Filters








632 Hits in 3.9 sec

Remedying the eval that men do

Simon Holm Jensen, Peter A. Jonsson, Anders Møller
2012 Proceedings of the 2012 International Symposium on Software Testing and Analysis - ISSTA 2012  
However, as shown in a previous large-scale study, many web applications use the JavaScript eval function to dynamically construct code from text strings in ways that obstruct existing static analyses.  ...  By eliminating calls to eval, we expand the applicability of static analysis for JavaScript web applications in general.  ...  In summary, the contributions of this paper are as follows. • We describe a framework that soundly integrates refactoring of eval calls into a dataflow analyzer. • Guided by a study of how eval is being  ... 
doi:10.1145/2338965.2336758 dblp:conf/issta/JensenJM12 fatcat:jqff5gmdfjd57oxmwryvynntyq

Lights and Shadows in Evolutionary Deep Learning: Taxonomy, Critical Methodological Analysis, Cases of Study, Learned Lessons, Recommendations and Challenges [article]

Aritz D. Martinez, Javier Del Ser, Esther Villar-Rodriguez, Eneko Osaba, Javier Poyatos, Siham Tabik, Daniel Molina, Francisco Herrera
2020 arXiv   pre-print
In this work we comprehensively review and critically examine contributions made so far based on three axes, each addressing a fundamental question in this research avenue: a) optimization and taxonomy  ...  , including a historical perspective, definitions of optimization problems in Deep Learning, and a taxonomy associated with an in-depth analysis of the literature, b) critical methodological analysis (  ...  Javier Del Ser also acknowledges funding support from the Consolidated Research Group MATHMODE (IT1294-19) granted by the Department of Education of the Basque Government.  ... 
arXiv:2008.03620v1 fatcat:eklkgo7n35a2ngllgymarygjdi

Experience with exchange and archiving of raw data: comparison of data from two diffractometers and four software packages on a series of lysozyme crystals

Simon W. M. Tanley, Antoine M. M. Schreurs, John R. Helliwell, Loes M. J. Kroon-Batenburg
2012 Journal of Applied Crystallography  
A recent study on the effects of dimethyl sulfoxide on the binding of cisplatin and carboplatin to histidine in 11 different lysozyme crystals from two diffractometers led to an investigation of the possible  ...  A systematic comparison shows that the largest differences in the occupancies andBfactors of the bound Pt compounds are due to the software, but the equipment also has a noticeable effect.  ...  The R-AXIS header does not contain a value for the gain, so EVAL assumes it to be 1.0. In the Bruker header we found a gain value of 3.83 ADU per photon.  ... 
doi:10.1107/s0021889812044172 pmid:23396873 pmcid:PMC3547227 fatcat:txfxzwiio5aw7n2rtpbk3wwlm4

On the design, implementation, and use of laziness in R

Aviral Goel, Jan Vitek
2019 Proceedings of the ACM on Programming Languages (PACMPL)  
This paper presents a review of the design and implementation of call-by-need in R, and a data-driven study of how generations of programmers have put laziness to use in their code.  ...  The R programming language has been lazy for over twenty-five years.  ...  ACKNOWLEDGMENTS We thank the reviewers for constructive comments that helped us improve the presentation.  ... 
doi:10.1145/3360579 fatcat:xqcizpoas5ejnkewxqtrzo4ski

Efficient search for inputs causing high floating-point errors

Wei-Fan Chiang, Ganesh Gopalakrishnan, Zvonimir Rakamaric, Alexey Solovyev
2014 Proceedings of the 19th ACM SIGPLAN symposium on Principles and practice of parallel programming - PPoPP '14  
In this paper, we focus on tools for determining the input settings to a floating point routine that maximizes its result error.  ...  We develop a heuristic search algorithm called Binary Guided Random Testing (BGRT). In 45 of the 48 total benchmarks, including many real-world routines, BGRT returns higher guaranteed errors.  ...  We will further investigate such compositional GRT approaches for handling large scale programs.  ... 
doi:10.1145/2555243.2555265 dblp:conf/ppopp/ChiangGRS14 fatcat:cu2ludseqvf73pb2eqmxzaaxkq

Efficient search for inputs causing high floating-point errors

Wei-Fan Chiang, Ganesh Gopalakrishnan, Zvonimir Rakamaric, Alexey Solovyev
2014 SIGPLAN notices  
In this paper, we focus on tools for determining the input settings to a floating point routine that maximizes its result error.  ...  We develop a heuristic search algorithm called Binary Guided Random Testing (BGRT). In 45 of the 48 total benchmarks, including many real-world routines, BGRT returns higher guaranteed errors.  ...  We will further investigate such compositional GRT approaches for handling large scale programs.  ... 
doi:10.1145/2692916.2555265 fatcat:vvflqpta3jglteselcictu5ohm

Value-Sensitive Hybrid Information Flow Control for a JavaScript-Like Language

Daniel Hedin, Luciano Bello, Andrei Sabelfeld
2015 2015 IEEE 28th Computer Security Foundations Symposium  
In addition, we demonstrate permissiveness by proving that we subsume the precision of purely static analysis and by presenting a collection of common programming patterns that indicate that our mechanism  ...  Recent empirical studies give evidence of pervasive reliance on and excessive trust in third-party JavaScript, with no adequate security mechanism to limit the trust or the extent of its abuse.  ...  This work was funded by the European Community under the ProSecuToR and WebSand projects and the Swedish research agencies SSF and VR.  ... 
doi:10.1109/csf.2015.31 dblp:conf/csfw/HedinBS15 fatcat:4krpgr3345gkbpifajz4x6five

