SlideShare a Scribd company logo

Visualizing Symbolic Execution with Bokeh

Download as PPTX, PDF
Asankhaya Sharma
Asankhaya Sharma

Exploring symbolic execution using Bokeh, a Python based framework for data visualization.

Technology
1 of 23
Visualizing Symbolic Execution with Bokeh Asankhaya Sharma SRC:CLR
Symbolic Execution (SE) • Analyzing a program to determine what inputs cause each part of a program to execute [Wikipedia] • The idea – Execute the program with an input – Build a symbolic formula during execution which captures the path taken by the input through the program 10 June 2015 PyData Singapore 2
Path Condition (PC) int max(int x, int y, int z){ int m = x; if(y>m && y>z) m = y; else if(z>m) m = z; return m; } max(1,3,2) = 3 Inputs: x0,y0,z0 PC: true PC: m0=x0 PC: m0=x0∧y0>m0∧y0>z0 ∧m1=y0 Output: m1 10 June 2015 PyData Singapore 3
10 June 2015 PyData Singapore 4 m = x m = y y>m && y>z z > m m = z return m true m=x …∧y>m∧y>z …∧¬(y>m∧y>z) …∧z>m …∧¬(z>m) …∧m=z …∧m=y Execution Tree
Path Exploration PC: m0=x0∧y0>m0∧y0>z0∧m1=y0 PC1: y0>x0∧y0>z0∧3=y0 Negate first constraint PC2: y0<=x0∧y0>z0∧3=y0 Check satisfiability using a constraint solver New Inputs: x0=3, y0=3, z0=2 Repeat SE with new inputs 10 June 2015 PyData Singapore 5
Why is SE useful? • Automated Fuzzing • Test Case Generation • Debugging Error Traces • Program Analysis • … 10 June 2015 PyData Singapore 6
Bottlenecks • Path Explosion – Loops and recursion – Unbounded number of paths in a program • Constraint Solving – int is easy but what about other data types floats, strings, bit vectors etc. – Handling data structures with pointers 10 June 2015 PyData Singapore 7
Exploiting Undefined Behaviors for Efficient Symbolic Execution [ICSE 14] 10 June 2015 PyData Singapore 8
Demo 1 • Symbolic execution with Pathgrind – fuzz/fuzz.py 10 June 2015 PyData Singapore 9
Bokeh • Bo(w)-Ke(ttle) 10 June 2015 PyData Singapore 10
10 June 2015 PyData Singapore 11
Demo 2 • Plotting with Bokeh – Line Plot – Scatter Plot – Bokeh Server 10 June 2015 PyData Singapore 12
Visualizing SE • Time Taken – Generate path conditions (path exploration) – Generate new inputs (by solving constraints) 10 June 2015 PyData Singapore 13
Demo 3 • Pathgrind + Bokeh = Visualize SE – fuzz/plotfuzz.py 10 June 2015 PyData Singapore 14
10 June 2015 PyData Singapore 15
All paths are not equal • Use Levenshtein distance to measure the similarity between the path conditions when represented as strings • Scatter plot of similarity using Bokeh 10 June 2015 PyData Singapore 16
10 June 2015 PyData Singapore 17
Optimization for SE • Prune paths that are >90% similar – As measured using Levenshtein edit distance 10 June 2015 PyData Singapore 18
10 June 2015 PyData Singapore 19
10 June 2015 PyData Singapore 20
Take Away • Symbolic Execution • Using Bokeh to Visualize SE • Identify Optimizations for SE • Future – Statically Sampling of Paths – Probabilistic Analysis 10 June 2015 PyData Singapore 21
We are hiring … Shape the future of software security at SourceClear. By joining our team, you can help define the way modern developers identify and fix vulnerabilities in their code. Check out https://jobs.lever.co/sourceclear 10 June 2015 PyData Singapore 22
Thank You! • Questions? • Contact – Twitter: @asankhaya • Links – Source Code: https://github.com/codelion/pathgrind – Slides: http://asankhaya.github.io/ppt/PyDataSing.pptx 10 June 2015 PyData Singapore 23

