Last Days of Academy

•

2 likes•1,006 views

Asankhaya Sharma

Why higher education is ripe for disruption

Photo by kevin dooley

Photo by emmettanderson

Photo by cybrarian77

Photo by mathplourde

Photo by Jair Alcon Photography

More Related Content

What's hot

Begoña - SNTE

Wenceslao Verdugo Rojas

UNIDAD 2 SISTEMAS DE INFORMACION

UNIDAD 2 SISTEMAS DE INFORMACION

UNIDAD 2 SISTEMAS DE INFORMACION

Kjemidagen15

Silje Uhlen Maurset

SAN DIEGO COMIC CON

SAN DIEGO COMIC CON

SAN DIEGO COMIC CON

Omar Andres Beltrán Ramón

Blinds for Doors

Blinds for Doors

Blinds for Doors

Untitled Presentation

Untitled Presentation

Untitled Presentation

Untitled Presentation

Untitled Presentation

Untitled Presentation

Clinical Field Experience Week #3 Reflection

Clinical Field Experience Week #3 Reflection

Clinical Field Experience Week #3 Reflection

Matthew Petersen

Zlatan Ibrahimovic

Zlatan Ibrahimovic

Zlatan Ibrahimovic

What Do You Know . . .

What Do You Know . . .

What Do You Know . . .

Nancy Fitzgerald

Austin, Texas: Finding Your New Place!

Austin, Texas: Finding Your New Place!

Austin, Texas: Finding Your New Place!

Apartment Specialists

Vunkuwa® International Academy presents a unique massage technique

Vunkuwa® International Academy presents a unique massage technique

Vunkuwa® International Academy presents a unique massage technique

Carol Mathebula

German Shepherd

German Shepherd

German Shepherd

NANOTECNOLOGIA

The Pomodoro Technique

The Pomodoro Technique

The Pomodoro Technique

and our life could be in danger

and our life could be in danger

and our life could be in danger

HUM Consulting

Top 5 Buildings in Philly

Top 5 Buildings in Philly

Top 5 Buildings in Philly

Бесполезный - Useless

Бесполезный - Useless

Бесполезный - Useless

Ruslan Lyashchuk

Celebrity Health Records

Celebrity Health Records

Celebrity Health Records

What's hot (20)

Begoña - SNTE

UNIDAD 2 SISTEMAS DE INFORMACION

UNIDAD 2 SISTEMAS DE INFORMACION

UNIDAD 2 SISTEMAS DE INFORMACION

Kjemidagen15

SAN DIEGO COMIC CON

SAN DIEGO COMIC CON

SAN DIEGO COMIC CON

Blinds for Doors

Blinds for Doors

Blinds for Doors

Untitled Presentation

Untitled Presentation

Untitled Presentation

Untitled Presentation

Untitled Presentation

Untitled Presentation

Clinical Field Experience Week #3 Reflection

Clinical Field Experience Week #3 Reflection

Clinical Field Experience Week #3 Reflection

Zlatan Ibrahimovic

Zlatan Ibrahimovic

Zlatan Ibrahimovic

What Do You Know . . .

What Do You Know . . .

What Do You Know . . .

Austin, Texas: Finding Your New Place!

Austin, Texas: Finding Your New Place!

Austin, Texas: Finding Your New Place!

