3
More Annotations
6
2
Favourite Annotations
2
2
Text
BINAERVARIANZ.DE
The idea of this field of research lies in the notion, that problems of security investments can often be much better described by economic theories and models. Security problems are almost as often caused by wrong incentives as by bad design. This seminar paper (in German only) aims to provide an overview of the different topics and theBINAERVARIANZ.DE
j-Algo is an algorithm visualisation tool. It helps students to understand classical algorithms by illustrating them in different ways: graphical (animated), formal, and descriptive. j-Algo can be useful to everyone interested in algorithms, in particular to students of computer science and university lecturers that want to beef uptheir readings.
DEEP LEARNING TO FIND BUGS Deep Learning to Find Bugs Michael Pradel and Koushik Sen Technical Report TUD-CS-2017-0295 TU Darmstadt, Department of Computer ScienceNovember, 2017
MKORN.BINAERVARIANZ.DE Welcome! THIS IS A HISTORICAL WEBSITE, FOR ARCHIVAL PURPOSES ONLY. During my academic career, I was a postdoc in the group on Computer Supported Cooperative Work and Social Media at the University of Siegen, in the Philanthropic Informatics Lab of Amy Voida at the School of Informatics and Computing at Indiana University, Indianapolis (IUPUI), and in the interdisciplinary PERFORMANCE PROBLEMS YOU CAN FIX: A DYNAMIC ANALYSIS OF bly repeating the same computation many times. An easy method gets called frequently in a typical workload, possi- way to optimize themethod is
MONKEY SEE, MONKEY DO: EFFECTIVE GENERATION OF GUI TESTS of using the program. Third, the approach automatically generates tests, i.e., sequences of UI events, through a com-bination of random testing and applying the inferred macro WS2812B RGB-LED CONTROLLED WITH AN MSP430 Mar 2: WS2812b RGB-LED controlled with an MSP430 - Part1. So, I couldn't hold myself and bought a bunch of WS2812b LEDs. These are really cheap RGB leds with an integrated controller/driver IC. They use a one-wire protocol to set the desired color and can be daisy-chained. The protocol is quite easy and is well described in thedata-sheet.
AUTOMATIC GENERATION OF OBJECT USAGE SPECIFICATIONS FROM for each method call and return: unique object identifier and dynamic type of caller and callee, name and parameter types of the called method, and the source code location of the PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Most Prevalent Root Causes 52% of all issues are caused by inefficient API usage 11 LEARNING TO FUZZ: APPLICATION-INDEPENDENT FUZZ TESTING Learning to Fuzz: Application-Independent Fuzz Testing with Probabilistic, Generative Models of Input Data Jibesh Patra, Michael Pradel Technical Report TUD-CS-2016-14664BINAERVARIANZ.DE
The idea of this field of research lies in the notion, that problems of security investments can often be much better described by economic theories and models. Security problems are almost as often caused by wrong incentives as by bad design. This seminar paper (in German only) aims to provide an overview of the different topics and theBINAERVARIANZ.DE
j-Algo is an algorithm visualisation tool. It helps students to understand classical algorithms by illustrating them in different ways: graphical (animated), formal, and descriptive. j-Algo can be useful to everyone interested in algorithms, in particular to students of computer science and university lecturers that want to beef uptheir readings.
DEEP LEARNING TO FIND BUGS Deep Learning to Find Bugs Michael Pradel and Koushik Sen Technical Report TUD-CS-2017-0295 TU Darmstadt, Department of Computer ScienceNovember, 2017
MKORN.BINAERVARIANZ.DE Welcome! THIS IS A HISTORICAL WEBSITE, FOR ARCHIVAL PURPOSES ONLY. During my academic career, I was a postdoc in the group on Computer Supported Cooperative Work and Social Media at the University of Siegen, in the Philanthropic Informatics Lab of Amy Voida at the School of Informatics and Computing at Indiana University, Indianapolis (IUPUI), and in the interdisciplinary PERFORMANCE PROBLEMS YOU CAN FIX: A DYNAMIC ANALYSIS OF bly repeating the same computation many times. An easy method gets called frequently in a typical workload, possi- way to optimize themethod is
MONKEY SEE, MONKEY DO: EFFECTIVE GENERATION OF GUI TESTS of using the program. Third, the approach automatically generates tests, i.e., sequences of UI events, through a com-bination of random testing and applying the inferred macro WS2812B RGB-LED CONTROLLED WITH AN MSP430 Mar 2: WS2812b RGB-LED controlled with an MSP430 - Part1. So, I couldn't hold myself and bought a bunch of WS2812b LEDs. These are really cheap RGB leds with an integrated controller/driver IC. They use a one-wire protocol to set the desired color and can be daisy-chained. The protocol is quite easy and is well described in thedata-sheet.
