Slides from the 2016 Annual Computer Security Applications Conference (ACSAC), about the paper entitled "Code Obfuscation Against Symbolic Execution Attacks"
Practical RISC-V Random Test Generation using Constraint Programminged271828
A proof-of-concept random test generator for RISC-V ISA is presented. The test generator uses constraint programming for specification of relationships between instructions and operands. Example scenarios to cover basic instruction randomization, data hazards, and non-sharing are presented. The tool integrates the RISC-V instruction set simulator to enable the generation of self-checking tests. The tool is implemented in Python using a freely-available constraint solver library. A summary of problems encountered is provided and next steps are discussed.
TMPA-2017: Tools and Methods of Program Analysis
3-4 March, 2017, Hotel Holiday Inn Moscow Vinogradovo, Moscow
5W+1H Static Analysis Report Quality Measure
Maxim Menshchikov, Timur Lepikhin, Oktetlabs
For video follow the link: https://youtu.be/bjW6_rMCZB8
Would like to know more?
Visit our website:
www.tmpaconf.org
www.exactprosystems.com/events/tmpa
Follow us:
https://www.linkedin.com/company/exactpro-systems-llc?trk=biz-companies-cym
https://twitter.com/exactpro
Detail about cyclomatic complexity, formula to measure cyclomatic complexity and how this metric useful in software testing and uses of cyclomatic complexity etc.
Practical byzantine fault tolerance by altanaiALTANAI BISHT
Byzantine Fault Tolerance
state machine replication algorithm that is safe in asynchronous systems such as the Internet.Used to build highly available systems
incorporates mechanisms to defend against Byzantine-faulty clients
BFT provides safety and liveness if fewer than 1/3 of the replicas fail during the lifetime of the
system
Recovers replicas proactively : provided fewer than 1/3 of the replicas become faulty within a
small window of vulnerability
3f+1 replicas to survive the failures
3 phases protocol (pre-prepare, prepare, and commit)
Uses cryptographic hash function to compute message digests
And message authentication codes (MACs) to authenticate all messages
Allow for a very strong adversary
TMPA-2017: Live testing distributed system fault tolerance with fault injecti...Iosif Itkin
TMPA-2017: Tools and Methods of Program Analysis
3-4 March, 2017, Hotel Holiday Inn Moscow Vinogradovo, Moscow
Live testing distributed system fault tolerance with fault injection techniques
Alexey Vasyukov (Inventa), Vadim Zherder (MOEX)
For video follow the link: https://youtu.be/mGLRH2gqZwc
Would like to know more?
Visit our website:
www.tmpaconf.org
www.exactprosystems.com/events/tmpa
Follow us:
https://www.linkedin.com/company/exactpro-systems-llc?trk=biz-companies-cym
https://twitter.com/exactpro
Practical RISC-V Random Test Generation using Constraint Programminged271828
A proof-of-concept random test generator for RISC-V ISA is presented. The test generator uses constraint programming for specification of relationships between instructions and operands. Example scenarios to cover basic instruction randomization, data hazards, and non-sharing are presented. The tool integrates the RISC-V instruction set simulator to enable the generation of self-checking tests. The tool is implemented in Python using a freely-available constraint solver library. A summary of problems encountered is provided and next steps are discussed.
TMPA-2017: Tools and Methods of Program Analysis
3-4 March, 2017, Hotel Holiday Inn Moscow Vinogradovo, Moscow
5W+1H Static Analysis Report Quality Measure
Maxim Menshchikov, Timur Lepikhin, Oktetlabs
For video follow the link: https://youtu.be/bjW6_rMCZB8
Would like to know more?
Visit our website:
www.tmpaconf.org
www.exactprosystems.com/events/tmpa
Follow us:
https://www.linkedin.com/company/exactpro-systems-llc?trk=biz-companies-cym
https://twitter.com/exactpro
Detail about cyclomatic complexity, formula to measure cyclomatic complexity and how this metric useful in software testing and uses of cyclomatic complexity etc.
