S. S. Gaissaryan's research while affiliated with Moscow Institute of Physics and Technology and other places

Publications (15)

Article
Full-text available
A novel method for detecting use-after-free bugs based on the program dynamic analysis is described. In memory unsafe programming languages, such as C or C++, this class of bugs mainly occurs when the program tries to access an area of dynamically allocated memory that has been already freed. For each program execution path, the method checks the c...
Article
Full-text available
The article describes new method of use after free bug detection using program dynamic analysis. In memory-unsafe programming languages such as C/C++ this class of bugs mainly accurse when program tries to access specific area of dynamically allocated memory that has been already freed. This method is based on combination of two basic components. T...
Article
Software vulnerabilities are a serious security threat. It is important to develop protection mechanisms preventing their exploitation, especially with a rapid increase of ROP attacks. State of the art protection mechanisms have some drawbacks that can be used by attackers. In this paper, we propose fine-grained address space layout randomization o...
Article
Full-text available
Approaches for code execution using program vulnerabilities are considered in this paper. Particularly, ways of code execution using buffer overflow on stack and on heap, using use-after-free vulnerabilities and format string vulnerabilities are examined in section 2. Methods for automatic generation input data, leading to code execution are descri...
Article
Full-text available
Program vulnerabilities are a serious security threat. It is important to develop defenses preventing their exploitation, especially with a rapid increase of ROP attacks. State of the art defenses have some drawbacks that can be used by attackers. In this paper we propose fine-grained address space layout randomization on program load that is able...
Article
Software vulnerabilities are a serious threat for security of information systems. Any software written in C/C++ contain considerable amount of vulnerabilities. Some of them can be used by attackers to seize control of the system. In this paper, for counteracting such vulnerabilities, we propose to use compiler transformations: function reordering...
Article
Full-text available
The paper describes two-stage compilation approach for C/C++ languages that allows deploying application in the LLVM intermediate representation. The LLVM modifications for optimizing code generation time are presented as well as the developed profile-based optimizations. The specialized application cloud storage architecture is also suggested.
Article
Full-text available
Software vulnerabilities are critical for security. All C/C++ programs contain significant amount of vulnerabilities. Some of them can be successfully exploitable by attacker to gain control of the execution flow. In this article we propose several compiler protection techniques against vulnerability exploitation: function reordering, insertion of...
Article
Full-text available
Obfuscation algorithms are now widely used to prevent software reverse engineering. Binary code virtualization is one of the most powerful obfuscations technics. Another obfuscation method known as “dispatching” can be used to transform application control flow similarly to virtual machine insertion. Our research was aimed at reconstruction of cont...
Article
The implementation of the ParJava development environment is considered that enables one to develop parallel applications in the modern programming language Java within the industrial standard MPI. The internal representation of the SPMD program model is described, which is constructed so as to place as much of the interpretation work of a parallel...
Conference Paper
The goal of the paper is development of a scalable parallel program calculating the numerical solution of the system of equations modeling the processes and origin conditions of intensive atmospheric vortices (IAV) in 3D compressible atmosphere according to the theory of mesovortice turbulence by Nikolaevskiy. Original system of non-linear equatio...
Conference Paper
Full-text available
We consider parallel task scheduling problems for hierarchical decentralized systems that consist of homogeneous computational resources such as clusters, PCs and supercomputers, and are geographically dispersed. We concentrate on two-level hierarchy scheduling: at the first level, the broker allocates computational tasks to the resource. At the se...
Conference Paper
We develop the system software for high-performance clusters and build such clusters using our original methodology. Design study is performed on basis of the analytical models of the cluster (a modification of the well-known LogGP model) and test benchmark being used. In present paper different communication environments being used in high perform...
Article
Full-text available
This paper is devoted to presentation of ParJava environment being developed in ISP RAS. It provides to application programmer a set of tools supporting design of parallel programs for high performance clusters using Java extended by a standard MPI library. ParJava allows to make the most part of development using instrumental computer. It is possi...

Citations

... Program dependence graph's vertices are REIL instructions, edges are data and control dependencies between instructions. We use them to find code clones in binaries [20] [21], compare two versions of bin-aries [22] and analyze their changes [23]. ...
... There are several mechanisms that protect against codereuse attacks: address space layout randomization (ASLR) and its fine-grained version [31], stack canaries, and control-flow integrity techniques. Despite that, code-reuse attacks can be extended to bypass some of them. ...
... Their application in combination with system protection means, such as address space layout randomization (ASLR) and data execution prevention (DEP), significantly complicate the exploitation of vulnerabilities. Diversification of the program code can provide additional protection [27]. ...
... Применяемые на практике методы распараллеливания кода в различных языках программирования предоставляют такой эффект, как уменьшение времени работы программы, но являются достаточно трудозатратными для программиста. В языке программирования C# к проекту может быть подключена библиотека Threading [1], в языке Java -библиотека Thread [2], в языке Python -библиотека Thread [3], используя которую, на программиста возлагаются задачи по синхронизации, уничтожению и созданию потоков [4]. В процессе создания программ также требуется решить проблемы тупиков, которые могут сложиться из-за неправильного распараллеливания вычислительных процессов. ...
... Along with Cosserat brothers [4], the turbulent theories dealing with this asymmetry were developed by Nikolaevskiy [5][6], Mattioli [7], Ferrari [8], Heinloo [9], Eringen and Chang [10], though probably only Nikolaevskiy and Heinloo (with their co-authors) have applied their theories to geophysical phenomena. First attempt of using asymmetrical turbulent stress tensors in the problem of tornado (and hurricane) bulk modeling was made by Arsenyev, Gubar, Nikolaevskiy [11] (2004) and developed in [12][13][14][15][16]. In this paper we apply the results of 3D tornado speculations in the mirror asymmetry turbulent model to first show in detail how a tornado suction spots [17][18][19][20][21][22][23] --smaller whirls rotating around the main one in the tornado "eyewall" -can be formed while it rising. ...
... The feature of such schemes is that each local domain can use its own resource broker policy. On the other hand, the job cannot be moved or reallocated to another resource at different domains, even when a better resource is found [37, 146]. ...