Recommended

Space complexity
Space complexitySpace complexity
Space complexityBhanusree Koduru
 
Radix Sort
Radix SortRadix Sort
Radix SortTirth Dave
 
Data Structure Radix Sort
Data Structure Radix SortData Structure Radix Sort
Data Structure Radix SortBhavik Vashi
 
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...Mumbai B.Sc.IT Study
 
Linked List Implementation of Queue in C
Linked List Implementation of Queue in CLinked List Implementation of Queue in C
Linked List Implementation of Queue in CKasun Ranga Wijeweera
 
Lecture02
Lecture02Lecture02
Lecture02Rudy Martinez
 
Information security Seminar #3
Information security Seminar #3 Information security Seminar #3
Information security Seminar #3 Alexander Kolybelnikov
 
[Question Paper] Advanced Java (Old Syllabus) [April / 2013]
[Question Paper] Advanced Java (Old Syllabus) [April / 2013][Question Paper] Advanced Java (Old Syllabus) [April / 2013]
[Question Paper] Advanced Java (Old Syllabus) [April / 2013]Mumbai B.Sc.IT Study
 

Recommended

Space complexity
Space complexitySpace complexity
Space complexityBhanusree Koduru
 
Radix Sort
Radix SortRadix Sort
Radix SortTirth Dave
 
Data Structure Radix Sort
Data Structure Radix SortData Structure Radix Sort
Data Structure Radix SortBhavik Vashi
 
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...Mumbai B.Sc.IT Study
 
Linked List Implementation of Queue in C
Linked List Implementation of Queue in CLinked List Implementation of Queue in C
Linked List Implementation of Queue in CKasun Ranga Wijeweera
 
Lecture02
Lecture02Lecture02
Lecture02Rudy Martinez
 
Information security Seminar #3
Information security Seminar #3 Information security Seminar #3
Information security Seminar #3 Alexander Kolybelnikov
 
[Question Paper] Advanced Java (Old Syllabus) [April / 2013]
[Question Paper] Advanced Java (Old Syllabus) [April / 2013][Question Paper] Advanced Java (Old Syllabus) [April / 2013]
[Question Paper] Advanced Java (Old Syllabus) [April / 2013]Mumbai B.Sc.IT Study
 
Pert analysis
Pert analysisPert analysis
Pert analysisHashamuddin Yaakob
 
Cpmprt
CpmprtCpmprt
CpmprtShakti Ranjan
 
Programing Slicing and Its applications
Programing Slicing and Its applicationsPrograming Slicing and Its applications
Programing Slicing and Its applicationsAnkur Jain
 
Spm ap-network model-
Spm ap-network model-Spm ap-network model-
Spm ap-network model-Kanchana Devi
 
4.9 cpm network calculations
4.9 cpm network calculations4.9 cpm network calculations
4.9 cpm network calculationsVishal Tidake
 
13 lecture project management
13 lecture project management13 lecture project management
13 lecture project managementAhmad Basim Hamza
 
Spm
SpmSpm
Spmdebarati roy
 
Lec 09 network scheduling_techniques
Lec 09 network scheduling_techniquesLec 09 network scheduling_techniques
Lec 09 network scheduling_techniquesSAJID ALI RUK
 
Realistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS dataRealistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS datahanguyenhoang
 
SPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptxSPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptxMuhammadAbubakar114879
 
Gantt PERT and CPM
Gantt PERT and CPMGantt PERT and CPM
Gantt PERT and CPMGurbakash Phonsa
 
Abhik-Satish-dagstuhl
Abhik-Satish-dagstuhlAbhik-Satish-dagstuhl
Abhik-Satish-dagstuhlAbhik Roychoudhury
 
Three-point estimation technique for software development
Three-point estimation technique for software developmentThree-point estimation technique for software development
Three-point estimation technique for software developmentSakir Temel
 
Online_Examination
Online_ExaminationOnline_Examination
Online_ExaminationRupam Dey
 
Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...Fajar Purnama
 
Project Management Techniques
Project Management TechniquesProject Management Techniques
Project Management Techniquesproject management
 