Practical byzantine fault tolerance by altanaiALTANAI BISHT
Byzantine Fault Tolerance
state machine replication algorithm that is safe in asynchronous systems such as the Internet.Used to build highly available systems
incorporates mechanisms to defend against Byzantine-faulty clients
BFT provides safety and liveness if fewer than 1/3 of the replicas fail during the lifetime of the
system
Recovers replicas proactively : provided fewer than 1/3 of the replicas become faulty within a
small window of vulnerability
3f+1 replicas to survive the failures
3 phases protocol (pre-prepare, prepare, and commit)
Uses cryptographic hash function to compute message digests
And message authentication codes (MACs) to authenticate all messages
Allow for a very strong adversary
TMPA-2017: Live testing distributed system fault tolerance with fault injecti...Iosif Itkin
TMPA-2017: Tools and Methods of Program Analysis
3-4 March, 2017, Hotel Holiday Inn Moscow Vinogradovo, Moscow
Live testing distributed system fault tolerance with fault injection techniques
Alexey Vasyukov (Inventa), Vadim Zherder (MOEX)
For video follow the link: https://youtu.be/mGLRH2gqZwc
Would like to know more?
Visit our website:
www.tmpaconf.org
www.exactprosystems.com/events/tmpa
Follow us:
https://www.linkedin.com/company/exactpro-systems-llc?trk=biz-companies-cym
https://twitter.com/exactpro
Compiler for Zero-Knowledge Proof-of-Knowledge ProtocolsThomas Briner
Zero-Knowledge Proof-of-Knowledge protocols are of particular interest for
authentication systems as developed for example in the IBM research laboratory in
Zurich. There is an arbitrary number of protocol instances that vary in terms of
protocol structure, additional restrictions on the preimages of the
homomorphisms, but also regarding the homomorphisms and groups itself that are
used. Depending on the concrete instance these protocols have
certain properties that might be useful for such systems.
The generation of a complete protocol instance for reasons of specification or
testing is a very time-consuming and error prone piece of work. Therefore this
process should be automated by the compiler that was developed during this diploma
thesis.
For this purpose an input language was created that allows to specify instances
of a certain protocol type and to add additional
types of checks using some auxiliary parameters. The user has the choice between
different levels of abstraction in specifying a certain protocol instance.
The compiler itself is written in java and is based on the traditional
object-oriented compiler design patterns. It contains in its library the basic skeleton of the
well-known Sigma protocol and of the 2Sigma protocol that was developed in the
research lab.
The compiler reads the input files with the protocol specifications written in
the input language mentioned above and checks for syntactical
correctness. Furthermore some semantic checks on the proper use of the protocol
parameters are performed. From these informations the compiler generates the
protocol instance either written as latex code or as java source code. The
latex code shows the detailed specification of the protocol instance consisting
of the documentation of the involved algebraic elements,
the facts that can be deduced in case of acceptance of the proof and all the steps performed during the
protocol execution. In case of java code generation it produces runnable java source code.
This code is based on an interface hierarchy that was developed during this
diploma thesis as well. At runtime the protocol instance has to be instantiated
with concrete implementations and can then be used for example for testing
reasons.
VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assis...Stefano Dalla Palma
These slides describe the paper of Henning Perl et. al. about a new method of finding potentially dangerous code in code repositories with a significantly lower false-positive rate than comparable systems. They combine code-metric analysis with metadata gathered from code repositories to help code review teams prioritize their work.
Among different things, software craftsmanship is about tools, and tools for measuring the performance of software are definitely something that should be present on every software craftsman's belt. In this session, we will introduce you to JMH, an OpenJDK harness for building, running and analysing nano/micro/milli/macro benchmarks written in Java and other languages targeting the JVM. It should help you find spots to optimise performance and, which may be even more important, it will show you parts that you don't really need to optimise. It not only will make your benchmarks more accurate, but also much easier to write.
We will detail why benchmarking is hard, discuss JVM internals to bring the audience to the same page explaining, at a high level, how the JIT compiler works and how code is executed by the JVM. We will then present JMH and explain how it can be used to confidently warmup the JVM, avoid compiler optimisations on the benchmark code, and make sure that you're measuring right. We will explain how multi-threaded benchmarks can become a piece of cake to write and how you can even profile your code out-of-the-box using JMH. Finally, we will talk about how it can be part of your continuous integration process and discuss our experience using JMH to benchmark critical pieces of the Amadeus distributed systems.
JMH is for benchmarking what JUnit is for unit-testing. The talk will be filled with live coding and short examples that will help to demonstrate and understand the concepts.
Agenda
Why benchmarking is hard?
