Browsing by Author "Wei, Shiyi"
Now showing 1 - 6 of 6
Results Per Page
Sort Options
- Identity-sensitive Points-to Analysis for the Dynamic Behavior of JavaScript ObjectsWei, Shiyi; Ryder, Barbara G. (Department of Computer Science, Virginia Polytechnic Institute & State University, 2013-12-13)JavaScript object behavior is dynamic and adheres to prototype-based inheritance. The behavior of a JavaScript object can be changed by adding and removing properties at runtime. Points-to analysis calculates the set of values a reference property or variable may have during execution. We present a novel, partially flow-sensitive, context-sensitive points-to algorithm that accurately models dynamic changes in object behavior. The algorithm represents objects by their creation sites and local property names; it tracks property updates via a new control-flow graph representation. The calling context is comprised of the receiver object, its local properties and prototype chain. We compare the new points-to algorithm with an existing JavaScript points-to algorithm in terms of their respective performance and accuracy on a client application. The experimental results on real JavaScript websites show that the new points-to analysis significantly improves precision, uniquely resolving on average 11% more property lookup statements.
- Information Retrieval System EvaluationWei, Shiyi; Suwardiman, Victoria; Swaminathan, Anand (2012-10-03)The module introduces the evaluation in information retrieval. It focuses on the standard measurement of system effectiveness through relevance judgments.
- Practical Analysis of the Dynamic Characteristics of JavaScriptWei, Shiyi (Virginia Tech, 2015-10-05)JavaScript is a dynamic object-oriented programming language, which is designed with flexible programming mechanisms. JavaScript is widely used in developing sophisticated software systems, especially web applications. Despite of its popularity, there is a lack of software tools that support JavaScript for software engineering clients. Dataflow analysis approximates software behavior by analyzing the program code; it is the foundation for many software tools. However, several unique features of JavaScript render existing dataflow analysis techniques ineffective. Reflective constructs, generating code at runtime, make it difficult to acquire the complete program at compile time. Dynamic typing, resulting in changes in object behavior, poses a challenge for building accurate models of objects. Different functionalities can be observed when a function is variadic; the variance of the function behavior may be caused by the arguments whose values can only be known at runtime. Object constructors may be polymorphic such that objects created by the same constructor may contain different properties. In addition to object-oriented programming, JavaScript supports paradigms of functional and procedural programming; this feature renders dataflow analysis techniques ineffective when a JavaScript application uses multiple paradigms. Dataflow analysis needs to handle these challenges. In this work, we present an analysis framework and several dataflow analyses that can handle dynamic features in JavaScript. The first contribution of our work is the design and instantiation of the JavaScript Blended Analysis Framework (JSBAF). This general-purpose and flexible framework judiciously combines dynamic and static analyses. We have implemented an instance of JSBAF, blended taint analysis, to demonstrate the practicality of the framework. Our second contribution is an novel context-sensitive points-to analysis for JavaScript that accurately models object property changes. This algorithm uses a new program representation that enables partial flow-sensitive analysis, a more accurate object representation, and an expanded points-to graph. We have defined parameterized state sensitivity (i.e., k-state sensitivity) and evaluated the effectiveness of 1-state-sensitive analysis as the static phase of JSBAF. The third contribution of our work is an adaptive context-sensitive analysis that selectively applies context-sensitive analysis on the function level. This two-staged adaptive analysis extracts function characteristics from an inexpensive points-to analysis and uses learning-based heuristics to decide on an appropriate context-sensitive analysis per function. The experimental results show that the adaptive analysis is more precise than any single context-sensitive analysis for several programs in the benchmarks, especially for those multi-paradigm programs.
- A Practical Blended Analysis for Dynamic Features in JavaScriptWei, Shiyi; Ryder, Barbara G. (Department of Computer Science, Virginia Polytechnic Institute & State University, 2012)JavaScript is widely used in Web applications; however, its dynamism renders static analysis ineffective. Our JavaScript Blended Analysis Framework is designed to handle JavaScript dynamic features. It performs a flexible combined static/dynamic analysis. The blended analysis focuses static analysis on a dynamic calling structure collected at runtime in a lightweight manner, and refines the static analysis using dynamic information. The framework is instantiated for points-to analysis with stmt-level MOD analysis and tainted input analysis. Using JavaScript codes from actual webpages as benchmarks, we show that blended points-to analysis for JavaScript obtains good coverage (86.6% on average per website) of the pure static analysis solution and finds additional points-to pairs (7.0% on average per website) contributed by dynamically generated/loaded code. Blended tainted input analysis reports all 6 true positives reported by static analysis, but without false alarms, and finds three additional true positives.
- A Practical Blended Analysis for Dynamic Features in JavaScriptWei, Shiyi; Ryder, Barbara G. (Department of Computer Science, Virginia Polytechnic Institute & State University, 2012-08-01)The JavaScript Blended Analysis Framework is designed to perform a general-purpose, practical combined static/dynamic analysis of JavaScript programs, while handling dynamic features such as run-time generated code and variadic func- tions. The idea of blended analysis is to focus static anal- ysis on a dynamic calling structure collected at runtime in a lightweight manner, and to rene the static analysis us- ing additional dynamic information. We perform blended points-to analysis of JavaScript with our framework and compare results with those computed by a pure static points- to analysis. Using JavaScript codes from actual webpages as benchmarks, we show that optimized blended analysis for JavaScript obtains good coverage (86.6% on average per website) of the pure static analysis solution and nds ad- ditional points-to pairs (7.0% on average per website) con- tributed by dynamically generated/loaded code.
- ProjOpenDSA - OpenDSA Log SupportWei, Shiyi; Suwardiman, Victoria; Swaminathan, Anand (2012-12-11)The OpenDSA project is an online eTextbook project that includes not only literature but other dynamic content to be used in Data Structures and Algorithms courses. OpenDSA contains exercises of various types to go along with the literature in order to provide automated self-assessment for students. What the research team seeks to do is to collect and log data regarding student interactions with these exercises, logging both the students’ performance, such as scores, as well as their interaction with the system, such as timestamps for button clicks. What we did to extend the current OpenDSA project is provide visualizations of the log data in meaningful ways as to be helpful to all users of the system. The OpenDSA Log Support Project, as we have called it, is designed to analyze the log data and provide views for the instructors who teach the course, the students who take the course, as well as for the developers who designed and are continually working on improving the system. Taking the various forms of log data collected from the students in the DSA course of the Fall 2012 semester, we developed three views: the teacher view, student view, and developer view. Each view displays information that is most useful to its user; for example, a comprehensive table of all students, their scores, and their status in each exercise is the most important data that a teacher will be interested in seeing. We developed our views using the Django web framework that the OpenDSA research team is currently using, pulling our data from the database that all of the data gets logged to. Using this data, we then created online views accessible to those with accounts, namely the instructor, students, and developers. Some challenges we ran into include the display of and performance of displaying the data in our views. This came up because of the amount of data logged, proving difficult to find efficient and readable ways to analyze and display the data. Though some solutions have been found, because this project is ongoing, future work include optimizing each view, improving the display of each view, as well as adding additional views for each user.