart contracts are self-contained pieces of software that control (valuable) assets in an adversarial environment; once committed to the blockchain, these smart contracts cannot be modified. Smart contracts are typically developed in a high-level contract language and compiled to low-level virtual machine code before being committed to the blockchain. For a smart contract user to trust a given piece of low-level code on the blockchain, they must convince themselves that (a) they are in possession of the matching source code and (b) that the compiler has correctly translated the source code to the given low-level code.Classic approaches to compiler correctness tackle the second point. We argue that translation certification also squarely addresses the first. We describe the proof architecture of a translation certification framework and demonstrate how we can model the compilation pipeline as a sequence of translation relations. We give a detailed account of such relations for most passes of the Plutus Tx compiler, which we formalised in Coq. This approach facilitates a modular verification methodology and is robust in the face of an evolving compiler implementation.

The methods for iterative computations efficiency improving in Wolfram Mathematica

In article considered and investigated methods for reducing computational resource costs of iterative algorithms in the mathematical processor Wolfram Mathematica that based on preliminary preparation of initial data, management of intermediate data in the execution time, use and specific tuning of built-in functions: export to platform independent formats and dump files, compilation into Wolfram Virtual Machine code and machine code using a C-compiler, loop operators. Their nonobvious capabilities and features are shown. It has been proven that each of them, even individually, can significantlyaffect the reduction of such limited computer resources as amount of RAM and CPU time during calculations.

Two decades of live coding and debugging of virtual machines through simulation

SummaryOpenSmalltalk‐VM is a virtual machine (VM) for languages in the Smalltalk family (eg, Squeak and Pharo), which is itself written in a subset of Smalltalk that can easily be translated to C. VM development is done in Smalltalk, an activity we call “simulation.” The production VM is then derived by translating the core VM code to C. As a result, two execution models coexist: simulation, where the Smalltalk code is executed on top of a Smalltalk VM, and production, where the same code is compiled to an executable through a C compiler. The whole VM execution can be simulated: the heap is represented as a huge byte array, the VM code is executed as Smalltalk, and the native code generated by the just‐in‐time (JIT) compiler is executed by a processor simulator. All the Smalltalk development tools, such as the debugger, are then available while simulating. In addition, in simulation, it is also possible to use debugging features such as single stepping in the machine code generated by the JIT compiler. The Smalltalk development tools combined with the simulation debugging features provide developers with a productive environment in which to extend and debug the VM. In this article, we detail the VM simulation infrastructure and report our experiences developing and debugging VM features within it such as the garbage collector and the JIT compiler.

Virtual machine provisioning, code management, and data movement design for the Fermilab HEPCloud Facility

The Fermilab HEPCloud Facility Project has as its goal to extend the current Fermilab facility interface to provide transparent access to disparate resources including commercial and community clouds, grid federations, and HPC centers. This facility enables experiments to perform the full spectrum of computing tasks, including data-intensive simulation and reconstruction. We have evaluated the use of the commercial cloud to provide elasticity to respond to peaks of demand without overprovisioning local resources. Full scale data-intensive workflows have been successfully completed on Amazon Web Services for two High Energy Physics Experiments, CMS and NOνA, at the scale of 58000 simultaneous cores. This paper describes the significant improvements that were made to the virtual machine provisioning system, code caching system, and data movement system to accomplish this work. The virtual image provisioning and contextualization service was extended to multiple AWS regions, and to support experiment-specific data configurations. A prototype Decision Engine was written to determine the optimal availability zone and instance type to run on, minimizing cost and job interruptions. We have deployed a scalable on-demand caching service to deliver code and database information to jobs running on the commercial cloud. It uses the frontiersquid server and CERN VM File System (CVMFS) clients on EC2 instances and utilizes various services provided by AWS to build the infrastructure (stack). We discuss the architecture and load testing benchmarks on the squid servers. We also describe various approaches that were evaluated to transport experimental data to and from the cloud, and the optimal solutions that were used for the bulk of the data transport. Finally, we summarize lessons learned from this scale test, and our future plans to expand and improve the Fermilab HEP Cloud Facility.