A little bit of JVM internals
How JIT optimisations can affect benchmarks
JMH to the rescue
Warmup
Multi-threading
Compiler optimisations
Profiling with JMH
CPU
Memory
Using external profilers
Continous integration
Our experience in Amadeus
Protecting JavaScript source code using obfuscation - OWASP Europe Tour 2013 ...AuditMark
The goal of code obfuscation is to delay the understanding of what a program does. It can be used, for example, in scenarios where the code contains Intellectual Property (algorithms) or when the owner wants to prevent a competitor for stealing and reusing the code. To achieve it, an obfuscation transformation translates easy to understand code into a much harder to understand form. But in order to be resilient, obfuscation transformations need also to resist automatic reversal performed using static or dynamic code analysis techniques. This presentation focuses on the specific case of JavaScript source obfuscation, main usage cases, presents some obfuscation examples and their value in providing real protection against reverse-engineering.
The slides of the conference talk at Coscup: https://coscup.org/2021/zh-TW/session/GHA7PC
Content:
1. The general idea about debug
2. What is the deficiency of print when it is used for debugging?
3. tap>: a better print
4. The design philosophy of tap>
Our C# expert Eric Lippert provides his take on the psychology of C# analysis, including the business case for C#, developer characteristics and analysis tools.
Data Generation with PROSPECT: a Probability Specification ToolIvan Ruchkin
Presented at the Winter Simulation Conference 2021.
Abstract: Stochastic simulations of complex systems often rely on sampling dependent discrete random variables. Currently, their users are limited in expressing their intention about how these variables are distributed and related to each other over time. This limitation leads the users to program complex and error-prone sampling algorithms. This paper introduces a way to specify, declaratively and precisely, a temporal distribution over discrete variables. Our tool PROSPECT infers and samples this distribution by solving a system of polynomial equations. The evaluation on three simulation scenarios shows that the declarative specifications are easier to write, 3x more succinct than imperative sampling programs, and are processed correctly by PROSPECT.
When we develop software application, we need to think about our interfaces and we need to think about separate code into software components.
This talk would like to discuss about the following issues:
* How to separate code into components?
* How to design interfaces?
* How to design error messages?
https://www.youtube.com/watch?v=jgvItnE6rd0&list=PLEhSHDVBMPO3YBi5UiGNXlDlPLakz-AGi&index=22
Magic behind the numbers - software metrics in practiceSebastian Marek
We use static code analysis tools more often these days that create great reports and funky graphs. But do we understand what it all mean?
Software metrics tends to be magic numbers for a lot of people, but they don't really have to be. Let me introduce you to a few basic and
most popular software metric and tools and explain you what they mean and how you can use them to produce better software.
Information and data security pseudorandom number generation and stream cipherMazin Alwaaly
Information And Data Security Pseudorandom Number Generation and Stream Cipher seminar
Mustansiriya University
Department of Education
Computer Science
Sequence to Sequence Pattern Learning Algorithm for Real-time Anomaly Detecti...Gobinath Loganathan
Oral presentation of Seq2Seq Model for Real-time Intrusion detection at 31st Annual IEEE Canadian Conference on Electrical and Computer Engineering (CCECE 2018).
Abstract:
Network intrusions can be modeled as anomalies in network traffic in which the expected order of packets and their attributes deviate from regular traffic. Algorithms that predict the next sequence of events based on previous sequences are a promising avenue for detecting such anomalies. In this paper, we present a novel multi-attribute model for predicting a network packet sequence based on previous packets using a sequence-to-sequence (Seq2Seq) encoder-decoder model. This model is trained on an attack-free dataset to learn the normal sequence of packets in TCP connections and then it is used to detect anomalous packets in TCP traffic. We show that in DARPA 1999 dataset, the proposed multi-attribute Seq2Seq model detects anomalous raw TCP packets which are part of intrusions with 97% accuracy. Also, it can detect selected intrusions in real-time with 100% accuracy and outperforms existing algorithms based on recurrent neural network models such as LSTM.
