Shixiong Zhao,Rui Gu,Haoran Qiu,Tsz On Li,Yuexuan Wang,Heming Cui,Junfeng Yang

DOI: https://doi.org/10.1109/DSN.2018.00033

2018-01-01

Abstract:Just like bugs in single-threaded programs can lead to vulnerabilities, bugs in multithreaded programs can also lead to concurrency attacks. We studied 31 real-world concurrency attacks, including privilege escalations, hijacking code executions, and bypassing security checks. We found that compared to concurrency bugs' traditional consequences (e.g., program crashes), concurrency attacks' consequences are often implicit, extremely hard to be observed and diagnosed by program developers. Moreover, in addition to bug-inducing inputs, extra subtle inputs are often needed to trigger the attacks. These subtle features make existing tools ineffective to detect concurrency attacks. To tackle this problem, we present OWL, the first practical tool that models general concurrency attacks' implicit consequences and automatically detects them. We implemented OWL in Linux and successfully detected five new concurrency attacks, including three confirmed and fixed by developers, and two exploited from previously known and well-studied concurrency bugs. OWL has also detected seven known concurrency attacks. Our evaluation shows that OWL eliminates 94.1% of the reports generated by existing concurrency bug detectors as false positive, greatly reducing developers' efforts on diagnosis. All OWL source code, concurrency attack exploit scripts, and results are available on github.com/hku-systems/owl.

Kunpeng Yu,Chenxu Wang,Yan Cai,Xiapu Luo,Zijiang Yang

DOI: https://doi.org/10.1145/3468264.3468572

2021-01-01

Abstract:Memory vulnerabilities are the main causes of software security problems. However, detecting vulnerabilities in multi-threaded programs is challenging because many vulnerabilities occur under specific executions, and it is hard to explore all possible executions of a multi-threaded program. Existing approaches are either computationally intensive or likely to miss some vulnerabilities due to the complex thread interleaving. This paper introduces a novel approach to detect concurrency memory vulnerabilities based on partial orders of events. A partial order on a set of events represents the definite execution orders of events. It allows constructing feasible traces exposing specific vulnerabilities by exchanging the execution orders of vulnerability-potential events. It also reduces the search space of possible executions and thus improves computational efficiency. We propose new algorithms to extract vulnerability-potential event pairs for three kinds of memory vulnerabilities. We also design a novel algorithm to compute a potential event pair's feasible set, which contains the relevant events required by a feasible trace. Our method extends existing approaches for data race detection by considering that two events are protected by the same lock. We implement a prototype of our approach and conduct experiments to evaluate its performance. Experimental results show that our tool exhibits superiority over state-of-the-art algorithms in both effectiveness and efficiency.

Xiao-Hong SU,Zhen YU,Tian-Tian WANG,Pei-Jun MA

DOI: https://doi.org/10.11897/SP.J.1016.2015.02215

2015-01-01

Abstract:The prevalent multi-core architecture today makes real concurrency come true.In order to benefit from the concurrency power of hardware,concurrent programming is becoming more and more popular.However,out of inherent concurrency and non-determinism,concurrent programs are more likely to suffer from concurrency bugs,which are hard to detect,debug and repair.In this paper,we point out the trend that software development is turning toward concurrent model from sequential model.We reveal three characteristics respectively for concurrent programs and concurrency bugs and explore three challenges confronted by concurrency bug analysis.We then divide concurrency bugs into four categories,i.e.deadlock,data race,atomicity violation and order violation and investigate relations among them.For each category of concurrency bugs, we make analyses,comparisons and summarizations on previous researches about how to quickly expose,in time detect and efficiently avoid them.At last,we look into the research priorities in future from the following five aspects:smart and quick concurrency bugs exposure,common and accurate concurrency bug detection,deterministic replay support,collaborative design involving software and hardware and new concurrent programming model.

Bo Zhou,Iulian Neamtiu,Rajiv Gupta

DOI: https://doi.org/10.1145/2745802.2745807

2015-01-01

Abstract:Concurrency bugs are difficult to find and fix. To help with finding and fixing concurrency bugs, prior research has mostly focused on static or dynamic analyses for finding specific classes of bugs. We present an approach whose focus is understanding the differences between concurrency and non-concurrency bugs, the differences among various concurrency bug classes, and predicting bug quantity, type, and location, from patches, bug reports and bug-fix metrics. First, we show that bug characteristics and bug-fixing processes vary significantly among different kinds of concurrency bugs and compared to non-concurrency bugs. Next, we build a quantitative predictor model to estimate concurrency bugs appearance in future releases. Then, we build a qualitative predictor that can predict the type of concurrency bug for a newly-filed bug report. Finally, we build a bug location predictor to indicate the likely source code location for newly-reported bugs. We validate the effectiveness of our approach on three popular projects, Mozilla, KDE, and Apache.