Syam critical path cpa
Syam critical path cpaSyam critical path cpa
Syam critical path cpasyamputra
 
Per tand project crashing
Per tand project crashingPer tand project crashing
Per tand project crashingHarinadh Karimikonda
 
Project management@ ppt doms
Project management@ ppt doms Project management@ ppt doms
Project management@ ppt doms Babasab Patil
 
Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015wolf4ood
 
9 types of people you find on your team
9 types of people you find on your team9 types of people you find on your team
9 types of people you find on your teamAsankhaya Sharma
 
Design and Implementation of the Security Graph Language
Design and Implementation of the Security Graph LanguageDesign and Implementation of the Security Graph Language
Design and Implementation of the Security Graph LanguageAsankhaya Sharma
 

More Related Content

Similar to Visualizing Symbolic Execution with Bokeh

Programing Slicing and Its applications
Programing Slicing and Its applicationsPrograming Slicing and Its applications
Programing Slicing and Its applicationsAnkur Jain
 
Spm ap-network model-
Spm ap-network model-Spm ap-network model-
Spm ap-network model-Kanchana Devi
 
4.9 cpm network calculations
4.9 cpm network calculations4.9 cpm network calculations
4.9 cpm network calculationsVishal Tidake
 
13 lecture project management
13 lecture project management13 lecture project management
13 lecture project managementAhmad Basim Hamza
 
Lec 09 network scheduling_techniques
Lec 09 network scheduling_techniquesLec 09 network scheduling_techniques
Lec 09 network scheduling_techniquesSAJID ALI RUK
 
Realistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS dataRealistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS datahanguyenhoang
 
SPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptxSPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptxMuhammadAbubakar114879
 
Three-point estimation technique for software development
Three-point estimation technique for software developmentThree-point estimation technique for software development
Three-point estimation technique for software developmentSakir Temel
 
Online_Examination
Online_ExaminationOnline_Examination
Online_ExaminationRupam Dey
 
Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...Fajar Purnama
 
Syam critical path cpa
Syam critical path cpaSyam critical path cpa
Syam critical path cpasyamputra
 
Project management@ ppt doms
Project management@ ppt doms Project management@ ppt doms
Project management@ ppt doms Babasab Patil
 
Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015wolf4ood
 

Similar to Visualizing Symbolic Execution with Bokeh (20)

Pert analysis
Pert analysisPert analysis
Pert analysis
 
Cpmprt
CpmprtCpmprt
Cpmprt
 
Programing Slicing and Its applications
Programing Slicing and Its applicationsPrograming Slicing and Its applications
Programing Slicing and Its applications
 
Spm ap-network model-
Spm ap-network model-Spm ap-network model-
Spm ap-network model-
 
4.9 cpm network calculations
4.9 cpm network calculations4.9 cpm network calculations
4.9 cpm network calculations
 
13 lecture project management
13 lecture project management13 lecture project management
13 lecture project management
 
Spm
SpmSpm
Spm
 
Lec 09 network scheduling_techniques
Lec 09 network scheduling_techniquesLec 09 network scheduling_techniques
Lec 09 network scheduling_techniques
 
Realistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS dataRealistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS data
 
SPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptxSPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptx
 
Gantt PERT and CPM
Gantt PERT and CPMGantt PERT and CPM
Gantt PERT and CPM
 
Abhik-Satish-dagstuhl
Abhik-Satish-dagstuhlAbhik-Satish-dagstuhl
Abhik-Satish-dagstuhl
 
Three-point estimation technique for software development
Three-point estimation technique for software developmentThree-point estimation technique for software development
Three-point estimation technique for software development
 
Online_Examination
Online_ExaminationOnline_Examination
Online_Examination
 
Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...
 