Vunkuwa® International Academy presents a unique massage technique

Vunkuwa® International Academy presents a unique massage technique

Vunkuwa® International Academy presents a unique massage technique

German Shepherd

German Shepherd

German Shepherd

NANOTECNOLOGIA

The Pomodoro Technique

The Pomodoro Technique

The Pomodoro Technique

and our life could be in danger

and our life could be in danger

and our life could be in danger

HUM Consulting

Top 5 Buildings in Philly

Top 5 Buildings in Philly

Top 5 Buildings in Philly

Бесполезный - Useless

Бесполезный - Useless

Бесполезный - Useless

Celebrity Health Records

Celebrity Health Records

Celebrity Health Records

More from Asankhaya Sharma

9 types of people you find on your team

9 types of people you find on your team

9 types of people you find on your team

Asankhaya Sharma

Today software is built in fundamentally different ways from how it was a decade ago. It is increasingly common for applications to be assembled out of open-source components, resulting in the use of large amounts of third-party code. This third-party code is a means for vulnerabilities to make their way downstream into applications. Recent vulnerabilities such as Heartbleed, FREAK SSL/TLS, GHOST, and the Equifax data breach (due to a flaw in Apache Struts) were ultimately caused by third-party components. We argue that an automated way to audit the open-source ecosystem, catalog existing vulnerabilities, and discover new flaws is essential to using open-source safely. To this end, we describe the Security Graph Language (SGL), a domain-specific language for analysing graph-structured datasets of open-source code and cataloguing vulnerabilities. SGL allows users to express complex queries on relations between libraries and vulnerabilities in the style of a program analysis language. SGL queries double as an executable representation for vulnerabilities, allowing vulnerabilities to be automatically checked against a database and deduplicated using a canonical representation. We outline a novel optimisation for SGL queries based on regular path query containment, improving query performance up to 3 orders of magnitude. We also demonstrate the effectiveness of SGL in practice to find zero-day vulnerabilities by identifying sever

Design and Implementation of the Security Graph Language

Design and Implementation of the Security Graph Language

Design and Implementation of the Security Graph Language

Asankhaya Sharma

In recent years, the number of open-source components used by developers to build software has seen immense growth. Millions of open-source libraries are distributed through centralised systems like Maven Central (Java), NPM (JavaScript), and GitHub (Go), and their widespread use means that bugs and vulnerabilities impact large numbers of downstream applications. In this talk, I will introduce the common security problems facing enterprises using open source code. We will also talk about how to manage the open source software risks using people, process and tools.

Securing Open Source Code in Enterprise

Securing Open Source Code in Enterprise

Securing Open Source Code in Enterprise

Asankhaya Sharma

Secure Software Development

Secure Software Development

Secure Software Development

Asankhaya Sharma

Traits allow decomposing programs into smaller parts and mixins are a form of composition that resemble multiple inheritance. Unfortunately, in the presence of traits, programming languages like Scala give up on subtyping relation between objects. In this paper, we present a method to check subtyping between objects based on entailment in separation logic. We implement our method as a domain specific language in Scala and apply it on the Scala standard library. We have verified that 67% of mixins used in the Scala standard library do indeed conform to subtyping between the traits that are used to build them.

Verified Subtyping with Traits and Mixins

Verified Subtyping with Traits and Mixins

Verified Subtyping with Traits and Mixins

Asankhaya Sharma

Automated verification of programs that utilize data structures with intrinsic sharing is a challenging problem. We develop an extension to separation logic that can reason about aliasing in heaps using a notion of compatible sharing. Compatible sharing can model a variety of fine grained sharing and aliasing scenarios with concise specifications. Given these specifications, our entailment procedure enables fully automated verification of a number of challenging programs manipulating data structures with non-trivial sharing. We benchmarked our prototype with examples derived from practical algorithms found in systems code, such as those using threaded trees and overlaid data structures.

Specifying compatible sharing in data structures

Specifying compatible sharing in data structures

Specifying compatible sharing in data structures

Asankhaya Sharma

Symbolic execution is an important and popular technique used in several software engineering tools for test case generation, debugging and program analysis. As such improving the performance of symbolic execution can have huge impact on the effectiveness of such tools. In this paper, we present a technique to systematically introduce undefined behaviors during compilation to speed up the subsequent symbolic execution of the program. We have implemented our technique inside LLVM and tested with an existing symbolic execution engine (Pathgrind). Preliminary results on the SIR repository benchmark are encouraging and show 48% speed up in time and 30% reduction in the number of constraints.