Zunchen Huang,Shengjian Guo,Meng Wu,Chao Wang

DOI: https://doi.org/10.48550/arXiv.2212.05438

2022-12-11

Abstract:While there is a large body of work on analyzing concurrency related software bugs and developing techniques for detecting and patching them, little attention has been given to concurrency related security vulnerabilities. The two are different in that not all bugs are vulnerabilities: for a bug to be exploitable, there needs be a way for attackers to trigger its execution and cause damage, e.g., by revealing sensitive data or running malicious code. To fill the gap, we conduct the first empirical study of concurrency vulnerabilities reported in the Linux operating system in the past ten years. We focus on analyzing the confirmed vulnerabilities archived in the Common Vulnerabilities and Exposures (CVE) database, which are then categorized into different groups based on bug types, exploit patterns, and patch strategies adopted by developers. We use code snippets to illustrate individual vulnerability types and patch strategies. We also use statistics to illustrate the entire landscape, including the percentage of each vulnerability type. We hope to shed some light on the problem, e.g., concurrency vulnerabilities continue to pose a serious threat to system security, and it is difficult even for kernel developers to analyze and patch them. Therefore, more efforts are needed to develop tools and techniques for analyzing and patching these vulnerabilities.

Cryptography and Security,Software Engineering

Changming Liu,Deqing Zou,Peng Luo,Bin B. Zhu,Hai Jin

DOI: https://doi.org/10.1145/3274694.3274718

2018-01-01

Abstract:With a growing demand of concurrent software to exploit multi-core hardware capability, concurrency vulnerabilities have become an inevitable threat to the security of today's IT industry. Existing concurrent program detection schemes focus mainly on detecting concurrency errors such as data races, atomicity violation, etc., with little attention paid to detect concurrency vulnerabilities that may be exploited to infringe security. In this paper, we propose a heuristic framework that combines both static analysis and fuzz testing to detect targeted concurrency vulnerabilities such as concurrency buffer overflow, double free, and use-after-free. The static analysis locates sensitive concurrent operations in a concurrent program, categorizes each finding into a potential type of concurrency vulnerability, and determines the execution order of the sensitive operations in each finding that would trigger the suspected concurrency vulnerability. The results are then plugged into the fuzzer with the execution order fixed by the static analysis in order to trigger the suspected concurrency vulnerabilities. In order to introduce more variance which increases possibility that the concurrency errors can be triggered, we also propose manipulation of thread scheduling priority to enable a fuzzer such as AFL to effectively explore thread interleavings in testing a concurrent program. To the best of our knowledge, this is the first fuzzer that is capable of effectively exploring concurrency errors. In evaluating the proposed heuristic framework with a benchmark suit of six real-world concurrent C programs, the framework detected two concurrency vulnerabilities for the proposed concurrency vulnerability detection, both being confirmed to be true positives, and produced three new crashes for the proposed interleaving exploring fuzzer that existing fuzzers could not produce. These results demonstrate the power and effectiveness of the proposed heuristic framework in detecting concurrency errors and vulnerabilities.

Z. Yu,Y. Zuo,W. C. Xiong

DOI: https://doi.org/10.1155/2019/9404323

2019-01-01

Scientific Programming

Abstract:Software transactional memory is an effective mechanism to avoid concurrency bugs in multithreaded programs. However, two problems hinder the adoption of such traditional systems in the wild world: high human cost for equipping programs with transaction functionality and low compatibility with I/O calls and conditional variables. This paper presents Convoider to solve these problems. By intercepting interthread operations and designating code among them as transactions in each thread, Convoider automatically transactionalizes target programs without any source code modification and recompiling. By saving/restoring stack frames and CPU registers on beginning/aborting a transaction, Convoider makes execution flow revocable. By turning threads into processes, leveraging virtual memory protection and customizing memory allocation/deallocation, Convoider makes memory manipulations revocable. By maintaining virtual file systems and redirecting I/O operations onto them, Convoider makes I/O effects revocable. By converting lock/unlock operations to no-ops, customizing signal/wait operations on condition variables, and committing memory changes transactionally, Convoider makes deadlocks, data races, and atomicity violations impossible. Experimental results show that Convoider succeeds in transparently transactionalizing twelve real-world applications with averagely incurring only 28% runtime overhead and perfectly avoid 94% of thirty-one concurrency bugs used in our experiments. This study can help efficiently transactionalize legacy multithreaded applications and effectively improve the runtime reliability of them.