How to hack cryptographic protocols with Formal MethodsOfer Rivlin, CISSP
Presented at OWASP AppSec-IL conference, 2018
Video at: https://youtu.be/3G5U8HhfJlI
https://appsecisrael2018.sched.com/event/Fvqr/how-to-hack-cryptographic-protocols-with-formal-methods
The design of even the smallest security protocols is prone to vulnerabilities. For example, the security protocols of federation & connected cars networks are extremely complex. I explore the use of formal methods for automating validation and hacking cryptographic protocols
Compiler for Zero-Knowledge Proof-of-Knowledge ProtocolsThomas Briner
Zero-Knowledge Proof-of-Knowledge protocols are of particular interest for
authentication systems as developed for example in the IBM research laboratory in
Zurich. There is an arbitrary number of protocol instances that vary in terms of
protocol structure, additional restrictions on the preimages of the
homomorphisms, but also regarding the homomorphisms and groups itself that are
used. Depending on the concrete instance these protocols have
certain properties that might be useful for such systems.
The generation of a complete protocol instance for reasons of specification or
testing is a very time-consuming and error prone piece of work. Therefore this
process should be automated by the compiler that was developed during this diploma
thesis.
For this purpose an input language was created that allows to specify instances
of a certain protocol type and to add additional
types of checks using some auxiliary parameters. The user has the choice between
different levels of abstraction in specifying a certain protocol instance.
The compiler itself is written in java and is based on the traditional
object-oriented compiler design patterns. It contains in its library the basic skeleton of the
well-known Sigma protocol and of the 2Sigma protocol that was developed in the
research lab.
The compiler reads the input files with the protocol specifications written in
the input language mentioned above and checks for syntactical
correctness. Furthermore some semantic checks on the proper use of the protocol
parameters are performed. From these informations the compiler generates the
protocol instance either written as latex code or as java source code. The
latex code shows the detailed specification of the protocol instance consisting
of the documentation of the involved algebraic elements,
the facts that can be deduced in case of acceptance of the proof and all the steps performed during the
protocol execution. In case of java code generation it produces runnable java source code.
This code is based on an interface hierarchy that was developed during this
diploma thesis as well. At runtime the protocol instance has to be instantiated
with concrete implementations and can then be used for example for testing
reasons.
VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assis...Stefano Dalla Palma
These slides describe the paper of Henning Perl et. al. about a new method of finding potentially dangerous code in code repositories with a significantly lower false-positive rate than comparable systems. They combine code-metric analysis with metadata gathered from code repositories to help code review teams prioritize their work.
Among different things, software craftsmanship is about tools, and tools for measuring the performance of software are definitely something that should be present on every software craftsman's belt. In this session, we will introduce you to JMH, an OpenJDK harness for building, running and analysing nano/micro/milli/macro benchmarks written in Java and other languages targeting the JVM. It should help you find spots to optimise performance and, which may be even more important, it will show you parts that you don't really need to optimise. It not only will make your benchmarks more accurate, but also much easier to write.
We will detail why benchmarking is hard, discuss JVM internals to bring the audience to the same page explaining, at a high level, how the JIT compiler works and how code is executed by the JVM. We will then present JMH and explain how it can be used to confidently warmup the JVM, avoid compiler optimisations on the benchmark code, and make sure that you're measuring right. We will explain how multi-threaded benchmarks can become a piece of cake to write and how you can even profile your code out-of-the-box using JMH. Finally, we will talk about how it can be part of your continuous integration process and discuss our experience using JMH to benchmark critical pieces of the Amadeus distributed systems.
JMH is for benchmarking what JUnit is for unit-testing. The talk will be filled with live coding and short examples that will help to demonstrate and understand the concepts.
Agenda
Why benchmarking is hard?
A little bit of JVM internals
How JIT optimisations can affect benchmarks
JMH to the rescue
Warmup
Multi-threading
Compiler optimisations
Profiling with JMH
CPU
Memory
Using external profilers
Continous integration
Our experience in Amadeus
Protecting JavaScript source code using obfuscation - OWASP Europe Tour 2013 ...AuditMark
The goal of code obfuscation is to delay the understanding of what a program does. It can be used, for example, in scenarios where the code contains Intellectual Property (algorithms) or when the owner wants to prevent a competitor for stealing and reusing the code. To achieve it, an obfuscation transformation translates easy to understand code into a much harder to understand form. But in order to be resilient, obfuscation transformations need also to resist automatic reversal performed using static or dynamic code analysis techniques. This presentation focuses on the specific case of JavaScript source obfuscation, main usage cases, presents some obfuscation examples and their value in providing real protection against reverse-engineering.
