Few static analyses make their way to the real-world due to the unrealistic assumptions that they make. I am interested in developing and evaluating various program analysis techniques that can be used in practice by exploring three aspects: scalability, precision, and usability. My interests span programming languages, software systems, and software engineering.

Below is a list of my current and inactive projects.

Current Projects

PL & ML

PL & ML (2018–) Ifaz Kabir Revan MacQueen Karim Ali

Can research in programming languages help with machine learning? In this work, we are exploring how to use/develop programming language techniques to solve some of the common problems that researchers and practicioners encounter while building machine learning systems.

SWAN

SWAN (2017–) Anthony Hill Leo Li Abdul Ali Bangash Bryan Tam Chen Song Jeff Cho Lydia Wu Mark Mroz Noah Weninger Yaser Alkayale Karim Ali

Can I detect security vulnerabilities in my Swift app? In this work, we have been developing SWAN, a program analysis framework for Swift programs based on WALA. The framework enables a wide range of static analyses, from simple constant propagation to sophisticated taint anlaysis using the powerful infrastructure that WALA provides.

Just-in-Time Compilers

Just-in-Time Compilers (2016–) Erick Ochoa Karim Ali

Can we help JIT compilers make better decisions when applying a code transformation? In this work, we have been developing several algorithms that enable a JIT compiler to reason not only about the cost of applying a code tranformation (e.g., method inlining), but also about the potential future benefits (e.g., further optimizations) of applying such a code transformation.

Detecting Misuses of Crypto APIs

Detecting Misuses of Crypto APIs (2015–) Kristen Newbury Manuel Benz Stefan Krüger Karim Ali

Can program analysis help developers use crypto APIs more securely? In this work, we have been working on an end-to-end solution to detect misuses of crypto APIs that provides a DSL to define the correct uses of an API, a compiler that generates static analysis checks based on those rules, and IDE extensions that help developers detect misuses in their code based on our infrastructure. Most recently, our work with CogniCrypt helped Symantec fix a bug in one of its products that could lead to privilege escalation.

Usability of Static Analysis Tools

Usability of Static Analysis Tools (2014–) Alex Li Alexander MacKenzie Lisa Nguyen Quang Do Swapnil Shah Tyler Pavlovic Karim Ali

How can we build better experiences for users of static analysis tools? In this work, we have been exploring novel techniques to facilitate the development of program analyses that are more responsive, more precise, well-integrated in the developer's workflow, and customized to the developer's needs.

Scalable and Precise Pointer Analysis

Scalable and Precise Pointer Analysis (2014–) Johannes Späth Karim Ali

Can pointer analysis be both scalable and precise? In this work, we explore how to leverage the advantages of distributive frameworks such as IFDS, IDE, and WPDS to perform scalable and precise non-distributive analyses such as pointer analysis. We have been building various on-demand pointer analyses that also encode rich alias information for the queried variables.

Inactive Projects

Partial-Program Analysis for Java

Partial-Program Analysis for Java (2010–2016) Michael Appel Karim Ali

Can we perform whole-program analysis of a given Java application without analyzing the whole program? Through light-weight static analyses of the structure of a given application, we have shown that the answer to this question is 'yes'. Moreover, we developed Averroes, a placeholder library generator that enables the use of that suite in any Java whole-program analysis framework. Using Averroes reduces the amount of code that needs to be analyzed by up to 600x, improving the performance of call graph analysis as it becomes up to 7x faster, and uses up to 6x less memory. Averroes is currently used by the major Java static analysis frameworks, Soot, WALA, and DOOP.

ScalaCG

ScalaCG (2013–2015) Karim Ali

Is analyzing the Scala source code any different than analyzing the JVM bytecodes that the Scala compiler generates? In this work, we developed ScalaCG, a collection of low-cost call graph analyses that target the Scala source code and support various Scala features such as traits, abstract type members, closures, and path-dependent types. Using ScalaCG produces call graphs that are up to 19x more precise than using a bytecode-based approach in terms of call edges and reachable nodes. ScalaCG was awarded a Distinguished Artifact Award at the European Conference on Object-Oriented Programming (ECOOP) in 2014. Scalacg has been extended by the original Scala research group at EPFL to improve call graph precision and decrease analysis time for non-trivial Scala programs. These extensions are integrated in the upcoming Scala Dotty compiler.

Algorizmi

Algorizmi (2008–2009) Karim Ali

Can we have reproducible evaluations for intrusion detection systems? In this work, we developed an open-source configurable virtual testbed (based on the Eucalyptus cloud platform) for evaluating Intrusion Detection Systems.

Beep

Beep (2006–2007) Karim Ali

Is Jabber suitable enough for devices with limited resources? In this work, we developed a wireless telecommunication framework based on the Jabber protocol, targeting JME (known before as J2ME) enabled devices.