Exploiting undefined behaviors for efficient symbolic execution

Exploiting undefined behaviors for efficient symbolic execution

Exploiting undefined behaviors for efficient symbolic execution

Asankhaya Sharma

In this project we present a new architecture for database intrusion detection. We implement this framework called DIDAR (Database Intrusion Detection with Automated Recovery) and discuss the performance issues. Recently there has been considerable interest in the design of intrusion detection system for databases. Most of the current systems take a laid back approach and concentrate more on containment and recovery once the database has been infected by malicious transaction. We propose a more proactive solution; DIDAR aims to detect the intrusions as soon as possible with support for damage containment and auto recovery as well. DIDAR provides intrusion tolerance by working in two phases – learning and detection. During the learning phase we build a model of the legitimate queries for each user based on the currently executing transactions and later use that model to detect the malicious transactions. DIDAR guarantees quality of information assurance at four different levels for each user. We have positive results based on our prototype and preliminary testing on synthetic database. With almost no load to the database DIDAR achieves high detection rates, quick damage containment and full recovery.

DIDAR: Database Intrusion Detection with Automated Recovery

DIDAR: Database Intrusion Detection with Automated Recovery

DIDAR: Database Intrusion Detection with Automated Recovery

Asankhaya Sharma

Over the past few years, the way we build software has changed a lot. These days, developers make heavy use of open-source libraries and 3rd party components to design and assembly software. Unfortunately, reusable components also mean reusable vulnerabilities. Hackers have shifted their attention from exploiting applications to exploiting vulnerabilities in libraries. In this talk, we will review some of the popular security vulnerabilities that affected open-source libraries recently. We will also look at how current security products and techniques do not focus on vulnerabilities in libraries and components. Detecting vulnerabilities in libraries and remediating them requires a change in thinking about software security. Developers are the key stakeholders in the security of the software they build and empowering them with the right tools and information can help them build secure software. We will take a look at a XSS (Cross-site Scripting) vulnerability in the popular JavaScript library Handlebars.js and the impact it had on other libraries and applications. We will then show how developers can make use of secure HTTP headers and content security policy to prevent XSS, clickjacking and other code injection attacks. Integrating security features directly in software development can enable developers to build software safely.

Developer-focused Software Security

Developer-focused Software Security

Developer-focused Software Security

Asankhaya Sharma

Visualizing Symbolic Execution with Bokeh

Visualizing Symbolic Execution with Bokeh

Visualizing Symbolic Execution with Bokeh

Asankhaya Sharma

Crafting a Successful Engineering Career

Crafting a Successful Engineering Career

Crafting a Successful Engineering Career

Asankhaya Sharma

Formal methods help improve the quality and reliability of software by providing proof of correctness. However, ensuring the correctness of verification tools that apply these formal methods, is itself a much harder problem. A typical way to justify the correctness is to provide soundness proofs based on semantic models. For program verifiers these soundness proofs are quite large and complex. In this thesis, we introduce certified reasoning to provide machine checked proofs of various components of an automated verification system. We develop new certified decision procedures (Omega++) and certified proofs (for compatible sharing) and integrate with an existing automated verification system (HIP/SLEEK). We show that certified reasoning improves the correctness and expressivity of automated verification without sacrificing on performance.

Certified Reasoning for Automated Verification

Certified Reasoning for Automated Verification

Certified Reasoning for Automated Verification

Asankhaya Sharma

SayCheese Ad

Asankhaya Sharma

More from Asankhaya Sharma (13)