The slides of the conference talk at Coscup: https://coscup.org/2021/zh-TW/session/GHA7PC
Content:
1. The general idea about debug
2. What is the deficiency of print when it is used for debugging?
3. tap>: a better print
4. The design philosophy of tap>
Our C# expert Eric Lippert provides his take on the psychology of C# analysis, including the business case for C#, developer characteristics and analysis tools.
Data Generation with PROSPECT: a Probability Specification ToolIvan Ruchkin
Presented at the Winter Simulation Conference 2021.
Abstract: Stochastic simulations of complex systems often rely on sampling dependent discrete random variables. Currently, their users are limited in expressing their intention about how these variables are distributed and related to each other over time. This limitation leads the users to program complex and error-prone sampling algorithms. This paper introduces a way to specify, declaratively and precisely, a temporal distribution over discrete variables. Our tool PROSPECT infers and samples this distribution by solving a system of polynomial equations. The evaluation on three simulation scenarios shows that the declarative specifications are easier to write, 3x more succinct than imperative sampling programs, and are processed correctly by PROSPECT.
When we develop software application, we need to think about our interfaces and we need to think about separate code into software components.
This talk would like to discuss about the following issues:
* How to separate code into components?
* How to design interfaces?
* How to design error messages?
https://www.youtube.com/watch?v=jgvItnE6rd0&list=PLEhSHDVBMPO3YBi5UiGNXlDlPLakz-AGi&index=22
Magic behind the numbers - software metrics in practiceSebastian Marek
We use static code analysis tools more often these days that create great reports and funky graphs. But do we understand what it all mean?
Software metrics tends to be magic numbers for a lot of people, but they don't really have to be. Let me introduce you to a few basic and
most popular software metric and tools and explain you what they mean and how you can use them to produce better software.
Information and data security pseudorandom number generation and stream cipherMazin Alwaaly
Information And Data Security Pseudorandom Number Generation and Stream Cipher seminar
Mustansiriya University
Department of Education
Computer Science
Sequence to Sequence Pattern Learning Algorithm for Real-time Anomaly Detecti...Gobinath Loganathan
Oral presentation of Seq2Seq Model for Real-time Intrusion detection at 31st Annual IEEE Canadian Conference on Electrical and Computer Engineering (CCECE 2018).
Abstract:
Network intrusions can be modeled as anomalies in network traffic in which the expected order of packets and their attributes deviate from regular traffic. Algorithms that predict the next sequence of events based on previous sequences are a promising avenue for detecting such anomalies. In this paper, we present a novel multi-attribute model for predicting a network packet sequence based on previous packets using a sequence-to-sequence (Seq2Seq) encoder-decoder model. This model is trained on an attack-free dataset to learn the normal sequence of packets in TCP connections and then it is used to detect anomalous packets in TCP traffic. We show that in DARPA 1999 dataset, the proposed multi-attribute Seq2Seq model detects anomalous raw TCP packets which are part of intrusions with 97% accuracy. Also, it can detect selected intrusions in real-time with 100% accuracy and outperforms existing algorithms based on recurrent neural network models such as LSTM.
How to hack cryptographic protocols with Formal MethodsOfer Rivlin, CISSP
Presented at OWASP AppSec-IL conference, 2018
Video at: https://youtu.be/3G5U8HhfJlI
https://appsecisrael2018.sched.com/event/Fvqr/how-to-hack-cryptographic-protocols-with-formal-methods
The design of even the smallest security protocols is prone to vulnerabilities. For example, the security protocols of federation & connected cars networks are extremely complex. I explore the use of formal methods for automating validation and hacking cryptographic protocols
Using static code analysis tools and detecting and fixing identified issues is very important in order to improve the quality and security of the code baseline.
CodeChecker (https://github.com/Ericsson/codechecker ) is an open source analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
It provides a number of additional features:
- Good visualization of problems in the code
- Overview of results for the whole product
- Filtering
- Cross translational unit analysis and statistical checkers support
- Suppression handling
- And many others...
These features simplify the follow up of results and make it more efficient.
In the video, an overview of features and capabilities of CodeChecker is demonstrated as well as a description and recommendation of how to introduce new tools.