MetaModelica - A Symbolic-Numeric Modelica Language and Comparison to Julia

Peter Fritzson, Adrian Pop, Martin Sjölund, Adeel Asghar
2019 Proceedings Name  
Therefore, this is a topic of long-running design discussions in the Modelica Design group.  ...  This paper presents MetaModelica and its environment as a large case study, together with a short comparison to Julia.  ...  Acknowledgements This work has been supported by Vinnova in the ITEA OPENPROD, MODRIO, OPENCPS, and EMPHYSIS projects, and in the Vinnova RTISIM project.  ... 
doi:10.3384/ecp19157289 dblp:conf/modelica/FritzsonPSA19 fatcat:ya4mstbu7bhwde423crvqomry4

Auto-patching DOM-based XSS at scale

Inian Parameshwaran, Enrico Budianto, Shweta Shinde, Hung Dang, Atul Sadhu, Prateek Saxena
2015 Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering - ESEC/FSE 2015  
We study dynamic code evaluation practices on nearly a quarter million URLs crawled starting from the the Alexa Top 1000 websites.  ...  Of 777, 082 cases of dynamic HTML/JS code generation we observe, 13.3% use unsafe string interpolation for dynamic code generation -a well-known dangerous coding practice.  ...  This research is supported in part by the National Research Foundation, Prime Minister's Office, Singapore under its National Cybersecurity R&D Program (Award No.  ... 
doi:10.1145/2786805.2786821 dblp:conf/sigsoft/ParameshwaranBS15 fatcat:s6mqikphgrdj7jesyh23qck7pm

Testing Differential Privacy with Dual Interpreters [article]

Hengchu Zhang, Edo Roth, Andreas Haeberlen, Benjamin C. Pierce, Aaron Roth
2020 arXiv   pre-print
We analyze the probability of DPCheck mistakenly accepting a non-private program and prove that, theoretically, the probability of false acceptance can be made exponentially small by suitable choice of  ...  We also demonstrate how DPCheck can be deployed in a practical workflow to test differentially privacy for the 2020 US Census Disclosure Avoidance System (DAS).  ...  SEMANTICS We can straightforwardly encode DPCheck's evaluation semantics using a function eval :: Expr rr (see Appendix E for details) .  ... 
arXiv:2010.04126v1 fatcat:gefyg52w6ffonamm7frwetwtau

Abstracting definitional interpreters (functional pearl)

David Darais, Nicholas Labich, Phúc C. Nguyen, David Van Horn
2017 Proceedings of the ACM on Programming Languages  
In this functional pearl, we examine the use of definitional interpreters as a basis for abstract interpretation of higher-order programming languages.  ...  But the real insight of this story is a replaying of an insight from Reynold's landmark paper, Definitional Interpreters for Higher-Order Programming Languages, in which he observes definitional interpreters  ...  Since computing the dead code requires an outer wrapper that sets the initial set of dead code to be all of the subexpressions in the program, we define eval-dead@ which consumes a closed evaluator, i.e  ... 
doi:10.1145/3110256 dblp:journals/pacmpl/DaraisLNH17 fatcat:2fvmvq7llvh6ticlcic4jqjf7m

BrowserShield

Charles Reis, John Dunagan, Helen J. Wang, Opher Dubrovsky, Saher Esmeir
2007 ACM Transactions on the Web  
The dynamic content we target is the dynamic HTML in web pages, which have become a popular vector for attacks.  ...  Vulnerability-driven filtering of network data can offer a fast and easy-to-deploy alternative or intermediary to software patching, as exemplified in Shield [43] .  ...  One study showed that a large majority of existing attacks target known vulnerabilities [4] .  ... 
doi:10.1145/1281480.1281481 fatcat:343pcvsna5hhpbep4sbreqqhgy

A pragmatic approach to area coverage in hybrid wireless sensor networks

Nadeem Ahmed, Salil S. Kanhere, Sanjay Jha
2011 Wireless Communications and Mobile Computing  
of 2 * d eval (d eval < R effec ).  ...  The proposed coverage maintenance scheme is a good heuristic approximation of centralized optimal assignment that is not feasible for large scale sensor networks.  ... 
doi:10.1002/wcm.913 fatcat:jf4iv6airfad7crabb5duiqcny

The Limits of Mathematics---Fourth Version [article]

G.J. Chaitin
1994 arXiv   pre-print
This is yet another version of the course notes in chao-dyn/9407003. Here we use m-expressions more aggressively to further reduce the constants in our information-theoretic incompleteness theorems.  ...  one to determine more than N+c' scattered bits of the halting probability Omega.  ...  Up to now, the best version of AIT studied the size of programs in a computer programming language that was not actually usable.  ... 
arXiv:chao-dyn/9407009v1 fatcat:v5lruijni5dkvnr5vh4hwfqwga

A trusted mechanised JavaSript specification

Martin Bodin, Arthur Chargueraud, Daniele Filaretti, Philippa Gardner, Sergio Maffeis, Daiva Naudziuniene, Alan Schmitt, Gareth Smith
2014 Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages - POPL '14  
We present JSCert, a formalisation of the current ECMA standard in the Coq proof assistant, and JSRef, a reference interpreter for JavaScript extracted from Coq to OCaml.  ...  The time is ripe for a formal, mechanised specification of JavaScript, to clarify ambiguities in the ECMA standards, to serve as a trusted reference for high-level language compilation and JavaScript implementations  ...  We would like to thank our interns Lorenz Breidenbach for help with testing and debugging, and Benjamin Farinier for his help in setting up the code coverage tool.  ... 
doi:10.1145/2535838.2535876 dblp:conf/popl/BodinCFGMNSS14 fatcat:gjwvma6drzginetbxw2opqcuhi
« Previous Showing results 1 — 15 out of 632 results