DongDong Deng,GuoLiang Jin,Marc de Kruijf,Ang Li,Ben Liblit,Shan Lu,ShanXiang Qi,JingLei Ren,Karthikeyan Sankaralingam,LinHai Song,YongWei Wu,MingXing Zhang,Wei Zhang,WeiMin Zheng

DOI: https://doi.org/10.1007/s11432-015-5315-9

2015-01-01

Science China Information Sciences

Abstract:Concurrency bugs are becoming widespread with the emerging ubiquity of multicore processors and multithreaded software. They manifest during production runs and lead to severe losses. Many effective concurrency-bug detection tools have been built. However, the dependability of multi-threaded software does not improve until these bugs are handled statically or dynamically. This article discusses our recent progresses on fixing, preventing, and recovering from concurrency bugs.

Zhen Yu,Yu Zuo,Yong Zhao

DOI: https://doi.org/10.1007/s10766-019-00642-1

2019-01-01

International Journal of Parallel Programming

Abstract:Software transactional memory is an effective mechanism to avoid concurrency bugs in multi-threaded programs. However, two problems hinder the adoption of traditional such systems in wild world: high human cost for equipping programs with transaction functionality and low compatibility with I/O calls and conditional variables. This paper presents Convoider to try to solve these problems. By intercepting inter-thread operations and designating code among them as transactions in each thread, Convoider automatically transactionalizes target programs without any source code modification and recompiling. By saving/restoring stack frames and CPU registers on beginning/aborting a transaction, Convoider makes execution flow revocable. By turning threads into processes, leveraging virtual memory protection and customizing memory allocation/deallocation, Convoider makes memory manipulations revocable. By maintaining virtual file systems and redirecting I/O operations onto them, Convoider makes I/O effects revocable. By converting lock/unlock operations to no-ops, customizing signal/wait operations on condition variables and committing memory changes transactionally, Convoider makes deadlocks, data races and atomicity violations impossible. Experimental results show that Convoider succeeds in transparently transactionalizing twelve real-world applications and perfectly avoid 94% of thirty-one concurrency bugs used in our experiments. This study can help efficiently transactionalize legacy multi-threaded applications and effectively improve the runtime reliability of them.

Mingxing Zhang,Yongwei Wu,Shan Lu,Shanxiang Qi,Jinglei Ren,Weimin Zheng

DOI: https://doi.org/10.1109/tse.2016.2531666

IF: 7.4

2016-01-01

IEEE Transactions on Software Engineering

Abstract:Concurrency bugs are notoriously difficult to eradicate during software testing because of their non-deterministic nature. Moreover, fixing concurrency bugs is time-consuming and error-prone. Thus, tolerating concurrency bugs during production runs is an attractive complementary approach to bug detection and testing. Unfortunately, existing bug-tolerating tools are usually either 1) constrained in types of bugs they can handle or 2) requiring roll-back mechanism, which can hitherto not be fully achieved efficiently without hardware supports. This paper presents a novel program invariant, called Anticipating Invariant (AI), which can help anticipate bugs before any irreversible changes are made. Benefiting from this ability of anticipating bugs beforehand, our software-only system is able to forestall the failures with a simple thread stalling technique, which does not rely on execution roll-back and hence has good performance Experiments with 35 real-world concurrency bugs demonstrate that AI is capable of detecting and tolerating most types of concurrency bugs, including both atomicity and order violations. Two new bugs have been detected and confirmed by the corresponding developers. Performance evaluation with 6 representative parallel programs shows that AI incurs negligible overhead (<1%) for many nontrivial desktop and server applications.

Zhendong Wu,Kai Lu,Xiaoping Wang,Xu Zhou

DOI: https://doi.org/10.1109/QSIC.2013.67

2013-01-01

Abstract:Many concurrency bugs are extremely difficult to be detected by random test due to huge input space and huge interleaving space. The multicore technology trend worsens this problem. We propose an innovative, collaborative approach called ColFinder to detect concurrency bugs effectively and efficiently. ColFinder uses static analysis to identify potential buggy statements. With respect to these statements, ColFinder uses program slicing to cut the original programs into smaller programs. Finally, it uses dynamic active test to verify whether the potential buggy statements will trigger real bugs. We implement a prototype of ColFinder, and evaluate it with several real-world programs. It significantly improves the probability of bug manifestation, from 0.75% to 89%. Additionally, ColFinder makes the time of bug manifestation obviously reduced by program slicing, with an average of 33%.