Maxine

A highly productive platform accelerates the production of research results. The design of a Virtual Machine (VM) written in the Java™ programming language can be simplified through exploitation of interfaces, type and memory safety, automated memory management (garbage collection), exception handling, and reflection. Moreover, modern Java IDEs offer time-saving features such as refactoring, auto-completion, and code navigation. Finally, Java annotations enable compiler extensions for low-level “systems programming” while retaining IDE compatibility. These techniques collectively make complex system software more “approachable” than has been typical in the past. The Maxine VM, a metacircular Java VM implementation, has aggressively used these features since its inception. A co-designed companion tool, the Maxine Inspector, offers integrated debugging and visualization of all aspects of the VM's runtime state. The Inspector's implementation exploits advanced Java language features, embodies intimate knowledge of the VM's design, and even reuses a significant amount of VM code directly. These characteristics make Maxine a highly approachable VM research platform and a productive basis for research and teaching.

Streamware

Recently, the number of cores on general-purpose processors has been increasing rapidly. Using conventional programming models, it is challenging to effectively exploit these cores for maximal performance. An interesting alternative candidate for programming multiple cores is the stream programming model, which provides a framework for writing programs in a sequential-style while greatly simplifying the task of automatic parallelization. It has been shown that not only traditional media/image applications but also more general-purpose data-intensive applications can be expressed in the stream programming style. In this paper, we investigate the potential to use the stream programming model to efficiently utilize commodity multicore general-purpose processors (e.g., Intel/AMD). Although several stream languages and stream compilers have recently been developed, they typically target special-purpose stream processors. In contrast, we propose a flexible software system, Streamware, which automatically maps stream programs onto a wide variety of general-purpose multicore processor configurations. We leverage existing compilation framework for stream processors and design a runtime environment which takes as input the output of these stream compilers in the form of machine-independent stream virtual machine code. The runtime environment assigns work to processor cores considering processor/cache configurations and adapts to workload variations. We evaluate this approach for a few general-purpose scientific applications on real hardware and a cycle-level simulator set-up to showcase scaling and contention issues. The results show that the stream programming model is a good choice for efficiently exploiting modern and future multicore CPUs for an important class of applications.

Streamware

Recently, the number of cores on general-purpose processors has been increasing rapidly. Using conventional programming models, it is challenging to effectively exploit these cores for maximal performance. An interesting alternative candidate for programming multiple cores is the stream programming model, which provides a framework for writing programs in a sequential-style while greatly simplifying the task of automatic parallelization. It has been shown that not only traditional media/image applications but also more general-purpose data-intensive applications can be expressed in the stream programming style. In this paper, we investigate the potential to use the stream programming model to efficiently utilize commodity multicore general-purpose processors (e.g., Intel/AMD). Although several stream languages and stream compilers have recently been developed, they typically target special-purpose stream processors. In contrast, we propose a flexible software system, Streamware, which automatically maps stream programs onto a wide variety of general-purpose multicore processor configurations. We leverage existing compilation framework for stream processors and design a runtime environment which takes as input the output of these stream compilers in the form of machine-independent stream virtual machine code. The runtime environment assigns work to processor cores considering processor/cache configurations and adapts to workload variations. We evaluate this approach for a few general-purpose scientific applications on real hardware and a cycle-level simulator set-up to showcase scaling and contention issues. The results show that the stream programming model is a good choice for efficiently exploiting modern and future multicore CPUs for an important class of applications.

Streamware

Recently, the number of cores on general-purpose processors has been increasing rapidly. Using conventional programming models, it is challenging to effectively exploit these cores for maximal performance. An interesting alternative candidate for programming multiple cores is the stream programming model, which provides a framework for writing programs in a sequential-style while greatly simplifying the task of automatic parallelization. It has been shown that not only traditional media/image applications but also more general-purpose data-intensive applications can be expressed in the stream programming style. In this paper, we investigate the potential to use the stream programming model to efficiently utilize commodity multicore general-purpose processors (e.g., Intel/AMD). Although several stream languages and stream compilers have recently been developed, they typically target special-purpose stream processors. In contrast, we propose a flexible software system, Streamware, which automatically maps stream programs onto a wide variety of general-purpose multicore processor configurations. We leverage existing compilation framework for stream processors and design a runtime environment which takes as input the output of these stream compilers in the form of machine-independent stream virtual machine code. The runtime environment assigns work to processor cores considering processor/cache configurations and adapts to workload variations. We evaluate this approach for a few general-purpose scientific applications on real hardware and a cycle-level simulator set-up to showcase scaling and contention issues. The results show that the stream programming model is a good choice for efficiently exploiting modern and future multicore CPUs for an important class of applications.