9 types of people you find on your team

9 types of people you find on your team

9 types of people you find on your team

Design and Implementation of the Security Graph Language

Design and Implementation of the Security Graph Language

Design and Implementation of the Security Graph Language

Securing Open Source Code in Enterprise

Securing Open Source Code in Enterprise

Securing Open Source Code in Enterprise

Secure Software Development

Secure Software Development

Secure Software Development

Verified Subtyping with Traits and Mixins

Verified Subtyping with Traits and Mixins

Verified Subtyping with Traits and Mixins

Specifying compatible sharing in data structures

Specifying compatible sharing in data structures

Specifying compatible sharing in data structures

Exploiting undefined behaviors for efficient symbolic execution

Exploiting undefined behaviors for efficient symbolic execution

Exploiting undefined behaviors for efficient symbolic execution

DIDAR: Database Intrusion Detection with Automated Recovery

DIDAR: Database Intrusion Detection with Automated Recovery

DIDAR: Database Intrusion Detection with Automated Recovery

Developer-focused Software Security

Developer-focused Software Security

Developer-focused Software Security

Visualizing Symbolic Execution with Bokeh

Visualizing Symbolic Execution with Bokeh

Visualizing Symbolic Execution with Bokeh

Crafting a Successful Engineering Career

Crafting a Successful Engineering Career

Crafting a Successful Engineering Career

Certified Reasoning for Automated Verification

Certified Reasoning for Automated Verification

Certified Reasoning for Automated Verification

SayCheese Ad

Recently uploaded

Measures of Dispersion and Variability: Range, QD, AD and SD

Measures of Dispersion and Variability: Range, QD, AD and SD

Measures of Dispersion and Variability: Range, QD, AD and SD

1029-Danh muc Sach Giao Khoa khoi 6.pdf

1029-Danh muc Sach Giao Khoa khoi 6.pdf

1029-Danh muc Sach Giao Khoa khoi 6.pdf

Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"

Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"

Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"

National Information Standards Organization (NISO)

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

Measures of Central Tendency: Mean, Median and Mode

Measures of Central Tendency: Mean, Median and Mode

Measures of Central Tendency: Mean, Median and Mode

Unit-V; Pricing (Pharma Marketing Management).pptx

Unit-V; Pricing (Pharma Marketing Management).pptx

Unit-V; Pricing (Pharma Marketing Management).pptx

VishalSingh1417

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

Activity 01 - Artificial Culture (1).pdf

Activity 01 - Artificial Culture (1).pdf

Activity 01 - Artificial Culture (1).pdf

The global implications of DORA and NIS 2 Directive are significant, extending beyond the European Union. Amongst others, the webinar covers: • DORA and its Implications • Nis 2 Directive and its Implications • How to leverage directive and regulation as a marketing tool and competitive advantage • How to use new compliance framework to request additional budget Presenters: Christophe Mazzola - Senior Cyber Governance Consultant Armed with endless Excel files, a meme catalog worthy of the best X'os (formerly twittos), and a risk register to make your favorite risk manager jealous, I swapped my computer scientist cape a few years ago for that of a (cyber) threat hunter with the honorary title of CISO. Ah, and I am also a quadruple senior certified ISO27001/2/5, Pas mal non ? C'est francais. Malcolm Xavier Malcolm Xavier has been working in the Digital Industry for over 18 Years now. He has worked with Global Clients in South Africa, United States and United Kingdom. He has achieved Many Professional Certifications Like CISSP, Google Cloud Practitioner, TOGAF, Azure Cloud, ITIL v3 etc. His core competencies include IT strategy, cybersecurity, IT infrastructure management, data center migration and consolidation, data protection and compliance, risk management and governance, and IS program development and management. Date: April 25, 2024 Tags: Information Security, Digital Operational Resilience Act (DORA) ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: Digital Operational Resilience Act (DORA) - EN | PECB NIS 2 Directive - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION

Beyond the EU: DORA and NIS 2 Directive's Global Impact

Beyond the EU: DORA and NIS 2 Directive's Global Impact

Beyond the EU: DORA and NIS 2 Directive's Global Impact

microwave assisted reaction. General introduction

microwave assisted reaction. General introduction

microwave assisted reaction. General introduction

fourth grading exam for kindergarten in writing

fourth grading exam for kindergarten in writing

fourth grading exam for kindergarten in writing

TeacherCyreneCayanan

Accessible design: Minimum effort, maximum impact

Accessible design: Minimum effort, maximum impact

Accessible design: Minimum effort, maximum impact

An Overview of Mutual Funds Bcom Project.pdf

An Overview of Mutual Funds Bcom Project.pdf

An Overview of Mutual Funds Bcom Project.pdf

Class 11th Physics NEET formula sheet pdf

Class 11th Physics NEET formula sheet pdf

Class 11th Physics NEET formula sheet pdf

AyushMahapatra5

psychiatric nursing HISTORY COLLECTION .docx

psychiatric nursing HISTORY COLLECTION .docx

psychiatric nursing HISTORY COLLECTION .docx

The basics of sentences session 2pptx copy.pptx

The basics of sentences session 2pptx copy.pptx

The basics of sentences session 2pptx copy.pptx

APM Welcome Tuesday 30 April 2024 APM North West Network Conference, Synergies Across Sectors Presented by: Professor Adam Boddison OBE, Chief Executive Officer, APM Conference overview: https://www.apm.org.uk/community/apm-north-west-branch-conference/ Content description: APM welcome from CEO The main conference objective was to promote the Project Management profession with interaction between project practitioners, APM Corporate members, current project management students, academia and all who have an interest in projects.