AUTOMATIC GENERATION OF OBJECT USAGE SPECIFICATIONS FROM for each method call and return: unique object identifier and dynamic type of caller and callee, name and parameter types of the called method, and the source code location of the PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Most Prevalent Root Causes 52% of all issues are caused by inefficient API usage 11 LEARNING TO FUZZ: APPLICATION-INDEPENDENT FUZZ TESTING Learning to Fuzz: Application-Independent Fuzz Testing with Probabilistic, Generative Models of Input Data Jibesh Patra, Michael Pradel Technical Report TUD-CS-2016-14664BINAERVARIANZ.DE
Programming. CGI-Shell - simulates a shell using CGI by Michael Pradel CocoaRay - CocoaRay by Stefan Aschenbach GTDriver - a Prism GT driver for MacOS X by Michael Rossberg Insomnia - prevents Apple Notebooks from sleeping by Michael Rossberg iTrustGPG - find trust paths in the web of trust by Michael RossbergBINAERVARIANZ.DE
Usage. Download Insomnia and decompress it. Open your terminal and goto the Insomnia folder. set Permissions correctly. sudo chown -R root:wheel Insomnia.kext. load Insomnia with. sudo kextload Insomnia.kext. do whatever you have to do. DLINT: DYNAMICALLY CHECKING BAD CODING PRACTICES IN JAVASCRIPT DLint: Dynamically Checking Bad Coding Practices in JavaScript Liang Gong1, Michael Pradel2, Manu Sridharan3, and Koushik Sen1 1 EECS Department, University of California, Berkeley, USA 2 Department of Computer Science, TU Darmstadt, Germany, 3 Samsung Research America, USA 1 {gongliang13, ksen}@cs.berkeley.edu 2 michael@binaervarianz.de, 3 m.sridharan@samsung.com PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Performance Issues and Optimizations in JavaScript: An Empirical Study Marija Selakovic Department of Computer Science TU Darmstadt, Germany m.selakovic89@gmail.com DR. MATTHIAS KORN'S HOMEPAGE Welcome! THIS IS A HISTORICAL WEBSITE, FOR ARCHIVAL PURPOSES ONLY. During my academic career, I was a postdoc in the group on Computer Supported Cooperative Work and Social Media at the University of Siegen, in the Philanthropic Informatics Lab of Amy Voida at the School of Informatics and Computing at Indiana University, Indianapolis (IUPUI), and in the interdisciplinary AN ACTIONABLE PERFORMANCE PROFILER FOR OPTIMIZING THE An Actionable Performance Profiler for Optimizing the Order of Evaluations ISSTA’17, July 2017, Santa Barbara, CA, USA 2.1 Terminology Real-world programs compute various boolean values, e.g.,to make
NAME-BASED ANALYSIS OF EQUALLY TYPED METHOD ARGUMENTS 1 Name-based Analysis of Equally Typed Method Arguments Michael Pradel, Member, IEEE, Thomas R. Gross, Member, IEEE, Abstract—When calling a method that requires multiple arguments, programmers must pass the arguments in the expected order.For statically typed languages, the compiler helps programmers by checking that the type of each argument matches the type of the formal 00 A SURVEY OF DYNAMIC ANALYSIS AND TEST GENERATION FOR 00 A Survey of Dynamic Analysis and Test Generation for JavaScript ESBEN ANDREASEN, Aarhus University LIANG GONG, University of California, Berkeley ANDERS MØLLER, Aarhus University MICHAEL PRADEL, TU Darmstadt MARIJA SELAKOVIC, TU Darmstadt KOUSHIK SEN, University of California, Berkeley CRISTIAN-ALEXANDRU STAICU, TU Darmstadt JavaScript has become one of the most HACKING AS TRANSGRESSIVE INFRASTRUCTURING Hacking as Transgressive Infrastructuring: Mobile Phone Networks and the German Chaos Computer Club Susann Wagenknecht Matthias KornDepartment of
LEVERAGING TEST GENERATION AND SPECIFICATION MINING FOR program. Some tests fail, because they result in an uncaught exception, while other tests pass. Second, we analyze exe-cutions of passing tests with a protocol miner, giving likelyBINAERVARIANZ.DE
The idea of this field of research lies in the notion, that problems of security investments can often be much better described by economic theories and models. Security problems are almost as often caused by wrong incentives as by bad design. This seminar paper (in German only) aims to provide an overview of the different topics and theBINAERVARIANZ.DE
j-Algo is an algorithm visualisation tool. It helps students to understand classical algorithms by illustrating them in different ways: graphical (animated), formal, and descriptive. j-Algo can be useful to everyone interested in algorithms, in particular to students of computer science and university lecturers that want to beef uptheir readings.
DEEP LEARNING TO FIND BUGS Deep Learning to Find Bugs Michael Pradel and Koushik Sen Technical Report TUD-CS-2017-0295 TU Darmstadt, Department of Computer ScienceNovember, 2017
MKORN.BINAERVARIANZ.DE Welcome! THIS IS A HISTORICAL WEBSITE, FOR ARCHIVAL PURPOSES ONLY. During my academic career, I was a postdoc in the group on Computer Supported Cooperative Work and Social Media at the University of Siegen, in the Philanthropic Informatics Lab of Amy Voida at the School of Informatics and Computing at Indiana University, Indianapolis (IUPUI), and in the interdisciplinary PERFORMANCE PROBLEMS YOU CAN FIX: A DYNAMIC ANALYSIS OF bly repeating the same computation many times. An easy method gets called frequently in a typical workload, possi- way to optimize themethod is
WS2812B RGB-LED CONTROLLED WITH AN MSP430 Mar 2: WS2812b RGB-LED controlled with an MSP430 - Part1. So, I couldn't hold myself and bought a bunch of WS2812b LEDs. These are really cheap RGB leds with an integrated controller/driver IC. They use a one-wire protocol to set the desired color and can be daisy-chained. The protocol is quite easy and is well described in thedata-sheet.
PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Performance Issues and Optimizations in JavaScript: An Empirical Study Marija Selakovic Department of Computer Science TU Darmstadt, Germany m.selakovic89@gmail.com AUTOMATIC GENERATION OF OBJECT USAGE SPECIFICATIONS FROM for each method call and return: unique object identifier and dynamic type of caller and callee, name and parameter types of the called method, and the source code location of the DLINT: DYNAMICALLY CHECKING BAD CODING PRACTICES IN JAVASCRIPT DLint: Dynamically Checking Bad Coding Practices in JavaScript Liang Gong1, Michael Pradel2, Manu Sridharan3, and Koushik Sen1 1 EECS Department, University of California, Berkeley, USA 2 Department of Computer Science, TU Darmstadt, Germany, 3 Samsung Research America, USA 1 {gongliang13, ksen}@cs.berkeley.edu 2 michael@binaervarianz.de, 3 m.sridharan@samsung.com HACKING AS TRANSGRESSIVE INFRASTRUCTURING Hacking as Transgressive Infrastructuring: Mobile Phone Networks and the German Chaos Computer Club Susann Wagenknecht Matthias KornDepartment of
BINAERVARIANZ.DE
The idea of this field of research lies in the notion, that problems of security investments can often be much better described by economic theories and models. Security problems are almost as often caused by wrong incentives as by bad design. This seminar paper (in German only) aims to provide an overview of the different topics and theBINAERVARIANZ.DE
j-Algo is an algorithm visualisation tool. It helps students to understand classical algorithms by illustrating them in different ways: graphical (animated), formal, and descriptive. j-Algo can be useful to everyone interested in algorithms, in particular to students of computer science and university lecturers that want to beef uptheir readings.
