23
Visualizing Symbolic Execution with Bokeh Asankhaya Sharma SRC:CLR

Visualizing Symbolic Execution with Bokeh

Embed Size (px)

Citation preview

  1. 1. Visualizing Symbolic Execution with Bokeh Asankhaya Sharma SRC:CLR
  2. 2. Symbolic Execution (SE) Analyzing a program to determine what inputs cause each part of a program to execute [Wikipedia] The idea Execute the program with an input Build a symbolic formula during execution which captures the path taken by the input through the program 10 June 2015 PyData Singapore 2
  3. 3. Path Condition (PC) int max(int x, int y, int z){ int m = x; if(y>m && y>z) m = y; else if(z>m) m = z; return m; } max(1,3,2) = 3 Inputs: x0,y0,z0 PC: true PC: m0=x0 PC: m0=x0y0>m0y0>z0 m1=y0 Output: m1 10 June 2015 PyData Singapore 3
  4. 4. 10 June 2015 PyData Singapore 4 m = x m = y y>m && y>z z > m m = z return m true m=x y>my>z (y>my>z) z>m (z>m) m=z m=y Execution Tree
  5. 5. Path Exploration PC: m0=x0y0>m0y0>z0m1=y0 PC1: y0>x0y0>z03=y0 Negate first constraint PC2: y0z03=y0 Check satisfiability using a constraint solver New Inputs: x0=3, y0=3, z0=2 Repeat SE with new inputs 10 June 2015 PyData Singapore 5
  6. 6. Why is SE useful? Automated Fuzzing Test Case Generation Debugging Error Traces Program Analysis 10 June 2015 PyData Singapore 6
  7. 7. Bottlenecks Path Explosion Loops and recursion Unbounded number of paths in a program Constraint Solving int is easy but what about other data types floats, strings, bit vectors etc. Handling data structures with pointers 10 June 2015 PyData Singapore 7
  8. 8. Exploiting Undefined Behaviors for Efficient Symbolic Execution [ICSE 14] 10 June 2015 PyData Singapore 8
  9. 9. Demo 1 Symbolic execution with Pathgrind fuzz/fuzz.py 10 June 2015 PyData Singapore 9
  10. 10. Bokeh Bo(w)-Ke(ttle) 10 June 2015 PyData Singapore 10
  11. 11. 10 June 2015 PyData Singapore 11
  12. 12. Demo 2 Plotting with Bokeh Line Plot Scatter Plot Bokeh Server 10 June 2015 PyData Singapore 12
  13. 13. Visualizing SE Time Taken Generate path conditions (path exploration) Generate new inputs (by solving constraints) 10 June 2015 PyData Singapore 13
  14. 14. Demo 3 Pathgrind + Bokeh = Visualize SE fuzz/plotfuzz.py 10 June 2015 PyData Singapore 14
  15. 15. 10 June 2015 PyData Singapore 15
  16. 16. All paths are not equal Use Levenshtein distance to measure the similarity between the path conditions when represented as strings Scatter plot of similarity using Bokeh 10 June 2015 PyData Singapore 16
  17. 17. 10 June 2015 PyData Singapore 17
  18. 18. Optimization for SE Prune paths that are >90% similar As measured using Levenshtein edit distance 10 June 2015 PyData Singapore 18
  19. 19. 10 June 2015 PyData Singapore 19
  20. 20. 10 June 2015 PyData Singapore 20
  21. 21. Take Away Symbolic Execution Using Bokeh to Visualize SE Identify Optimizations for SE Future Statically Sampling of Paths Probabilistic Analysis 10 June 2015 PyData Singapore 21
  22. 22. We are hiring Shape the future of software security at SourceClear. By joining our team, you can help define the way modern developers identify and fix vulnerabilities in their code. Check out https://jobs.lever.co/sourceclear 10 June 2015 PyData Singapore 22
  23. 23. Thank You! Questions? Contact Twitter: @asankhaya Links Source Code: https://github.com/codelion/pathgrind Slides: http://asankhaya.github.io/ppt/PyDataSing.pptx 10 June 2015 PyData Singapore 23

B bokeh elag 2015

B bokeh elag 2015

Software
The symbolic language of Ethiopian crosses: visualizing ... · The symbolic language of Ethiopian crosses: visualizing history, identity and . salvation through form and ritual

The symbolic language of Ethiopian crosses: visualizing ... · The symbolic language of Ethiopian crosses: visualizing history, identity and . salvation through form and ritual

Documents
Cotizacion bokeh cinema 2015

Cotizacion bokeh cinema 2015

Documents
WORKING WITH AND VISUALIZING BIG DATA EFFICIENTLY WITH … · - Bokeh: Create interactive web applications from Python without having to know Javascript, CSS, or HTML. 15. SUBJECT