프로파일링 데이터를 이용한 가상기계 코드 최적화

가상기계(Virtual Machine)는 소프트웨어로 제작되어 논리적인 시스템 구성을 갖는 컴퓨터이기 때문에 그 수행 속도와 필요 저장 공간 측면에서 성능이 떨어질 수밖에 없다. 이러한 환경에서의 가상기계 코드 최적화는 실행 성능을 향상시킬 수 있기에 중요하다. 특별히 임베디드 장치(Embedded Device)에서 작동하는 가상기계 환경에서의 최적화는 기존의 최적화에 비해 수행 비용 대비 효과에서 높은 효율을 요구한다. 이에 따라 프로파일링을 통하여 성능에 크게 영향을 주는 함수 또는 기본 블록(Basic Block)을 찾아 최적화하는 것이 효과적이다. 본 논문에서는 프로파일링을 이용한 가상기계 코드 최적화기를 설계하고 구현하였다. 먼저, 가상기계 코드 최적화를 위해 코드를 실행하여 얻을 수 있는 동적 정보인 프로파일링 데이터(Profiling Data)를 정의하였고, 프로파일링 정보를 이용한 가상기계 코드 최적기를 구현하였다. 또한, 구현과 실험에 있어서 가상기계 코드는 EVM(Embedded Virtual Machine)의 중간 언어인 SIL(Standard Intermediate Language)를 사용하였고, 구현된 최적화기에 대한 실험을 통해 최적화기의 효과를 확인하였다. VM(Virtual Machine) can be considered as a software processor which interprets the machine code. Also, it is considered as a conceptional computer that consists of logical system configuration. But, the execution speed of VM system is much slower than that of a real processor system. So, it is very important to optimize the code for virtual machine to enhance the execution time. Especially the optimizer for a virtual machine code on embedded devices requires the highly efficient performance to the ordinary optimizer in the respect to the optimized ratio about cost. Fundamentally, functions and basic blocks which influence the execution time of virtual machine is found, and then an optimization for them nay get the high efficiency. In this paper, we designed and implemented the optimizer for the virtual(or abstract) machine code(VMC) using profiling. Firstly, we defined the profiling information which is necessary to the optimization of VMC. The information can be obtained from dynamically executing the machine code. And we implemented VMC optimizer using the profiling information. In our implementation, the VMC is SIL(Standard Intermediate Language) that is an intermediate code of EVM(Embedded Virtual Machine). Also, we tried a benchmark test for the VMC optimizer and obtained reasonable results.

역컴파일링 기법을 이용한 가상기계 코드 실행 시스템

Generally, virtual machine platform is composed of a compiler, an assembler, and VM(Virtual Machine). To develop it, the design of VMC(Virtual Machine Code) is an essential task. And it is very important to verify the virtual machine platform. To do this and furthermore to execute VMC, it needs to implement VMC execution system using compiling method, interpreting method, or decompiling method. In this paper, we suggested and implemented the executing system of VMC using decompiling method out of three methods to execute the VMC. In our implementation, the VMC is SIL(Standard Intermediate Language) that is an intermediate code of EVM(Embedded Virtual Machine). Actually, we verified the usefulness of the decompiling method. And the decompiling method suggested in this paper can be used to minimize the mistake in developing Virtual machine platform.

The case for virtual register machines

Virtual machines (VMs) are a popular target for language implementers. A long-running question in the design of virtual machines has been whether stack or register architectures can be implemented more efficiently with an interpreter. Many designers favour stack architectures since the location of operands is implicit in the stack pointer. In contrast, the operands of register machine instructions must be specified explicitly. In this paper, we present a working system for translating stack-based Java virtual machine (JVM) code to a simple register code. We describe the translation process, the complicated parts of the JVM which make translation more difficult, and the optimisations needed to eliminate copy instructions. Experimental results show that a register format reduced the number of executed instructions by 34.88%, while increasing the number of bytecode loads by an average of 44.81%. Overall, this corresponds to an increase of 2.32 loads for each dispatch removed. We believe that the high cost of dispatches makes register machines attractive even at the cost of increased loads.

