Home » Articles posted by kaiser (Page 2)

Author Archives: kaiser

Efficient Dependency Detection for Safe Java Test Acceleration

@inproceedings{Bell:2015:EDD:2786805.2786823,
author = {Bell, Jonathan and Kaiser, Gail and Melski, Eric and Dattatreya, Mohan},
title = “{Efficient Dependency Detection for Safe Java Test Acceleration}”,
booktitle = “{2015 10th Joint Meeting on Foundations of Software Engineering}”,
series = {ESEC/FSE 2015},
year = {2015},
isbn = {978-1-4503-3675-8},
location = {Bergamo, Italy},
pages = {770–781},
numpages = {12},
url = {http://doi.acm.org/10.1145/2786805.2786823},
doi = {10.1145/2786805.2786823},
acmid = {2786823},
publisher = {ACM},
address = {New York, NY, USA},
keywords = {Test dependence, detection algorithms, empirical studies},
}

Dynamic Taint Tracking for Java with Phosphor

@inproceedings{Bell:2015:DTT:2771783.2784768,
author = {Bell, Jonathan and Kaiser, Gail},
title = {Dynamic Taint Tracking for Java with Phosphor (Demo)},
booktitle = {Proceedings of the 2015 International Symposium on Software Testing and Analysis},
series = {ISSTA 2015},
year = {2015},
isbn = {978-1-4503-3620-8},
location = {Baltimore, MD, USA},
pages = {409–413},
numpages = {5},
url = {http://doi.acm.org/10.1145/2771783.2784768},
doi = {10.1145/2771783.2784768},
acmid = {2784768},
publisher = {ACM},
address = {New York, NY, USA},
keywords = {Dataflow Analysis, Taint Tracking},
}

Dynamic Information Flow Analysis

We are investigating an approach to runtime information flow analysis for managed languages
that tracks metadata about data values through the execution of a program. We first considered
metadata that propagates labels representing the originating source of each data value, e.g.,
sensitive data from the address book or GPS of a mobile device that should only be accessed on a
need-to-know basis, or potentially suspect data input by end-users or external systems that
should be sanitized before including in database queries, collectively termed “taint tracking”.
We developed and made available open-source the first general purpose implementation of taint
tracking that operates with minimal performance overhead on commodity Java Virtual Machine
implementations (e.g., from Oracle and OpenJDK), by storing the derived metadata “next to” the
corresponding data values in memory, achieved via bytecode rewriting that does not require
access to source code or any changes to the underlying platform. Previous approaches required
changes to the source code, the language interpreter, the language runtime, the operating system
and/or the hardware, or added unacceptable overhead by storing the metadata separately in a
hashmap. Our system has also been applied to Android, where it required changes in 13 lines of
code, contrasted to the state of the art TaintDroid which added 32,000 lines of code. We are
currently investigating tracking the path conditions constructed during dynamic symbolic
execution of programs, which record the constraints on data values that have reached a given
point in execution (e.g., taking the true or false branch of a series of conditionals). We plan to
use the more sophisticated but slower symbolic execution version as part of several prospective
projects.

We expect to extend and use this tool as part of the Mutable Replay project, and are seeking new project students in tandem with that effort.

Contact Professor Gail Kaiser (kaiser@cs.columbia.edu)

Team Members

Faculty
Gail Kaiser

Former Graduate Students
Jonathan Bell

Links

Publications

Jonathan Bell and Gail Kaiser. Phosphor: Illuminating Dynamic Data Flow in the JVM. Object-oriented Programming, Systems, Languages, and Applications (OOPSLA), October 2014,pp. 83-101. Artifact accepted as meeting reviewer expectations.

Jonathan Bell and Gail Kaiser. Dynamic Taint Tracking for Java with PhosphorInternational Symposium on Software Testing and Analysis (ISSTA), July 2015, pp. 409-413.

Software

Download Phosphor.

Download Knarr.

Dynamic Inference of Likely Metamorphic Properties to Support Differential Testing

@inproceedings{Su:2015:DIL:2819261.2819279,
author = {Su, Fang-Hsiang and Bell, Jonathan and Murphy, Christian and Kaiser, Gail},
title = {Dynamic Inference of Likely Metamorphic Properties to Support Differential Testing},
booktitle = {Proceedings of the 10th International Workshop on Automation of Software Test},
series = {AST ’15},
year = {2015},
month = {May},
location = {Florence, Italy},
pages = {55–59},
numpages = {5},
url = {http://dl.acm.org/citation.cfm?id=2819261.2819279},
acmid = {2819279},
publisher = {IEEE Press},
address = {Piscataway, NJ, USA},
}

A Gameful Approach to Teaching Software Design and Software Testing

@incollection{GamefulSoftwareTesting,
author = “Swapneel Sheth and Jonathan Bell and Gail Kaiser”,
title = “{A Gameful Approach to Teaching Software Design and Software Testing}”,
editor = “Kendra M.L. Cooper and Walt Scacchi”,
booktitle = “{Computer Games and Software Engineering}”,
publisher = “Chapman and Hall/CRC”,
isbn = “978-1-48-222668-3”,
year = “2015”, chapter = “4”, pages = “91–112”,
url = “https://books.google.com/books?id=Oy6IoAEACAAJ”}

Vroom: Faster Build Processes for Java

@article{7006344,
author={Jonathan Bell and Eric Melski and Mohan Dattatreya and Gail E. Kaiser},
journal={IEEE Software},
title=”{Vroom: Faster Build Processes for Java}”,
year={2015},
volume={32},
number={2},
pages={97-104},
doi={10.1109/MS.2015.32},
ISSN={0740-7459},
month={March/April},
url = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7006344}
}

Metamorphic Runtime Checking of Applications Without Test Oracles

@article{crosstalk,
author = {Jonathan Bell and Christian Murphy and Gail Kaiser},
title = “{Metamorphic Runtime Checking of Applications Without Test Oracles}”,
journal = “{Crosstalk the Journal of Defense Software Engineering}”,
volume = “28”, number = “2”,
pages = “9–13”,
month = “Mar/Apr”, year = “2015”,
url = “http://static1.1.sqspcdn.com/static/f/702523/25999119/1425257561223/201503-Bell.pdf”}

Pebbles: New Data Abstractions for Modern OSes

Presented at OSDI 2014 on October 6, 2014 in Broomfield, CO.

Phosphor: Illuminating Dynamic Data Flow in Commodity JVMs

Presented at OOPSLA 2014 in Portland, OR on October 22, 2014

Phosphor: Illuminating Dynamic Data Flow in Commodity JVMs

BibTeX for this paper:

@inproceedings{Bell:2014:PID:2660193.2660212,
author = {Bell, Jonathan and Kaiser, Gail},
title = "{Phosphor: Illuminating Dynamic Data Flow in Commodity JVMs}",
booktitle = {2014 ACM International Conference on Object Oriented Programming Systems Languages \& Applications},
series = {OOPSLA '14},
year = {2014},
month = {October},
isbn = {978-1-4503-2585-1},
location = {Portland, Oregon, USA},
pages = {83--101},
numpages = {19},
url = {http://doi.acm.org/10.1145/2660193.2660212},
doi = {10.1145/2660193.2660212},
acmid = {2660212},
publisher = {ACM},
address = {New York, NY, USA},
keywords = {dataflow analysis, taint tracking},
}