Project Management Techniques
Project Management TechniquesProject Management Techniques
Project Management Techniques
 
Syam critical path cpa
Syam critical path cpaSyam critical path cpa
Syam critical path cpa
 
Per tand project crashing
Per tand project crashingPer tand project crashing
Per tand project crashing
 
Project management@ ppt doms
Project management@ ppt doms Project management@ ppt doms
Project management@ ppt doms
 
Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015
 

More from Asankhaya Sharma

9 types of people you find on your team
9 types of people you find on your team9 types of people you find on your team
9 types of people you find on your teamAsankhaya Sharma
 
Design and Implementation of the Security Graph Language
Design and Implementation of the Security Graph LanguageDesign and Implementation of the Security Graph Language
Design and Implementation of the Security Graph LanguageAsankhaya Sharma
 
Securing Open Source Code in Enterprise
Securing Open Source Code in EnterpriseSecuring Open Source Code in Enterprise
Securing Open Source Code in EnterpriseAsankhaya Sharma
 
Secure Software Development
Secure Software DevelopmentSecure Software Development
Secure Software DevelopmentAsankhaya Sharma
 
Verified Subtyping with Traits and Mixins
Verified Subtyping with Traits and MixinsVerified Subtyping with Traits and Mixins
Verified Subtyping with Traits and MixinsAsankhaya Sharma
 
Specifying compatible sharing in data structures
Specifying compatible sharing in data structuresSpecifying compatible sharing in data structures
Specifying compatible sharing in data structuresAsankhaya Sharma
 
Exploiting undefined behaviors for efficient symbolic execution
Exploiting undefined behaviors for efficient symbolic executionExploiting undefined behaviors for efficient symbolic execution
Exploiting undefined behaviors for efficient symbolic executionAsankhaya Sharma
 
DIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryDIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryAsankhaya Sharma
 
Developer-focused Software Security
Developer-focused Software SecurityDeveloper-focused Software Security
Developer-focused Software SecurityAsankhaya Sharma
 
Crafting a Successful Engineering Career
Crafting a Successful Engineering CareerCrafting a Successful Engineering Career
Crafting a Successful Engineering CareerAsankhaya Sharma
 
Certified Reasoning for Automated Verification
Certified Reasoning for Automated VerificationCertified Reasoning for Automated Verification
Certified Reasoning for Automated VerificationAsankhaya Sharma
 

More from Asankhaya Sharma (13)

9 types of people you find on your team
9 types of people you find on your team9 types of people you find on your team
9 types of people you find on your team
 
Design and Implementation of the Security Graph Language
Design and Implementation of the Security Graph LanguageDesign and Implementation of the Security Graph Language
Design and Implementation of the Security Graph Language
 
Securing Open Source Code in Enterprise
Securing Open Source Code in EnterpriseSecuring Open Source Code in Enterprise
Securing Open Source Code in Enterprise
 
Secure Software Development
Secure Software DevelopmentSecure Software Development
Secure Software Development
 
Verified Subtyping with Traits and Mixins
Verified Subtyping with Traits and MixinsVerified Subtyping with Traits and Mixins
Verified Subtyping with Traits and Mixins
 
Specifying compatible sharing in data structures
Specifying compatible sharing in data structuresSpecifying compatible sharing in data structures
Specifying compatible sharing in data structures
 
Exploiting undefined behaviors for efficient symbolic execution
Exploiting undefined behaviors for efficient symbolic executionExploiting undefined behaviors for efficient symbolic execution
Exploiting undefined behaviors for efficient symbolic execution
 
DIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryDIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated Recovery
 
Developer-focused Software Security
Developer-focused Software SecurityDeveloper-focused Software Security
Developer-focused Software Security
 
Crafting a Successful Engineering Career
Crafting a Successful Engineering CareerCrafting a Successful Engineering Career
Crafting a Successful Engineering Career
 
Certified Reasoning for Automated Verification
Certified Reasoning for Automated VerificationCertified Reasoning for Automated Verification
Certified Reasoning for Automated Verification
 
Last Days of Academy
Last Days of AcademyLast Days of Academy
Last Days of Academy
 