DEEP LEARNING TO FIND BUGS Deep Learning to Find Bugs Michael Pradel and Koushik Sen Technical Report TUD-CS-2017-0295 TU Darmstadt, Department of Computer ScienceNovember, 2017
MKORN.BINAERVARIANZ.DE Welcome! THIS IS A HISTORICAL WEBSITE, FOR ARCHIVAL PURPOSES ONLY. During my academic career, I was a postdoc in the group on Computer Supported Cooperative Work and Social Media at the University of Siegen, in the Philanthropic Informatics Lab of Amy Voida at the School of Informatics and Computing at Indiana University, Indianapolis (IUPUI), and in the interdisciplinary PERFORMANCE PROBLEMS YOU CAN FIX: A DYNAMIC ANALYSIS OF bly repeating the same computation many times. An easy method gets called frequently in a typical workload, possi- way to optimize themethod is
WS2812B RGB-LED CONTROLLED WITH AN MSP430 Mar 2: WS2812b RGB-LED controlled with an MSP430 - Part1. So, I couldn't hold myself and bought a bunch of WS2812b LEDs. These are really cheap RGB leds with an integrated controller/driver IC. They use a one-wire protocol to set the desired color and can be daisy-chained. The protocol is quite easy and is well described in thedata-sheet.
PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Performance Issues and Optimizations in JavaScript: An Empirical Study Marija Selakovic Department of Computer Science TU Darmstadt, Germany m.selakovic89@gmail.com AUTOMATIC GENERATION OF OBJECT USAGE SPECIFICATIONS FROM for each method call and return: unique object identifier and dynamic type of caller and callee, name and parameter types of the called method, and the source code location of the DLINT: DYNAMICALLY CHECKING BAD CODING PRACTICES IN JAVASCRIPT DLint: Dynamically Checking Bad Coding Practices in JavaScript Liang Gong1, Michael Pradel2, Manu Sridharan3, and Koushik Sen1 1 EECS Department, University of California, Berkeley, USA 2 Department of Computer Science, TU Darmstadt, Germany, 3 Samsung Research America, USA 1 {gongliang13, ksen}@cs.berkeley.edu 2 michael@binaervarianz.de, 3 m.sridharan@samsung.com HACKING AS TRANSGRESSIVE INFRASTRUCTURING Hacking as Transgressive Infrastructuring: Mobile Phone Networks and the German Chaos Computer Club Susann Wagenknecht Matthias KornDepartment of
DLINT: DYNAMICALLY CHECKING BAD CODING PRACTICES IN JAVASCRIPT DLint: Dynamically Checking Bad Coding Practices in JavaScript Liang Gong1, Michael Pradel2, Manu Sridharan3, and Koushik Sen1 1 EECS Department, University of California, Berkeley, USA 2 Department of Computer Science, TU Darmstadt, Germany, 3 Samsung Research America, USA 1 {gongliang13, ksen}@cs.berkeley.edu 2 michael@binaervarianz.de, 3 m.sridharan@samsung.com SYNODE: UNDERSTANDING AND AUTOMATICALLY PREVENTING Synode: Understanding and Automatically Preventing Injection Attacks on Node.js Cristian-Alexandru Staicu TU Darmstadt cris.staicu@gmail.com Michael Pradel MICHAEL PRADEL'S HOMEPAGE The Software Lab has opened in autumn 2014 and is lead by Dr. Michael Pradel, who has joined TU Darmstadt from University of California, Berkeley. Working in a newly created lab will give applicants the unique chance to work in and shape a young and dynamic research group. The lab is embedded into an excellent environment for research on MAKING MALORY BEHAVE MALICIOUSLY: TARGETED FUZZING OF Making Malory Behave Maliciously: Targeted Fuzzing of Android Execution Environments Siegfried Rasthofer, Steven Arzt Fraunhofer SITand TU Darmstadt
AN ACTIONABLE PERFORMANCE PROFILER FOR OPTIMIZING THE An Actionable Performance Profiler for Optimizing the Order of Evaluations ISSTA’17, July 2017, Santa Barbara, CA, USA 2.1 Terminology Real-world programs compute various boolean values, e.g.,to make
PINPOINTING AND REPAIRING PERFORMANCE BOTTLENECKS IN Empir Software Eng 1 Introduction Developing concurrent programs that are both correct and efficient is a challenge. On the one hand, a program must carefully synchronize concurrent accesses to shared datato
FULLY AUTOMATIC AND PRECISE DETECTION OF THREAD SAFETY Fully Automatic and Precise Detection of Thread Safety Violations Michael Pradel Department of Computer Science ETH Zurich Thomas R. Gross Department of Computer Science TYPEDEVIL: DYNAMIC TYPE INCONSISTENCY ANALYSIS FOR JAVASCRIPT TypeDevil: Dynamic Type Inconsistency Analysis for JavaScript Michael Pradelx, Parker Schuh , and Koushik Sen EECS Department, University of California, Berkeley xDepartment of Computer Science, TU Darmstadt Abstract—Dynamic languages, such as JavaScript, give pro- PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Most Prevalent Root Causes 52% of all issues are caused by inefficient API usage 11 EFFICIENT DETECTION OF THREAD SAFETY VIOLATIONS VIA Efficient Detection of Thread Safety Violations via Coverage-Guided Generation of Concurrent Tests Ankit Choudhary Department of ComputerScience
BINAERVARIANZ.DE
The idea of this field of research lies in the notion, that problems of security investments can often be much better described by economic theories and models. Security problems are almost as often caused by wrong incentives as by bad design. This seminar paper (in German only) aims to provide an overview of the different topics and theBINAERVARIANZ.DE
j-Algo is an algorithm visualisation tool. It helps students to understand classical algorithms by illustrating them in different ways: graphical (animated), formal, and descriptive. j-Algo can be useful to everyone interested in algorithms, in particular to students of computer science and university lecturers that want to beef uptheir readings.