ZHAO Jing-wen,FU Yan,WU Yan-xia,CHEN Jun-wen,FENG Yun,DONG Ji-bin,LIU Jia-qi

DOI: https://doi.org/10.11896/jsjkx.210700187

2022-01-01

Computer Science

Abstract:Nowadays the multi-core processors and threaded parallel programs are increasingly more used.However,the uncertainty of multi-threaded program leads to concurrency problems such as data race,atomicity violation,order violation and deadlock in the process of program running.Recent researches show that data race accounts for the largest proportion of concurrency bug,and most atomicity violation and order violation are caused by data race.This paper summarizes the related detection techniques in recent years.Firstly,the related concepts,causes,and the main ideas of data race detection are introduced.Then,the existing data race detection techniques in multi-threaded program are classified into three types:static analysis,dynamic analysis and hybrid detection techniques,and their characteristics are summarized comprehensively and compared in detail.Next,the limitations of exis-ting data race detection tools are discussed.Finally,future research directions and challenges in this field are discussed.

Dennis Jeffrey,Yan Wang,Chen Tian,Rajiv Gupta

DOI: https://doi.org/10.1002/spe.1040

2011-01-01

Software Practice and Experience

Abstract:Memory-related program failures in multithreaded programs can be caused by a variety of bugs. Concurrency bugs can occur due to unexpected or incorrect thread interleavings during execution. Other kinds of memory bugs, such as buffer overflows and uninitialized reads, may also occur in multithreaded as well as single-threaded programs. Most prior techniques for isolating these bugs are specialized, addressing only one type of concurrency bug or certain types of other memory bugs. The memory corruption caused by these bugs can also undergo significant propagation during program execution. When a program failure finally occurs due to memory corruption, the true root cause of the failure may be effectively concealed as significant portions of memory may have become corrupted. We propose a general framework that can isolate the root cause of any failure in a multithreaded program that involves memory corruption and reveals at least a subset of this memory corruption. This includes three important types of concurrency bugs—data races, atomicity violations, and order violations—as well as other kinds of memory bugs. To account for propagation of memory corruption, our approach uses a dynamic technique called ‘execution suppression’ that iteratively reveals memory corruption in a failing execution to isolate the true root cause of the failure. Copyright © 2011 John Wiley & Sons, Ltd.

Rulin Xu,Xiaoguang Mao,Luohui Chen,Yue Yu

DOI: https://doi.org/10.1109/jcc59055.2023.00014

2023-01-01

Abstract:Memory vulnerability detection aims to identify software defects that can compromise memory safety. However, existing methods often struggle to achieve both high precision and efficiency. This paper presents a high-precision memory vulnerability detection approach based on value flow analysis and parallel computing. We first construct a static semantic representation called SVFG to enable precise detection of memory vulnerabilities such as null pointer dereference and use-after-free. We then perform dependency-aware path feasibility analysis using an SMT solver to reduce false positives. Finally, we develop a task-level parallel framework to accelerate the constraint solving process and improve efficiency.We evaluate our approach on the Juliet test set of over 2,000 test cases and 7 open-source projects. Experimental results show that our dependency-aware analysis can achieve 0.5%-2.05% false positive rates, outperforming traditional approaches and existing tools. Our task-level parallel framework can achieve up to 3.25x speedup with 4 computing nodes.Our study demonstrates that combining value flow analysis and parallel computing is a promising way to enable highly precise and efficient detection of memory vulnerabilities. For future work, we plan to integrate pointer analysis to support more complex codes, and optimize the granularity of parallelism to improve scalability. Overall, this paper presents a static analysis based method to address the inherent trade-off between precision and efficiency in memory vulnerability detection.

Pengfei Wang,Kai Lu,Gen Li,Xu Zhou

DOI: https://doi.org/10.1002/cpe.4345

2017-01-01

Abstract:SummaryRace conditions widely exist in concurrent programs, and concurrency errors caused by harmful races could lead to severe system failures. A double fetch is a typical situation when the system kernel inevitably accesses user space data multiple times, and it turns into a vulnerability when the data consistency is violated under a special race condition between kernel and user space. In this survey, we present the first (to the best of our knowledge) comprehensive study on double‐fetch vulnerabilities in the real world. Our study is based on the investigation of 91 real‐world double‐fetch vulnerabilities collected from the CVE database and other relevant reports, which covers a period of recent 12 years. Our work reveals some interesting findings on the double‐fetch vulnerabilities, ranging from the various occurrences across different kernels and system levels to the involvement of specific patterns. We also divide the consequences that are usually caused by the double‐fetch vulnerabilities into four categories and discuss each, summarize viable exploitation techniques from existing works, provide useful guidances to detect and practical strategies to prevent double‐fetch vulnerabilities.