Implementing an applet system without fixing virtual‐machine designs

AbstractAn applet is program code which is downloaded dynamically from a server on the World Wide Web and which can be executed while maintaining security on the client side. The majority of applet systems at present, as represented by the Java Applet, implement the applets using virtual machine code which is independent of computer architecture. This is advantageous in terms of installation and use in different machine environments. Because virtual machine code is associated with execution by an interpreter or conversion to native code, the design of the virtual machine code greatly impacts performance during execution. Normally, however, representation of virtual machine code is fixed for each applet system and cannot be altered. The authors focused on the independence of virtual machine code and implementing an applet execution environment which is independent of the design of virtual machine code by making the Just‐In‐Time (JIT) compiler which converts virtual machine code to native code mobile. In this approach, native code conversion modules which are appropriate for the virtual machine code being used in the applet description are downloaded dynamically. In addition, this applet execution environment provides monitoring functions during applet execution so that a native code applet generated from any virtual machine code can be executed safely. The applet execution monitoring mechanism allows for the programming of system control policies for users, and allows for flexible applet execution control for various levels of monitoring. In this paper, the authors describe an implementation using their newly designed virtual machine code representation in both the SPARC and Intel x86 architecture environments, as well as experiments using this implementation. © 2003 Wiley Periodicals, Inc. Syst Comp Jpn, 34(2): 32–42, 2003; Published online in Wiley InterScience (www.interscience.wiley.com). DOI 10.1002/scj.10013

Vmgen—a generator of efficient virtual machine interpreters

AbstractIn a virtual machine interpreter, the code for each virtual machine instruction has similarities to code for other instructions. We present an interpreter generator that takes simple virtual machine instruction descriptions as input and generates C code for processing the instructions in several ways: execution, virtual machine code generation, disassembly, tracing, and profiling. The generator is designed to support efficient interpreters: it supports threaded code, aching the top‐of‐stack item in a register, combining simple instructions into superinstructions, and other optimizations. We have used the generator to create interpreters for Forth and Java. Theresulting interpreters are faster than other interpreters for the same languages and they are typically 2–10 times slower than code produced by native‐code compilers. We also present results for the effects of the individual optimizations supported by the generator. Copyright © 2002 John Wiley & Sons, Ltd

Verified lightweight bytecode verification

AbstractEva and Kristoffer Rose proposed a (sparse) annotation of Java Virtual Machine code with types to enable a one‐pass verification of well‐typedness. We have formalized a variant of their proposal in the theorem prover Isabelle/HOL and proved soundness and completeness. Copyright © 2001 John Wiley & Sons, Ltd.

Java, Java, Java

Everyone is talking about Java. The driving force for this chatter is Java's simplicity and potential power. Java is programming language, and a language for the intranet and the World Wide Web (WWW). Java is a Write On one platform and Run on Many platforms (WORM) language. For network-friendly, platform-independent applications, Java (originally Oak) is an object oriented programming language. Java source code is compiled into a virtual machine code or bytecode. This makes the Java platform independent. It can be placed on a Web site, and executed on the client side on a PC-Intel, Mac, Motorola or UNIX-Solaris machine without recompiling. Sun Microsystems formally announced Java in May 1995. Java is the first language that has built-in capabilities for networking applications, in particular, creating dynamic Web pages. Java programs that run on the Internet Web pages are called applets. These applets are easily incorporated into Web pages. These applets are executed from homepages on remote Web sites. Java programs run interpretively on the client side. Java reduces development costs and speeds up the learning curve. Traditional client server development tools-such as Delphi, Power-Builder and Visual Basic-are losing ground to Java as a result. By the year-end of 1996, Java had moved ahead in use of both C and C++ and these application development tools.

Architectures within the ESPRIT SPAN project

An overview is given of the SPAN project, which pooled the resources of numerous researchers in several countries to integrate symbolic and numeric computing on parallel systems. The resulting Kernel System architectures provided a central model for which two programming languages and two parallel-system architectures were developed. The Kernel System architecture, Parle high-level procedural language, Virtual Machine Code, Sprint processor architecture, and DICE distributed memory architecture are examined.< <ETX xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">&gt;</ETX>