Recording of the demo: https://youtu.be/sQ2Qj0kHoRY published in C++ Dublin User group https://www.youtube.com/channel/UCZ4UNE_1IMUFfAhcdq7CMOg/
Useful links:
open source project: https://github.com/Ericsson/codechecker
http://codechecker-demo.eastus.cloudapp.azure.com/login.html#
demo/demo
https://codechecker.readthedocs.io/en/latest/
http://clang-analyzer.llvm.org/available_checks.html
http://clang.llvm.org/extra/clang-tidy/checks/list.html
Other related videos about Clang Static Analyzer and CodeChecker that goes a bit more deeply into how Clang Static Analyzer works:
Clang Static Analysis - Meeting C++ 2016 Gabor Horvath
https://www.youtube.com/watch?v=UcxF6CVueDM
CppCon 2016: Gabor Horvath “Make Friends with the Clang Static Analysis Tools"
https://www.youtube.com/watch?v=AQF6hjLKsnM
2012 B-Sides and ToorCon Talk Offensive Defense
Blog Post - http://blog.ioactive.com/2013/01/offensive-defense.html
Cyber-criminals have had back-end infrastructures equivalent to Virus Total to test if malware and exploits are effective against AV scanners for many years, thus showing that attackers are proactively avoiding detection when building malware. In this day of age malicious binaries are generated on demand by server-side kits when a victim visits a malicious web page, making reliance solely on hash based solutions inadequate. In the last 15 years detection techniques have evolved in an attempt to keep up with attack trends. In the last few years security companies have looked for supplemental solutions such as the use of machine learning to detect and mitigate attacks against cyber criminals. Let's not pretend attackers can't bypass each and every detection technique currently deployed. Join me as I present and review current detection methods found in most host and network security solutions found today. We will re-review the defense in depth strategy while keeping in mind that a solid security strategy consists of forcing an attacker to spend as much time and effort while needing to know a variety of skills and technologies in order to successfully pull off the attack. In the end I hope to convince you that thinking defensively requires thinking offensively.
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012TEST Huddle
EuroSTAR Software Testing Conference 2012 presentation on Innovations for Testing Parallel Software by Mike Bartley.
See more at: http://conference.eurostarsoftwaretesting.com/past-presentations/
about mutation testing and demonstration of muJava. muJava is automated tool for mutation testing of java programs. It tests the test cases. hence good to enhance and checking effectiveness of your test suites.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
ACSAC2016: Code Obfuscation Against Symbolic Execution Attacks
1. Code Obfuscation Against Symbolic Execution Attacks
Sebastian Banescu1, Christian Collberg2, Vijay Ganesh3,
Zack Newsham3, Alexander Pretschner1
1 Technical University of Munich, Germany
2 University of Arizona, Tucson, AZ, USA
3 University of Waterloo, Ontario, Canada
2. Research Questions
1. How do we measure obfuscation strength?
2. Which obfuscation transformations are stronger? Why?
3. Are combinations of obfuscation transformations stronger?
4. How many obfuscation transformations should one combine?
5. Can we build stronger obfuscation transformations?
2
3. Introduction
• Many obfuscation transformations available
• Malware developers combine them to generate millions of malware variants
• Human-assisted analysis of all variants unscalable
• Automated analysis must be employed
3
6. Simplify Control-Flow Graph (Yadegari et al. 2015)
1. Explore paths such that all code is covered
2. Simplify traces using compiler optimization tricks
3. Reconstruct CFG from traces
6
7. Identify Tamper-Proofing Checks (Qiu et al. 2015)
1. Taint code segment
2. Explore paths until enough self-checks disabled
(cyclic checks → explore all code)
3. Disable self-checking instructions
7
8. Symbolic / Concolic Execution
8
1. Make variables (inputs) symbolic
2. Collect path constraints during execution
3. Solve path constrains w. SMT solver → concrete values (test cases)
int main(int ac, char* av[]){
int a = atoi(av[1]); // symbolic
int b = atoi(av[2]); // symbolic
int c = atoi(av[3]); // symbolic
if (a > b)
a = a - b;
if (b < 1) {
if (c != a) {
c = a + b;
}
}
b = 1;
return 0;
}
9. Bypass Authentication Checks (Banescu et al. 2015)
1. Make password symbolic
2. Explore paths until desired instruction (sequence) is found
3. Solve path constraints on paths that lead to desired instruction via SMT solver
4. Find satisfiable path constraints → concrete inputs to bypass check
9
10. A Common Sub-Problem of Deobfuscation Attacks
• Common sub-problem: path exploration
• How do we explore paths of a given program?