DEEP LEARNING TO FIND BUGS Deep Learning to Find Bugs Michael Pradel and Koushik Sen Technical Report TUD-CS-2017-0295 TU Darmstadt, Department of Computer ScienceNovember, 2017
MKORN.BINAERVARIANZ.DE Welcome! THIS IS A HISTORICAL WEBSITE, FOR ARCHIVAL PURPOSES ONLY. During my academic career, I was a postdoc in the group on Computer Supported Cooperative Work and Social Media at the University of Siegen, in the Philanthropic Informatics Lab of Amy Voida at the School of Informatics and Computing at Indiana University, Indianapolis (IUPUI), and in the interdisciplinary PERFORMANCE PROBLEMS YOU CAN FIX: A DYNAMIC ANALYSIS OF bly repeating the same computation many times. An easy method gets called frequently in a typical workload, possi- way to optimize themethod is
WS2812B RGB-LED CONTROLLED WITH AN MSP430 Mar 2: WS2812b RGB-LED controlled with an MSP430 - Part1. So, I couldn't hold myself and bought a bunch of WS2812b LEDs. These are really cheap RGB leds with an integrated controller/driver IC. They use a one-wire protocol to set the desired color and can be daisy-chained. The protocol is quite easy and is well described in thedata-sheet.
FREEZING THE WEB: A STUDY OF REDOS VULNERABILITIES IN Freezing the Web: A Study of ReDoS Vulnerabilities in JavaScript-based Web Servers Abstract—Regular expression denial of service (ReDoS) isa
AUTOMATIC GENERATION OF OBJECT USAGE SPECIFICATIONS FROM for each method call and return: unique object identifier and dynamic type of caller and callee, name and parameter types of the called method, and the source code location of the PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Most Prevalent Root Causes 52% of all issues are caused by inefficient API usage 11 HACKING AS TRANSGRESSIVE INFRASTRUCTURING Hacking as Transgressive Infrastructuring: Mobile Phone Networks and the German Chaos Computer Club Susann Wagenknecht Matthias KornDepartment of
BINAERVARIANZ.DE
The idea of this field of research lies in the notion, that problems of security investments can often be much better described by economic theories and models. Security problems are almost as often caused by wrong incentives as by bad design. This seminar paper (in German only) aims to provide an overview of the different topics and theBINAERVARIANZ.DE
j-Algo is an algorithm visualisation tool. It helps students to understand classical algorithms by illustrating them in different ways: graphical (animated), formal, and descriptive. j-Algo can be useful to everyone interested in algorithms, in particular to students of computer science and university lecturers that want to beef uptheir readings.
DEEP LEARNING TO FIND BUGS Deep Learning to Find Bugs Michael Pradel and Koushik Sen Technical Report TUD-CS-2017-0295 TU Darmstadt, Department of Computer ScienceNovember, 2017
MKORN.BINAERVARIANZ.DE Welcome! THIS IS A HISTORICAL WEBSITE, FOR ARCHIVAL PURPOSES ONLY. During my academic career, I was a postdoc in the group on Computer Supported Cooperative Work and Social Media at the University of Siegen, in the Philanthropic Informatics Lab of Amy Voida at the School of Informatics and Computing at Indiana University, Indianapolis (IUPUI), and in the interdisciplinary PERFORMANCE PROBLEMS YOU CAN FIX: A DYNAMIC ANALYSIS OF bly repeating the same computation many times. An easy method gets called frequently in a typical workload, possi- way to optimize themethod is
WS2812B RGB-LED CONTROLLED WITH AN MSP430 Mar 2: WS2812b RGB-LED controlled with an MSP430 - Part1. So, I couldn't hold myself and bought a bunch of WS2812b LEDs. These are really cheap RGB leds with an integrated controller/driver IC. They use a one-wire protocol to set the desired color and can be daisy-chained. The protocol is quite easy and is well described in thedata-sheet.