Yao Shi,Soyeon Park,Zuoning Yin,Shan Lu,Yuanyuan Zhou,Wenguang Chen,Weimin Zheng

DOI: https://doi.org/10.1145/1932682.1869474

2010-01-01

ACM SIGPLAN Notices

Abstract:Software bugs, such as concurrency, memory and semantic bugs, can significantly affect system reliability. Although much effort has been made to address this problem, there are still many bugs that cannot be detected, especially concurrency bugs due to the complexity of concurrent programs. Effective approaches for detecting these common bugs are therefore highly desired. This paper presents an invariant-based bug detection tool, DefUse, which can detect not only concurrency bugs (including the previously under-studied order violation bugs), but also memory and semantic bugs. Based on the observation that many bugs appear as violations to programmers' data flow intentions, we introduce three different types of definition-use invariants that commonly exist in both sequential and concurrent programs. We also design an algorithm to automatically extract such invariants from programs, which are then used to detect bugs. Moreover, DefUse uses various techniques to prune false positives and rank error reports. We evaluated DefUse using sixteen real-world applications with twenty real-world concurrency and sequential bugs. Our results show that DefUse can effectively detect 19 of these bugs, including 2 new bugs that were never reported before, with only a few false positives. Our training sensitivity results show that, with the benefit of the pruning and ranking algorithms, DefUse is accurate even with insufficient training.

Wenwen Wang,Chenggang Wu,Pen-Chung Yew,Xiang Yuan,Zhenjiang Wang,Jianjun Li,Xiaobing Feng

DOI: https://doi.org/10.1145/2555243.2555276

2014-01-01

Abstract:Non-determinism in concurrent programs makes their debugging much more challenging than that in sequential programs. To mitigate such difficulties, we propose a new technique to automatically locate buggy shared memory accesses that triggered concurrency bugs. Compared to existing fault localization techniques that are based on empirical statistical approaches, this technique has two advantages. First, as long as enough successful runs of a concurrent program are collected, the proposed technique can locate buggy memory accesses to the shared data even with only one single failed run captured, as opposed to the need of capturing multiple failed runs in other statistical approaches. Second, the proposed technique is more precise because it considers memory accesses in those failed runs that terminate prematurely.

Jiashuo Liang,Ming Yuan,Zhanzhao Ding,Siqi Ma,Xinhui Han,Chao Zhang

DOI: https://doi.org/10.1145/3579856.3595787

2023-01-01

Abstract:Concurrency bugs are one of the most harmful and hard-to-address issues in multithreaded software. Such bugs are hard to discover, reproduce, diagnose or fix due to their non-deterministic nature. Although more and more bug discovery solutions are proposed in recent years, it is difficult to evaluate them with existing concurrency bug datasets. The demand for building a high-quality benchmark of concurrency bugs emerges. In this paper, we present an automated bug injection solution to automatically inject representative concurrency bugs into real world multithreaded C/C++ programs, and present the first triggerable and observable concurrency bug benchmark RaceBench. We have conducted a large-scale empirical study on concurrency bugs, learned their patterns, and built a program state model to characterize them, which enables us to inject representative bugs. To make the bugs triggerable, we follow the dynamic execution traces of target programs and inject bugs at locations that are reachable from the program entry. To make the bugs observable, these bugs are followed by explicit security assertions, removing the requirement of sophisticated sanitizers to detect the existence of such bugs. We built a benchmark consisting of 1500 bugs injected into 15 programs, and evaluated four concurrency bug discovery tools and one general bug discovery tool with it. Results showed that existing concurrency bug discovery solutions are still in the early stage, and our benchmark could shed light on the future direction of improvements.