SayCheese Ad
SayCheese AdSayCheese Ad
SayCheese Ad
 

Recently uploaded

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 

Recently uploaded (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 

Visualizing Symbolic Execution with Bokeh

  • 1. Visualizing Symbolic Execution with Bokeh Asankhaya Sharma SRC:CLR
  • 2. Symbolic Execution (SE) • Analyzing a program to determine what inputs cause each part of a program to execute [Wikipedia] • The idea – Execute the program with an input – Build a symbolic formula during execution which captures the path taken by the input through the program 10 June 2015 PyData Singapore 2
  • 3. Path Condition (PC) int max(int x, int y, int z){ int m = x; if(y>m && y>z) m = y; else if(z>m) m = z; return m; } max(1,3,2) = 3 Inputs: x0,y0,z0 PC: true PC: m0=x0 PC: m0=x0∧y0>m0∧y0>z0 ∧m1=y0 Output: m1 10 June 2015 PyData Singapore 3
  • 4. 10 June 2015 PyData Singapore 4 m = x m = y y>m && y>z z > m m = z return m true m=x …∧y>m∧y>z …∧¬(y>m∧y>z) …∧z>m …∧¬(z>m) …∧m=z …∧m=y Execution Tree
  • 5. Path Exploration PC: m0=x0∧y0>m0∧y0>z0∧m1=y0 PC1: y0>x0∧y0>z0∧3=y0 Negate first constraint PC2: y0<=x0∧y0>z0∧3=y0 Check satisfiability using a constraint solver New Inputs: x0=3, y0=3, z0=2 Repeat SE with new inputs 10 June 2015 PyData Singapore 5
  • 6. Why is SE useful? • Automated Fuzzing • Test Case Generation • Debugging Error Traces • Program Analysis • … 10 June 2015 PyData Singapore 6
  • 7. Bottlenecks • Path Explosion – Loops and recursion – Unbounded number of paths in a program • Constraint Solving – int is easy but what about other data types floats, strings, bit vectors etc. – Handling data structures with pointers 10 June 2015 PyData Singapore 7
  • 8. Exploiting Undefined Behaviors for Efficient Symbolic Execution [ICSE 14] 10 June 2015 PyData Singapore 8
  • 9. Demo 1 • Symbolic execution with Pathgrind – fuzz/fuzz.py 10 June 2015 PyData Singapore 9
  • 10. Bokeh • Bo(w)-Ke(ttle) 10 June 2015 PyData Singapore 10
  • 11. 10 June 2015 PyData Singapore 11
  • 12. Demo 2 • Plotting with Bokeh – Line Plot – Scatter Plot – Bokeh Server 10 June 2015 PyData Singapore 12
  • 13. Visualizing SE • Time Taken – Generate path conditions (path exploration) – Generate new inputs (by solving constraints) 10 June 2015 PyData Singapore 13
  • 14. Demo 3 • Pathgrind + Bokeh = Visualize SE – fuzz/plotfuzz.py 10 June 2015 PyData Singapore 14
  • 15. 10 June 2015 PyData Singapore 15
  • 16. All paths are not equal • Use Levenshtein distance to measure the similarity between the path conditions when represented as strings • Scatter plot of similarity using Bokeh 10 June 2015 PyData Singapore 16
  • 17. 10 June 2015 PyData Singapore 17
  • 18. Optimization for SE • Prune paths that are >90% similar – As measured using Levenshtein edit distance 10 June 2015 PyData Singapore 18
  • 19. 10 June 2015 PyData Singapore 19
  • 20. 10 June 2015 PyData Singapore 20
  • 21. Take Away • Symbolic Execution • Using Bokeh to Visualize SE • Identify Optimizations for SE • Future – Statically Sampling of Paths – Probabilistic Analysis 10 June 2015 PyData Singapore 21
  • 22. We are hiring … Shape the future of software security at SourceClear. By joining our team, you can help define the way modern developers identify and fix vulnerabilities in their code. Check out https://jobs.lever.co/sourceclear 10 June 2015 PyData Singapore 22
  • 23. Thank You! • Questions? • Contact – Twitter: @asankhaya • Links – Source Code: https://github.com/codelion/pathgrind – Slides: http://asankhaya.github.io/ppt/PyDataSing.pptx 10 June 2015 PyData Singapore 23