FREEZING THE WEB: A STUDY OF REDOS VULNERABILITIES IN Freezing the Web: A Study of ReDoS Vulnerabilities in JavaScript-based Web Servers Abstract—Regular expression denial of service (ReDoS) isa
AUTOMATIC GENERATION OF OBJECT USAGE SPECIFICATIONS FROM for each method call and return: unique object identifier and dynamic type of caller and callee, name and parameter types of the called method, and the source code location of the PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Most Prevalent Root Causes 52% of all issues are caused by inefficient API usage 11 HACKING AS TRANSGRESSIVE INFRASTRUCTURING Hacking as Transgressive Infrastructuring: Mobile Phone Networks and the German Chaos Computer Club Susann Wagenknecht Matthias KornDepartment of
MAKING MALORY BEHAVE MALICIOUSLY: TARGETED FUZZING OF Making Malory Behave Maliciously: Targeted Fuzzing of Android Execution Environments Siegfried Rasthofer, Steven Arzt Fraunhofer SITand TU Darmstadt
DLINT: DYNAMICALLY CHECKING BAD CODING PRACTICES IN JAVASCRIPT DLint: Dynamically Checking Bad Coding Practices in JavaScript Liang Gong1, Michael Pradel2, Manu Sridharan3, and Koushik Sen1 1 EECS Department, University of California, Berkeley, USA 2 Department of Computer Science, TU Darmstadt, Germany, 3 Samsung Research America, USA 1 {gongliang13, ksen}@cs.berkeley.edu 2 michael@binaervarianz.de, 3 m.sridharan@samsung.com MICHAEL PRADEL'S HOMEPAGE The Software Lab has opened in autumn 2014 and is lead by Dr. Michael Pradel, who has joined TU Darmstadt from University of California, Berkeley. Working in a newly created lab will give applicants the unique chance to work in and shape a young and dynamic research group. The lab is embedded into an excellent environment for research on PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Most Prevalent Root Causes 52% of all issues are caused by inefficient API usage 11 AN ACTIONABLE PERFORMANCE PROFILER FOR OPTIMIZING THE An Actionable Performance Profiler for Optimizing the Order of Evaluations ISSTA’17, July 2017, Santa Barbara, CA, USA 2.1 Terminology Real-world programs compute various boolean values, e.g.,to make
PINPOINTING AND REPAIRING PERFORMANCE BOTTLENECKS IN Empir Software Eng 1 Introduction Developing concurrent programs that are both correct and efficient is a challenge. On the one hand, a program must carefully synchronize concurrent accesses to shared datato
SYNODE: UNDERSTANDING AND AUTOMATICALLY PREVENTING Synode: Understanding and Automatically Preventing Injection Attacks on Node.js Cristian-Alexandru Staicu TU Darmstadt cris.staicu@gmail.com Michael Pradel FULLY AUTOMATIC AND PRECISE DETECTION OF THREAD SAFETY Fully Automatic and Precise Detection of Thread Safety Violations Michael Pradel Department of Computer Science ETH Zurich Thomas R. Gross Department of Computer Science TYPEDEVIL: DYNAMIC TYPE INCONSISTENCY ANALYSIS FOR JAVASCRIPT TypeDevil: Dynamic Type Inconsistency Analysis for JavaScript Michael Pradelx, Parker Schuh , and Koushik Sen EECS Department, University of California, Berkeley xDepartment of Computer Science, TU Darmstadt Abstract—Dynamic languages, such as JavaScript, give pro- PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Performance Issues and Optimizations in JavaScript: An Empirical Study Marija Selakovic Department of Computer Science TU Darmstadt, Germany m.selakovic89@gmail.comBINAERVARIANZ.DE
The idea of this field of research lies in the notion, that problems of security investments can often be much better described by economic theories and models. Security problems are almost as often caused by wrong incentives as by bad design. This seminar paper (in German only) aims to provide an overview of the different topics and theBINAERVARIANZ.DE
j-Algo is an algorithm visualisation tool. It helps students to understand classical algorithms by illustrating them in different ways: graphical (animated), formal, and descriptive. j-Algo can be useful to everyone interested in algorithms, in particular to students of computer science and university lecturers that want to beef uptheir readings.
DEEP LEARNING TO FIND BUGS Deep Learning to Find Bugs Michael Pradel and Koushik Sen Technical Report TUD-CS-2017-0295 TU Darmstadt, Department of Computer ScienceNovember, 2017
AUTOMATIC GENERATION OF OBJECT USAGE SPECIFICATIONS FROM for each method call and return: unique object identifier and dynamic type of caller and callee, name and parameter types of the called method, and the source code location of the PERFORMANCE PROBLEMS YOU CAN FIX: A DYNAMIC ANALYSIS OF bly repeating the same computation many times. An easy method gets called frequently in a typical workload, possi- way to optimize themethod is
FREEZING THE WEB: A STUDY OF REDOS VULNERABILITIES IN Freezing the Web: A Study of ReDoS Vulnerabilities in JavaScript-based Web Servers Abstract—Regular expression denial of service (ReDoS) isa
WS2812B RGB-LED CONTROLLED WITH AN MSP430 Mar 2: WS2812b RGB-LED controlled with an MSP430 - Part1. So, I couldn't hold myself and bought a bunch of WS2812b LEDs. These are really cheap RGB leds with an integrated controller/driver IC. They use a one-wire protocol to set the desired color and can be daisy-chained. The protocol is quite easy and is well described in thedata-sheet.
DLINT: DYNAMICALLY CHECKING BAD CODING PRACTICES IN JAVASCRIPT DLint: Dynamically Checking Bad Coding Practices in JavaScript Liang Gong1, Michael Pradel2, Manu Sridharan3, and Koushik Sen1 1 EECS Department, University of California, Berkeley, USA 2 Department of Computer Science, TU Darmstadt, Germany, 3 Samsung Research America, USA 1 {gongliang13, ksen}@cs.berkeley.edu 2 michael@binaervarianz.de, 3 m.sridharan@samsung.com PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Most Prevalent Root Causes 52% of all issues are caused by inefficient API usage 11 HACKING AS TRANSGRESSIVE INFRASTRUCTURING Hacking as Transgressive Infrastructuring: Mobile Phone Networks and the German Chaos Computer Club Susann Wagenknecht Matthias KornDepartment of
BINAERVARIANZ.DE
The idea of this field of research lies in the notion, that problems of security investments can often be much better described by economic theories and models. Security problems are almost as often caused by wrong incentives as by bad design. This seminar paper (in German only) aims to provide an overview of the different topics and theBINAERVARIANZ.DE
j-Algo is an algorithm visualisation tool. It helps students to understand classical algorithms by illustrating them in different ways: graphical (animated), formal, and descriptive. j-Algo can be useful to everyone interested in algorithms, in particular to students of computer science and university lecturers that want to beef uptheir readings.
