lynx: Analysis of Hard-to-analyze Code

The lynx project aims to develop principled and general techniques and tools to automate the analysis of code that is hard to analyze. Here, "principled" refers to techniques that are based on the program's behavior, i.e., its semantics; and "general" means that we try to make as few assumptions as possible, and avoid the use of ad hoc or system-specific tricks.

Our current research has two foci:

Understanding information flow via covert channels. The goal here is to understand the (deliberate) use of covert channels to propagate information through a system: e.g., between two parts of the same program (obfuscation) or among a set of programs (collusion). We are exploring both obfuscation based on covert channels as well as techniques for detecting covert channels for stealthy exfiltration of information.

The goal here is to understand the (deliberate) use of covert channels to propagate information through a system: e.g., between two parts of the same program (obfuscation) or among a set of programs (collusion). We are exploring both obfuscation based on covert channels as well as techniques for detecting covert channels for stealthy exfiltration of information. Optimization of interpretive systems. The goal here is to develop static and dynamic analysis techniques to optimize interpretive systems, i.e., systems consisting of programs that are executed using an interpreter together with various components of the runtime system, such as garbage collectors, JIT compilers, etc. Our ultimate objective is to specialize away most or all of the interpreter, leaving only the "pure" logic of the input program to be executed at much higher efficiency.

Publications