Downloads
This page contains miscellaneous software I've written and chosen to make freely available.
ConFIRM: CFI Compatibility Testing & Microbenchmarking
ConFIRM (CONtrol-Flow Integrity Relevance Metrics) is a suite of C/C++/Assembly code programs that my lab developed for standardized compatibility testing of CFI (Control-Flow Integrity) solutions. The tests are designed to exhibit troublesome control-flow and control-data patterns gleaned from hundreds of person-hours debugging large, commercial software products and their incompatibilities with various CFI protection algorithms. Many of the tests also double as microbenchmarks that isolate runtime overheads associated with the protection of the various problematic operations. For more information, please see our publication in USENIX 2019:
- Xiaoyang Xu, Masoud Ghaffarinia, Wenhao Wang, Kevin W. Hamlen, and Zhiqiang Lin. ConFIRM: Evaluating Compatibility and Relevance of Control-flow Integrity Protections for Modern Software. In Proceedings of the 28th USENIX Security Symposium, August 2019.
Tips for Technical Writers
Here are slides from a lecture I gave on "Technical Writing: Tips for CS Students".
Artificial Software Diversity
We implemented a small CPU emulator relationally using miniKanren, and demonstrated how this can be leveraged to synthesize diverse variants of binary code (published in the 2019 miniKanren workshop):
- Gilmore R. Lundquist, Utsav Bhatt, and Kevin W. Hamlen. Relational Processing for Fun and Diversity: Simulating a CPU Relationally with miniKanren. In Proceedings of the 1st miniKanren and Relational Programming Workshop, August 2019.
Download code: [ zip | tar.gz ]
The following sample code accompanies our publication at the 2016 New Security Paradigms Workshop (NSPW):
- Gilmore R. Lundquist, Vishwath Mohan, and Kevin W. Hamlen. Searching for Software Diversity: Attaining Artificial Diversity through Program Synthesis. In Proceedings of the New Security Paradigm Workshop (NSPW), 2016.
- Sample Rackett Code
The SPoX In-lined Reference Monitoring System
SPoX (Security Policy XML) is a purely declarative policy specification language designed to be implemented by In-lined Reference Monitors (IRM's). Rather than performing security checks at an operating system level as is done with traditional Reference Monitors, an IRM modifies untrusted binaries directly so that they become self-monitoring. This allows policies to be enforced on untrusted code without modifying the operating system.
Our Java implementation of SPoX is still preliminary (early beta) but the in-development product can be downloaded below. We are currently in the process of creating useful literature such as a user manual, as well as a larger suite of sample policies to aid the non-expert user.
Downloads
- The SPoX IRM System: SPoXRewriter-0.01.zip
- SPoX Policy Analysis Tool: SPoXPolicyChecker-0.01.zip
Publications
- Kevin W. Hamlen and Micah Jones. Aspect-Oriented In-lined Reference Monitors. In Proceedings of the ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), June 2008.
- Micah Jones and Kevin W. Hamlen. Enforcing IRM Security Policies: Two Case Studies. In Proceedings of the IEEE Intelligence and Security Informatics (ISI) Conference, June 2009.
- Micah Jones and Kevin W. Hamlen. Disambiguating Aspect-oriented Security Policies. In Proceedings of the 9th International Conference on Aspect-Oriented Software Development (AOSD), 193-204, March 2010.
- Aditi Patwardhan, Kevin W. Hamlen, and Kendra Cooper. Towards Security-aware Program Visualization for Analyzing In-lined Reference Monitors. In Proceedings of the International Workshop on Visual Languages and Computing (VLC), October 2010.
- Micah Jones and Kevin W. Hamlen. A Service-oriented Approach to Mobile Code Security. In Proceedings of the 8th International Conference on Mobile Web Information Systems (MobiWIS), 531-538, September 2011.
- Kevin W. Hamlen, Micah M. Jones, and Meera Sridhar. Chekov: Aspect-oriented Runtime Monitor Certification via Model-checking. Technical Report UTDCS-16-11, Computer Science Department, The University of Texas at Dallas, Richardson, Texas, May 2011.
LaTeX Style Files
Derivation Trees
If you write papers about type systems in LaTeX, you may have noticed that it's unpleasantly difficult to typeset nice-looking typing derivations in LaTeX documents. The macros built into LaTeX or available in the amsmath package are designed for typesetting fractions, not derivation trees. One day I finally got tired of trying to make those work and wrote the following LaTeX package for typesetting derivation trees as they really should look.
- trfrac.sty is the LaTeX style file.
- View trfrac.pdf for documentation.
- The source code for both of the above is available as trfrac.dtx and trfrac.ins.
Line-art Diagrams with Metapost
Metapost is an excellent tool for creating scientific pictures, just like LaTeX is an excellent tool for creating scientific documents. I wrote the following metapost package to make easy line-art pictures for importation into LaTeX documents.
- View metaflow.pdf for documentation.
- metaflow.mp is the metapost package file.
- You also need mftext.tex if you want to create pictures with text in them.
Symbol Lists
While writing my thesis, I wanted to create good list of symbols, similar to LaTeX's built-in macros for creating lists of figures and lists of tables. I wrote the following package for the task:
- symlist.sty is the LaTeX style file.
- View symlist.pdf for documentation.
- The source code for both of the above is available as symlist.dtx and symlist.ins.
- If you want to make a symbol list that is consistent with the Cornell Thesis Guidelines, place the following LaTeX code wherever you want your symbol list to be:
\singlespacing \renewcommand\listofsymbolname{LIST OF SYMBOLS} \listofsymbols \normalspacing \clearpage
Song Books
I originally taught myself the internals of LaTeX by writing a massive LaTeX package devoted to the creation of song books. The software I developed can function either as a stand-alone LaTeX package, or as a suite of utilities built atop the MiKTeX and Vim free software packages. The song books I created are currently being used by the Cornell Graduate Christian Fellowship and the Cornell International Christian Fellowship.
- An installer for the software can be obtained from my SourceForge Project homepage.
- Here is the LaTeX package documentation in HTML form.
- Here is a sample chord book and lyric book, book of digital projector slides, and book of overhead transparencies all automatically generated from the same master document. (The idea is that you create a single master document for all your songs, and then you can tell LaTeX to produce from it any kind of book you want.) The master document from which these four books were created can be downloaded here: songs.sbd.