DEEP LEARNING TO FIND BUGS Deep Learning to Find Bugs Michael Pradel and Koushik Sen Technical Report TUD-CS-2017-0295 TU Darmstadt, Department of Computer ScienceNovember, 2017
AUTOMATIC GENERATION OF OBJECT USAGE SPECIFICATIONS FROM for each method call and return: unique object identifier and dynamic type of caller and callee, name and parameter types of the called method, and the source code location of the PERFORMANCE PROBLEMS YOU CAN FIX: A DYNAMIC ANALYSIS OF bly repeating the same computation many times. An easy method gets called frequently in a typical workload, possi- way to optimize themethod is
FREEZING THE WEB: A STUDY OF REDOS VULNERABILITIES IN Freezing the Web: A Study of ReDoS Vulnerabilities in JavaScript-based Web Servers Abstract—Regular expression denial of service (ReDoS) isa
WS2812B RGB-LED CONTROLLED WITH AN MSP430 Mar 2: WS2812b RGB-LED controlled with an MSP430 - Part1. So, I couldn't hold myself and bought a bunch of WS2812b LEDs. These are really cheap RGB leds with an integrated controller/driver IC. They use a one-wire protocol to set the desired color and can be daisy-chained. The protocol is quite easy and is well described in thedata-sheet.
DLINT: DYNAMICALLY CHECKING BAD CODING PRACTICES IN JAVASCRIPT DLint: Dynamically Checking Bad Coding Practices in JavaScript Liang Gong1, Michael Pradel2, Manu Sridharan3, and Koushik Sen1 1 EECS Department, University of California, Berkeley, USA 2 Department of Computer Science, TU Darmstadt, Germany, 3 Samsung Research America, USA 1 {gongliang13, ksen}@cs.berkeley.edu 2 michael@binaervarianz.de, 3 m.sridharan@samsung.com PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Most Prevalent Root Causes 52% of all issues are caused by inefficient API usage 11 HACKING AS TRANSGRESSIVE INFRASTRUCTURING Hacking as Transgressive Infrastructuring: Mobile Phone Networks and the German Chaos Computer Club Susann Wagenknecht Matthias KornDepartment of
MKORN.BINAERVARIANZ.DE Welcome! THIS IS A HISTORICAL WEBSITE, FOR ARCHIVAL PURPOSES ONLY. During my academic career, I was a postdoc in the group on Computer Supported Cooperative Work and Social Media at the University of Siegen, in the Philanthropic Informatics Lab of Amy Voida at the School of Informatics and Computing at Indiana University, Indianapolis (IUPUI), and in the interdisciplinary MAKING MALORY BEHAVE MALICIOUSLY: TARGETED FUZZING OF Making Malory Behave Maliciously: Targeted Fuzzing of Android Execution Environments Siegfried Rasthofer, Steven Arzt Fraunhofer SITand TU Darmstadt
MICHAEL PRADEL'S HOMEPAGE The Software Lab has opened in autumn 2014 and is lead by Dr. Michael Pradel, who has joined TU Darmstadt from University of California, Berkeley. Working in a newly created lab will give applicants the unique chance to work in and shape a young and dynamic research group. The lab is embedded into an excellent environment for research on AN ACTIONABLE PERFORMANCE PROFILER FOR OPTIMIZING THE An Actionable Performance Profiler for Optimizing the Order of Evaluations ISSTA’17, July 2017, Santa Barbara, CA, USA 2.1 Terminology Real-world programs compute various boolean values, e.g.,to make
SYNTHESIZING PROGRAMS THAT EXPOSE PERFORMANCE BOTTLENECKS Synthesizing Programs That Expose CGO’18, February 24–28, 2018, Vienna, Austria 2 PerfSyn by Illustration This section motivates our work with an example and illus- PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Performance Issues and Optimizations in JavaScript: An Empirical Study Marija Selakovic Department of Computer Science TU Darmstadt, Germany m.selakovic89@gmail.com EFFICIENT DETECTION OF THREAD SAFETY VIOLATIONS VIA Efficient Detection of Thread Safety Violations via Coverage-Guided Generation of Concurrent Tests Ankit Choudhary Department of ComputerScience
FULLY AUTOMATIC AND PRECISE DETECTION OF THREAD SAFETY Fully Automatic and Precise Detection of Thread Safety Violations Michael Pradel Department of Computer Science ETH Zurich Thomas R. Gross Department of Computer Science A FRAMEWORK FOR THE EVALUATION OF SPECIFICATION MINERS A Framework for the Evaluation of Specification Miners Based on Finite State Machines Michael Pradel Computer Science Department ETH Zurich Philipp Bichsel LEVERAGING TEST GENERATION AND SPECIFICATION MINING FOR program. Some tests fail, because they result in an uncaught exception, while other tests pass. Second, we analyze exe-cutions of passing tests with a protocol miner, giving likelyBINAERVARIANZ.DE
During my recent seminar at Siegen University I intensely studied on the Economics of Information Security. The idea of this field of research lies in the notion, that problems of security investments can often be much better described by economic theories and models.BINAERVARIANZ.DE
j-Algo is an algorithm visualisation tool. It helps students to understand classical algorithms by illustrating them in different ways: graphical (animated), formal, and descriptive. j-Algo can be useful to everyone interested in algorithms, in particular to students of computer science and university lecturers that want to beef uptheir readings.