APM Welcome, APM North West Network Conference, Synergies Across Sectors

APM Welcome, APM North West Network Conference, Synergies Across Sectors

APM Welcome, APM North West Network Conference, Synergies Across Sectors

Association for Project Management

Introduction to Nonprofit Accounting: The Basics

Introduction to Nonprofit Accounting: The Basics

Introduction to Nonprofit Accounting: The Basics

1029 - Danh muc Sach Giao Khoa 10 . pdf

1029 - Danh muc Sach Giao Khoa 10 . pdf

1029 - Danh muc Sach Giao Khoa 10 . pdf

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

RamjanShidvankar

Recently uploaded (20)

Measures of Dispersion and Variability: Range, QD, AD and SD

Measures of Dispersion and Variability: Range, QD, AD and SD

Measures of Dispersion and Variability: Range, QD, AD and SD

1029-Danh muc Sach Giao Khoa khoi 6.pdf

1029-Danh muc Sach Giao Khoa khoi 6.pdf

1029-Danh muc Sach Giao Khoa khoi 6.pdf

Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"

Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"

Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

Measures of Central Tendency: Mean, Median and Mode

Measures of Central Tendency: Mean, Median and Mode

Measures of Central Tendency: Mean, Median and Mode

Unit-V; Pricing (Pharma Marketing Management).pptx

Unit-V; Pricing (Pharma Marketing Management).pptx

Unit-V; Pricing (Pharma Marketing Management).pptx

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

Activity 01 - Artificial Culture (1).pdf

Activity 01 - Artificial Culture (1).pdf

Activity 01 - Artificial Culture (1).pdf

Beyond the EU: DORA and NIS 2 Directive's Global Impact

Beyond the EU: DORA and NIS 2 Directive's Global Impact

Beyond the EU: DORA and NIS 2 Directive's Global Impact

microwave assisted reaction. General introduction

microwave assisted reaction. General introduction

microwave assisted reaction. General introduction

fourth grading exam for kindergarten in writing

fourth grading exam for kindergarten in writing

fourth grading exam for kindergarten in writing

Accessible design: Minimum effort, maximum impact

Accessible design: Minimum effort, maximum impact

Accessible design: Minimum effort, maximum impact

An Overview of Mutual Funds Bcom Project.pdf

An Overview of Mutual Funds Bcom Project.pdf

An Overview of Mutual Funds Bcom Project.pdf

Class 11th Physics NEET formula sheet pdf

Class 11th Physics NEET formula sheet pdf

Class 11th Physics NEET formula sheet pdf

psychiatric nursing HISTORY COLLECTION .docx

psychiatric nursing HISTORY COLLECTION .docx

psychiatric nursing HISTORY COLLECTION .docx

The basics of sentences session 2pptx copy.pptx

The basics of sentences session 2pptx copy.pptx

The basics of sentences session 2pptx copy.pptx

APM Welcome, APM North West Network Conference, Synergies Across Sectors

APM Welcome, APM North West Network Conference, Synergies Across Sectors

APM Welcome, APM North West Network Conference, Synergies Across Sectors

Introduction to Nonprofit Accounting: The Basics

Introduction to Nonprofit Accounting: The Basics

Introduction to Nonprofit Accounting: The Basics

1029 - Danh muc Sach Giao Khoa 10 . pdf

1029 - Danh muc Sach Giao Khoa 10 . pdf

1029 - Danh muc Sach Giao Khoa 10 . pdf

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

Last Days of Academy

1. Photo by kevin dooley

2.

3.

4.

5.

6. Photo by emmettanderson

7. Photo by cybrarian77

8. Photo by mathplourde

9.

10. Photo by Jair Alcon Photography

11. Inspired? Create your own Haiku Deck presentation on SlideShare! GET STARTED