• Generate test cases:
Black-box test generation: Fuzzing, Random testing
White-box test generation: Symbolic/Concolic execution
10
VS
11. Measuring Obfuscation Strength
• Strength of obfuscation: increase in test case generation time
• Observation: Generally, obfuscation does not change input-output behavior
→ No increase in black-box test case generation time
• Example:
• Observation: Could be faster to use black-box test generator than white-box
• Conclusion: Apply obfuscation transformations until white-box slower than
black-box test case generation
11
if (arg[1][0] > 127)
// do this
else
// do that
Obfuscator
Obfuscated
Program
12. Code Tampering Attacks
• Question: Why do we need code obfuscation? Just use cryptographic hash
• Example:
• Hard for symbolic execution (SMT solver) to break crypto hash functions
• Answer:
Test case generation is non-invasive attack, i.e. code is read, not changed
Obfuscation aims to defend against MATE attacker (can tamper with code)
Easy to find and patch-out crypto hash functions
12
if (SHA256(arg[1]) == 0xa49…3793)
// do this
else
// do that
14. Overview of Experiments
• Datasets of programs:
1. Manually crafted 48 small programs (heterogeneous)
2. Randomly generated 5761 larger programs (homogeneous)
• Obfuscation tools:
1. Tigress C Obfuscator / Virtualizer (source code level)
2. Obfuscator-LLVM (LLVM IR level)
• Symbolic execution tools:
1. KLEE (LLVM IR level)
2. Angr (binary level)
3. Triton (binary level)
14
15. Description of Experiment 1
• Attacker goal: 100% code coverage → CFG recovery, remove all self-checks
• Obfuscated programs in 1st dataset with:
30 combinations of 5 obfuscation transformations from Tigress
Opaque predicates
Encode literals
Encode arithmetic
Control flow flattening
Virtualization
9 combinations of 3 obfuscation transformations from Obfuscator-LLVM
Instruction substitution
Control flow flattening
Bogus control flow
48 original programs x 39 obfuscations + 48 original programs = 1920
• Ran KLEE 10x on each of the 1920 programs → recorded time, mem. size …
15
16. Results of Experiment 1
• Opaque predicates and virtualization have highest increase in program size
• Opaque predicates and encode literals have smallest impact on symbolic execution time
• Flattening and virtualization (also combined w. other transformations) increase time
• % time waiting for solver increased by flattening and encode arithmetic, decreased by virt.
• Flattening increases number of queries sent to SMT solver
• Encode arithmetic increases size of queries sent to SMT solver
16
Tigress Obfuscator-LLVM
17. Description of Experiment 2
• Attacker goal: find test for “winning” path → bypass license check
• Obfuscated programs in 2nd dataset with:
5 obfuscation transformations from Tigress
Opaque predicates
Encode literals
Encode arithmetic
Control flow flattening
Virtualization
5761 programs x 5 obfuscations + 5761 programs = 34 566 programs
• Ran symbolic execution tools:
1. KLEE (LLVM IR level)
2. Angr (binary level)
3. Triton (binary level)
17
18. Results of Experiment 2
• Triton ran out of memory when given larger obfuscated programs
• KLEE and angr only successfully analyzed 12.713 obfuscated programs
• Data types of variables and type of operators influence symbolic execution time
• KLEE incurs overall lower slowdown than angr (also requires less memory)
• Slowdown for finding “winning” path is lower than slowdown for 100% code coverage
18
19. Key Observation from Experiments
Observation: Number of path constraints are the same for all obfuscated and
original programs
Reason: Obfuscation transformations do not introduce new paths dependent on
symbolic values
Idea: Introduce new paths dependent on symbolic values!
19
20. Conclusions
• Test case generation is a common sub-goal of 3 deobfuscation attacks
• Used 2 datasets of small programs to compare obfuscation and attack impl.:
Opaque predicates, instruction substitution and encode literals not good
Virtualization, flattening and encode arithmetic better
KLEE slightly faster than Angr
• Remark: Obfuscation transformations don’t introduce input dependent paths
• Proposed obfuscation transformations to raise the bar for sym-exec
• Future work:
Use real-world programs
Binary obfuscators (e.g. Themida)
Other automated attacks (e.g. active / tampering attacks)
20