DEEP LEARNING TO FIND BUGS Deep Learning to Find Bugs Michael Pradel and Koushik Sen Technical Report TUD-CS-2017-0295 TU Darmstadt, Department of Computer ScienceNovember, 2017
FREEZING THE WEB: A STUDY OF REDOS VULNERABILITIES IN Freezing the Web: A Study of ReDoS Vulnerabilities in JavaScript-based Web Servers Abstract—Regular expression denial of service (ReDoS) isa
AN ACTIONABLE PERFORMANCE PROFILER FOR OPTIMIZING THE An Actionable Performance Profiler for Optimizing the Order of Evaluations ISSTA’17, July 2017, Santa Barbara, CA, USA 2.1 Terminology Real-world programs compute various boolean values, e.g.,to make
AUTOMATIC GENERATION OF OBJECT USAGE SPECIFICATIONS FROM for each method call and return: unique object identifier and dynamic type of caller and callee, name and parameter types of the called method, and the source code location of the MAKING MALORY BEHAVE MALICIOUSLY: TARGETED FUZZING OF Making Malory Behave Maliciously: Targeted Fuzzing of Android Execution Environments Siegfried Rasthofer, Steven Arzt Fraunhofer SITand TU Darmstadt
PERFORMANCE PROBLEMS YOU CAN FIX: A DYNAMIC ANALYSIS OF bly repeating the same computation many times. An easy method gets called frequently in a typical workload, possi- way to optimize themethod is
WS2812B RGB-LED CONTROLLED WITH AN MSP430 So, I couldn't hold myself and bought a bunch of WS2812b LEDs. These are really cheap RGB leds with an integrated controller/driver IC. They use a one-wire protocol to set EFFICIENT DETECTION OF THREAD SAFETY VIOLATIONS VIA Efficient Detection of Thread Safety Violations via Coverage-Guided Generation of Concurrent Tests Ankit Choudhary Department of ComputerScience
BINAERVARIANZ.DE
During my recent seminar at Siegen University I intensely studied on the Economics of Information Security. The idea of this field of research lies in the notion, that problems of security investments can often be much better described by economic theories and models.BINAERVARIANZ.DE
j-Algo is an algorithm visualisation tool. It helps students to understand classical algorithms by illustrating them in different ways: graphical (animated), formal, and descriptive. j-Algo can be useful to everyone interested in algorithms, in particular to students of computer science and university lecturers that want to beef uptheir readings.
DEEP LEARNING TO FIND BUGS Deep Learning to Find Bugs Michael Pradel and Koushik Sen Technical Report TUD-CS-2017-0295 TU Darmstadt, Department of Computer ScienceNovember, 2017
FREEZING THE WEB: A STUDY OF REDOS VULNERABILITIES IN Freezing the Web: A Study of ReDoS Vulnerabilities in JavaScript-based Web Servers Abstract—Regular expression denial of service (ReDoS) isa
AN ACTIONABLE PERFORMANCE PROFILER FOR OPTIMIZING THE An Actionable Performance Profiler for Optimizing the Order of Evaluations ISSTA’17, July 2017, Santa Barbara, CA, USA 2.1 Terminology Real-world programs compute various boolean values, e.g.,to make
AUTOMATIC GENERATION OF OBJECT USAGE SPECIFICATIONS FROM for each method call and return: unique object identifier and dynamic type of caller and callee, name and parameter types of the called method, and the source code location of the MAKING MALORY BEHAVE MALICIOUSLY: TARGETED FUZZING OF Making Malory Behave Maliciously: Targeted Fuzzing of Android Execution Environments Siegfried Rasthofer, Steven Arzt Fraunhofer SITand TU Darmstadt
PERFORMANCE PROBLEMS YOU CAN FIX: A DYNAMIC ANALYSIS OF bly repeating the same computation many times. An easy method gets called frequently in a typical workload, possi- way to optimize themethod is
WS2812B RGB-LED CONTROLLED WITH AN MSP430 So, I couldn't hold myself and bought a bunch of WS2812b LEDs. These are really cheap RGB leds with an integrated controller/driver IC. They use a one-wire protocol to set EFFICIENT DETECTION OF THREAD SAFETY VIOLATIONS VIA Efficient Detection of Thread Safety Violations via Coverage-Guided Generation of Concurrent Tests Ankit Choudhary Department of ComputerScience
LEARNING TO FUZZ: APPLICATION-INDEPENDENT FUZZ TESTING Learning to Fuzz: Application-Independent Fuzz Testing with Probabilistic, Generative Models of Input Data Jibesh Patra, Michael Pradel Technical Report TUD-CS-2016-14664 SYNTHESIZING PROGRAMS THAT EXPOSE PERFORMANCE BOTTLENECKS Synthesizing Programs That Expose CGO’18, February 24–28, 2018, Vienna, Austria 2 PerfSyn by Illustration This section motivates our work with an example and illus- AN ACTIONABLE PERFORMANCE PROFILER FOR OPTIMIZING THE An Actionable Performance Profiler for Optimizing the Order of Evaluations ISSTA’17, July 2017, Santa Barbara, CA, USA 2.1 Terminology Real-world programs compute various boolean values, e.g.,to make
MAKING MALORY BEHAVE MALICIOUSLY: TARGETED FUZZING OF Making Malory Behave Maliciously: Targeted Fuzzing of Android Execution Environments Siegfried Rasthofer, Steven Arzt Fraunhofer SITand TU Darmstadt
MKORN.BINAERVARIANZ.DE Jul 19, 2019 · Welcome! THIS IS A HISTORICAL WEBSITE, FOR ARCHIVAL PURPOSES ONLY. During my academic career, I was a postdoc in the group on Computer Supported Cooperative Work and Social Media at the University of Siegen, in the Philanthropic Informatics Lab of Amy Voida at the School of Informatics and Computing at Indiana University, Indianapolis (IUPUI), and in the interdisciplinary SYNODE: UNDERSTANDING AND AUTOMATICALLY PREVENTING Synode: Understanding and Automatically Preventing Injection Attacks on Node.js Cristian-Alexandru Staicu TU Darmstadt cris.staicu@gmail.com Michael Pradel MONKEY SEE, MONKEY DO: EFFECTIVE GENERATION OF GUI TESTS of using the program. Third, the approach automatically generates tests, i.e., sequences of UI events, through a com-bination of random testing and applying the inferred macro PERFORMANCE ISSUES AND OPTIMIZATIONS IN JAVASCRIPT: AN Performance Issues and Optimizations in JavaScript: An Empirical Study Marija Selakovic Department of Computer Science TU Darmstadt, Germany m.selakovic89@gmail.com EFFICIENT DETECTION OF THREAD SAFETY VIOLATIONS VIA Efficient Detection of Thread Safety Violations via Coverage-Guided Generation of Concurrent Tests Ankit Choudhary Department of ComputerScience