Yang Cao,Yunwei Dong

DOI: https://doi.org/10.1109/QRS-C60940.2023.00074

2023-01-01

Abstract:Concurrent programs have brought about higher resource utilization and faster response times. However, the non-determinism in concurrent programs introduces concurrency bugs that are harder to detect than traditional program bugs. These concurrency bugs pose serious threats to the safety and security of software systems. Data races are the most common type of concurrency bug. Previous static analysis techniques either lack precision or face difficulties when applied to large-scale programs. The vulnerability detection tool Joern provides a new static approach that uses a novel source code representation, called code property graph, and effectively mines various types of source code vulnerabilities in large-scale programs through graph traversal. However, because the code property graph does not model the concurrency relationships between threads, Joern does not support the detection of concurrency bugs. Therefore, this paper proposes a property graph -based data race detection method called RaceQuery. This method introduces the concept of property graphs to represent concurrent programs. It constructs the concurrent code property graph based on the control flow graph and enhances it with synchronization operations analysis to improve detection precision. Subsequently, RaceQuery generates a set of concurrent thread pairs for the program based on the concurrent code property graph and models data races through graph traversal. This enables RaceQuery to effectively locate data races in the concurrent code property graph. The method is implemented as a prototype system using the popular graph database Neo4j and successfully detects 2 data races in an open-source project.

Yang Liu,Zisen Xu,Ming Fan,Yu Hao,Kai Chen,Hao Chen,Yan Cai,Zijiang Yang,Ting Liu

DOI: https://doi.org/10.1109/tr.2022.3162694

IF: 5.883

2022-01-01

IEEE Transactions on Reliability

Abstract:Concurrent programs with multiple threads executing in parallel are widely used to unleash the power of multicore computing systems. Owing to their complexity, a lot of research focuses on testing and debugging concurrent programs. Besides correctness, we find that security can also be compromised by concurrency. In this article, we present concurrent program spectre (ConcSpectre), a new security threat that hides malware in nondeterministic thread interleavings. To demonstrate such threat, we have developed a stealth malware technique called concurrent logic bomb by partitioning a piece of malicious code and injecting its components separately into a concurrent program. The malicious behavior can be triggered by certain thread interleavings that rarely happen (e.g., <span class="mjpage"><svg xmlns:xlink="http://www.w3.org/1999/xlink" width="1.808ex" height="1.843ex" style="vertical-align: -0.338ex;" viewBox="0 -647.8 778.5 793.3" role="img" focusable="false" xmlns="http://www.w3.org/2000/svg"><g stroke="currentColor" fill="currentColor" stroke-width="0" transform="matrix(1 0 0 -1 0 0)"> <use xlink:href="#MJMAIN-3C" x="0" y="0"></use></g></svg></span>1%) under a normal execution environment. However, with a new technique called controllable probabilistic activation, we can activate such ConcSpectre malware with a very high probability (e.g., <span class="mjpage"><svg xmlns:xlink="http://www.w3.org/1999/xlink" width="1.808ex" height="1.843ex" style="vertical-align: -0.338ex;" viewBox="0 -647.8 778.5 793.3" role="img" focusable="false" xmlns="http://www.w3.org/2000/svg"><g stroke="currentColor" fill="currentColor" stroke-width="0" transform="matrix(1 0 0 -1 0 0)"> <use xlink:href="#MJMAIN-3E" x="0" y="0"></use></g></svg></span>90%) by remotely disturbing thread scheduling. In the evaluation, more than 1000 ConcSpectre samples are generated, which bypassed most of the antivirus engines in VirusTotal and four well-known online dynamic malware analysis systems. We also demonstrate how to remotely trigger a ConcSpectre sample on a web server and control its activation probability. Our work shows an urgent need for new malware analysis methods for concurrent programs.<svg xmlns="http://www.w3.org/2000/svg" style="display: none;"><defs id="MathJax_SVG_glyphs"><path stroke-width="1" id="MJMAIN-3C" d="M694 -11T694 -19T688 -33T678 -40Q671 -40 524 29T234 166L90 235Q83 240 83 250Q83 261 91 266Q664 540 678 540Q681 540 687 534T694 519T687 505Q686 504 417 376L151 250L417 124Q686 -4 687 -5Q694 -11 694 -19Z"></path><path stroke-width="1" id="MJMAIN-3E" d="M84 520Q84 528 88 533T96 539L99 540Q106 540 253 471T544 334L687 265Q694 260 694 250T687 235Q685 233 395 96L107 -40H101Q83 -38 83 -20Q83 -19 83 -17Q82 -10 98 -1Q117 9 248 71Q326 108 378 132L626 250L378 368Q90 504 86 509Q84 513 84 520Z"></path></defs></svg>

engineering, electrical & electronic,computer science, software engineering, hardware & architecture