In the omnipresent model of the stored-program computer, both the instructions and data are held in a single storage structure. Therefore, instructions can be read and written as if they were data. In practice however, instructions rarely change during the execution of the program. As a result, it is often assumed that the instructions are constant. Therefore, many tools and analyses fail in th...

Aspect mining tries to identify crosscutting concerns in existing systems and thus supports the adaption to an aspect-oriented design. This paper describes an automatic static aspect mining approach, where the control flow graphs of a program are investigated for recurring execution patterns based on different constraints, such as the requirement that the patterns have to exist in different cal...

We focus on graph-valued outputs in supervised learning and propose a novel solution to the pre-image problem in the kernel dependency estimation framework. Output structures are generated by a stochastic grammar and the output feature space is directly associated with the set of productions for the grammar. The regression estimation step learns to map input examples into a feature vector that ...

Recently, a new approach for structuring acyclic process models has been introduced. The algorithm is based on a transformation between the Refined Process Structure Tree (RPST) of a control flow graph and the Modular Decomposition Tree (MDT) of ordering relations. In this paper, an extension of the algorithm is presented that allows to partially structure process models in the case when a proc...

This study proposes a malware detection strategy based on control flow graphs. It carries out experiments to evaluates the false-positive ratios of the proposed methods. Moreover, it presents some insight to establish detection methods sound with respect to some obfuscation techniques.

When analyzing programs with parallel imperative constructs (e.g., cobegin/coend), standard computer intermediate representations are inadequate. This paper introduces a new relation called the precedence relation and new data structures called the Pamllel Control Flow Graph and Parallel Precedence Graphs for programs with parallel constructs. We show how to report anomalies in parallel program...

Program equivalence refers to the mapping between equivalent codes written in different languages – including high-level and lowlevel languages. In the present work, we propose a novel approach for correlating program codes of different languages using artificial neural networks and program characteristics derived from control flow graphs and call graphs. Our approach correlates the program cod...

We present a new method for automatic test data generation (ATDG) applying to semantically annotated control-flow graphs (CFGs), covering both ATDG based on source code and assembly or virtual machine code. The method supports a generic set of test coverage criteria, including all structural coverage criteria currently in use in industrial software test for safety critical software. Several kno...

The current work is the closing article of an ongoing series of papers that illustrate a high-performance solution to the tracing of time critical applications with minimal impact on the running system. The idea of the proposed solution is to instrument the application at significant points with event functions, log the events of these functions during execution and reconstruct the complete con...

Control Flow Integrity (CFI) is one of the most promising technique to defend Code-Reuse Attacks (CRAs). Traditional CFI Systems and recent Context-Sensitive CFI use coarse control flow graphs (CFGs) to analyze whether the control flow hijack occurs, left vast space for attackers at indirect call-sites. Coarse CFGs make it difficult to decide which target to execute at indirect control-flow tra...