TYPEDEVIL: DYNAMIC TYPE INCONSISTENCY ANALYSIS FOR JAVASCRIPT TypeDevil: Dynamic Type Inconsistency Analysis for JavaScript Michael Pradelx, Parker Schuh , and Koushik Sen EECS Department, University of California, Berkeley xDepartment of Computer Science, TU Darmstadt Abstract—Dynamic languages, such as JavaScript, give pro- MICHAEL PRADEL'S HOMEPAGE Looking for PhD Students. We are looking for students interested in joining the Software Lab as PhD students. The Software Lab conducts research at the intersection of software engineering and programming languages, with a focus on tools and techniques for constructing reliable, efficient, and secure software. A FRAMEWORK FOR THE EVALUATION OF SPECIFICATION MINERS A Framework for the Evaluation of Specification Miners Based on Finite State Machines Michael Pradel Computer Science Department ETH Zurich Philipp Bichsel UNDERSTANDING AND AUTOMATICALLY PREVENTING INJECTION Understanding and Automatically Preventing Injection Attacks on NODE.JS Cristian-Alexandru Staicu , Michael Pradel , and Benjamin Livshitsy TU Darmstadt Microsoft Researchy Abstract—The NODE.JS ecosystem has lead to the creation of many modern applications, such as server-side web applications LEVERAGING TEST GENERATION AND SPECIFICATION MINING FOR program. Some tests fail, because they result in an uncaught exception, while other tests pass. Second, we analyze exe-cutions of passing tests with a protocol miner, giving likely NOMEN EST OMEN: EXPLORING AND EXPLOITING SIMILARITIES Nomen est Omen: Exploring and Exploiting Similarities between Argument and Parameter Names Hui Liu1, Qiurong Liu1, Cristian-Alexandru Staicu2, Michael Pradel2, Yue Luo1 1School of Computer Science and Technology, Beijing Institute of Technology, China 2Department of Computer Science, TU Darmstadt, Germany fliuhui08,liuqiurongg@bit.edu.cn, cris.staicu@gmail.com, michael@binaervarianz.de home projects downloads searchsitemap about us
de
HOME
binaervarianz - a project hosting web site about computers, technology, programming and a lot more...RSS Feed
>binaervarianz
2012-02-14 09:35:38
j-Algo module on the Expectation–maximization algorithm A group of students at TU Dresden has developed a j-Algo module on the EM (Expectation–maximization) algorithm.Michael Pradel
2011-01-06 13:18:27
j-Algo has twelve modules now! Students at TU Dresden have developed three new modules for j-Algo: Translation of C0 programs into AM0 programs, breadth-first search and depth-first search, and unification of termsMichael Pradel
2009-08-10 17:51:36
New j-Algo module: Lambda Calculus A group of students at TU Dresden has developed a new j-Algo module. It helps in understanding λ-terms. Have fun trying it!Michael Pradel
2008-10-31 17:09:21
Yet another j-Algo module: Algebraic Path Problem There is a new j-Algo module available now. It visualises the algebraic path problem.Michael Pradel
2008-07-12 19:17:36
Diploma thesis: Roles and Collaborations in Scala Although roles and collaborations are interesting programming constructs, they are not supported by most programming languages. My diploma thesis shows, using Scala as an example, how to realize them without changing the underlying language and applies the approach todesign patterns.
Michael Pradel
2008-05-25 22:13:15
Paper on roles in Scala My diploma thesis is on roles in the Scala programming language. As a first result, there is a paper describing how to enable role-based programming in a library, i.e., without adding new language constructs. Michael Pradel, Martin Odersky. Scala Roles - A Lightweight Approach towards Reusable CollaborationsMichael Pradel
2008-02-21 21:51:07
New j-Algo module: Heapsort We are happy to announce a new j-Algo module develped by Matthias Büchse. It presents the sorting algorithm Heapsort.Michael Pradel
2007-12-23 11:05:08
Paper on roles in ontologies My first paper on roles in ontologies has been published at the _International Workshop on Semantic-Based Software Development_ at_OOPSLA 2007_:
Michael Pradel, Jakob Henriksson, and Uwe Aßmann. A Good Role Model for Ontologies: CollaborationsMichael Pradel
2007-12-23 10:53:29
New j-Algo modules
Student groups from Dresden Technical University have developed two new modules for the algorithm visualisation tool j-Algo: Hoare Calculus and Pulsing Memory. More...Michael Pradel
2007-11-17 22:36:42
Seminar paper on the Economics of Information Security During my recent seminar at Siegen University I intensely studied on the Economics of Information Security. The idea of this field of research lies in the notion, that problems of security investments can often be much better described by economic theories and models. Security problems are almost as often caused by wrong incentives as by bad design. This seminar paper (in German only) aims to provide an overview of the different topics and the current state of research going on in this field. More...Matthias Korn
2007-09-28 00:42:34
New Project: CocoaRay Hi, I like to present a new toy of mine, a realtime raytracer for Mac OS X (mostly existing to spend the time I don't have). This little project can now be observed on binaervarianz. Updates will hopefully emerge at a regular basis. My apologys, but translations will alwayslag a bit behind.
Stefan Aschenbach
2007-09-24 19:33:59
Better Pizza with Roles in Ontologies You want to know what roles and ontologies are and how both together enhance the concept of pizza? My _Großer Beleg_ merges role modeling and ontologies. This yields a notion of ontological components - rolemodels: thesis
, slides
.
Michael Pradel
2007-07-27 08:19:28
Discontinuation of KisMAC There has not been a lot of time for KisMAC lately. However the motivation for this drastic step lies somewhere different. German laws change and are being adapted for "better" protection against something politicians obviously do not understand. It will become illegal to develop, use or even posses KisMAC in this banana republic (backgound: the change of § 202c StGB). While I cannot do much about that for now, you probably can. Make copies of KisMAC and its source as long as the website is up! Do further development outside of Germany, even better outside the US and EU! If you are a German resident, you will need to fight for yourrights.
CCC - other people who have the same problem Arbeitskreis Vorratsdatenspeicherung new version of § 202c StGBMichael Rossberg
>binaervarianz
Details
5