We launch PARF—a toolkit for adaptively tuning abstraction strategies of static program analyzers in a fully automated manner. PARF models various types of external parameters (encoding abstraction strategies) as random variables subject to probability distributions over latticed parameter spaces. It incrementally refines the probability distributions based on accumulated intermediate results generated by repeatedly sampling and analyzing, thereby ultimately yielding a set of highly accurate abstraction strategies. PARF is implemented on top of FRAMA-C/EVA—an off-the-shelf open-source static analyzer for C programs. PARF provides a web-based user interface facilitating the intuitive configuration of static analyzers and visualization of dynamic distribution refinement of the abstraction strategies. It further supports the identification of dominant parameters in FRAMA-C/EVA analysis. Benchmark experiments and a case study demonstrate the competitive performance of PARF for analyzing complex, large-scale real-world programs.
- Article type
- Year
- Co-author
Open Access
Issue
The advancement of artificial intelligence-generated content drives the diversification of healthcare services, resulting in increased private information collection by healthcare service providers. Therefore, compliance with privacy regulations has increasingly become a paramount concern for both regulatory authorities and consumers. Privacy policies are crucial for consumers to understand how their personal information is collected, stored, and processed. In this work, we propose a privacy policy text compliance reasoning framework called FACTOR, which harnesses the power of large language models (LLMs). Since the General Data Protection Regulation (GDPR) has broad applicability, this work selects Article 13 of the GDPR as regulation requirements. FACTOR segments the privacy policy text using a sliding window strategy and employs LLM-based text entailment to assess compliance for each segment. The framework then applies a rule-based ensemble approach to aggregate the entailment results for all regulation requirements from the GDPR. Our experiments on a synthetic corpus of 388 privacy policies demonstrate the effectiveness of FACTOR. Additionally, we analyze 100 randomly selected websites offering healthcare services, revealing that nine of them lack a privacy policy altogether, while 29 have privacy policy texts that fail to meet the regulation requirements.
京公网安备11010802044758号