WORKING WITH AND VISUALIZING BIG DATA EFFICIENTLY WITH … · - Bokeh: Create interactive web applications from Python without having to know Javascript, CSS, or HTML. 15. SUBJECT

Documents
AIM 2020 Challenge on Rendering Realistic Bokehtimofter/publications/... · Quality. Airia-bokeh is the winner of the AIM 2020 challenge on rendering realistic bokeh. Airia-bokeh

AIM 2020 Challenge on Rendering Realistic Bokehtimofter/publications/... · Quality. Airia-bokeh is the winner of the AIM 2020 challenge on rendering realistic bokeh. Airia-bokeh

Documents
Visualizing a Billion Points w/ Bokeh Datashader

Visualizing a Billion Points w/ Bokeh Datashader

Data & Analytics
AIM 2019 Challenge on Bokeh Effect Synthesis: Methods and ...timofter/publications/... · Zurich Bokeh dataset described below. 2.1. ETH Zurich Bokeh dataset In order to tackle the

AIM 2019 Challenge on Bokeh Effect Synthesis: Methods and ...timofter/publications/... · Zurich Bokeh dataset described below. 2.1. ETH Zurich Bokeh dataset In order to tackle the

Documents
Bokeh Effect in 3ds Max - Austin Community · PDF fileBokeh Effect in 3ds Max In this beginner‟s tutorial we‟re going to create a bokeh effect in 3ds Max. The term bokeh is familiar

Bokeh Effect in 3ds Max - Austin Community · PDF fileBokeh Effect in 3ds Max In this beginner‟s tutorial we‟re going to create a bokeh effect in 3ds Max. The term bokeh is familiar

Documents
Faux Bokeh Tutorial

Faux Bokeh Tutorial

Documents
Fotografia bokeh

Fotografia bokeh

Art & Photos
Ver 20160403 Bokeh Film Festival Speaker Guidelines 1

Ver 20160403 Bokeh Film Festival Speaker Guidelines 1

Documents
Bokeh 2 Manual

Bokeh 2 Manual

Documents
Aperture in Photography (or how bokeh happens)

Aperture in Photography (or how bokeh happens)

Art & Photos
Membuat Desain BOKEH d Photoshop

Membuat Desain BOKEH d Photoshop

Documents
Bokeh is better than ever! - EuroPython 2016 · • Based on tornado and web sockets • Integrated with bokeh command (bokeh serve) • keep the “model objects” in python and

Bokeh is better than ever! - EuroPython 2016 · • Based on tornado and web sockets • Integrated with bokeh command (bokeh serve) • keep the “model objects” in python and

Documents
Hassle Free Data Science Apps with Bokeh Webinar

Hassle Free Data Science Apps with Bokeh Webinar

Data & Analytics
Bokeh Con Formas_ ¿Un Poco de Bricolaje

Bokeh Con Formas_ ¿Un Poco de Bricolaje

Documents
Bokeh Photoshop

Bokeh Photoshop

Documents
bokeh revista

bokeh revista

Documents
Bokeh Tutorial - PyData @ Strata San Jose 2015

Bokeh Tutorial - PyData @ Strata San Jose 2015

Data & Analytics
Bokeh Manual

Bokeh Manual

Documents
Software Bokeh 2.0: sfocare che passione! · Bokeh 2.0 di AlienSkin è il nuovo plug-in per Photoshop dedicato ad enfatizzare le immagini. Col termine giapponese bokeh in fotografia

Software Bokeh 2.0: sfocare che passione! · Bokeh 2.0 di AlienSkin è il nuovo plug-in per Photoshop dedicato ad enfatizzare le immagini. Col termine giapponese bokeh in fotografia

Documents
Bokeh Effect in 3ds Max

Bokeh Effect in 3ds Max

Documents
Photoshop CS6 - Efeito Bokeh

Photoshop CS6 - Efeito Bokeh

Education
Creative Use of Bokeh - Club Camera Tucsonclubcameratucson.org/wp-content/uploads/2016/12/001_Creative-Use-of-Bokeh-in...What does “bokeh” mean? 3 Technically the word “bokeh”

Creative Use of Bokeh - Club Camera Tucsonclubcameratucson.org/wp-content/uploads/2016/12/001_Creative-Use-of-Bokeh-in...What does “bokeh” mean? 3 Technically the word “bokeh”

Documents
O Efeito Bokeh

O Efeito Bokeh

Documents
BOKEH EFFECT IN PHOTOSHOP

BOKEH EFFECT IN PHOTOSHOP

Documents
Photohop Tutorial Adobe Bokeh File

Photohop Tutorial Adobe Bokeh File

Documents
técnica - bokeh

técnica - bokeh

Documents
Fun With Bokeh

Fun With Bokeh

Documents