SlideShare a Scribd company logo

Visualizing Symbolic Execution with Bokeh

Download as PPTX, PDF
Asankhaya Sharma
Asankhaya Sharma

Exploring symbolic execution using Bokeh, a Python based framework for data visualization.

Technology
1 of 23
Visualizing Symbolic Execution with Bokeh Asankhaya Sharma SRC:CLR
Symbolic Execution (SE) • Analyzing a program to determine what inputs cause each part of a program to execute [Wikipedia] • The idea – Execute the program with an input – Build a symbolic formula during execution which captures the path taken by the input through the program 10 June 2015 PyData Singapore 2
Path Condition (PC) int max(int x, int y, int z){ int m = x; if(y>m && y>z) m = y; else if(z>m) m = z; return m; } max(1,3,2) = 3 Inputs: x0,y0,z0 PC: true PC: m0=x0 PC: m0=x0∧y0>m0∧y0>z0 ∧m1=y0 Output: m1 10 June 2015 PyData Singapore 3
10 June 2015 PyData Singapore 4 m = x m = y y>m && y>z z > m m = z return m true m=x …∧y>m∧y>z …∧¬(y>m∧y>z) …∧z>m …∧¬(z>m) …∧m=z …∧m=y Execution Tree
Path Exploration PC: m0=x0∧y0>m0∧y0>z0∧m1=y0 PC1: y0>x0∧y0>z0∧3=y0 Negate first constraint PC2: y0<=x0∧y0>z0∧3=y0 Check satisfiability using a constraint solver New Inputs: x0=3, y0=3, z0=2 Repeat SE with new inputs 10 June 2015 PyData Singapore 5
Why is SE useful? • Automated Fuzzing • Test Case Generation • Debugging Error Traces • Program Analysis • … 10 June 2015 PyData Singapore 6
Bottlenecks • Path Explosion – Loops and recursion – Unbounded number of paths in a program • Constraint Solving – int is easy but what about other data types floats, strings, bit vectors etc. – Handling data structures with pointers 10 June 2015 PyData Singapore 7
Exploiting Undefined Behaviors for Efficient Symbolic Execution [ICSE 14] 10 June 2015 PyData Singapore 8
Demo 1 • Symbolic execution with Pathgrind – fuzz/fuzz.py 10 June 2015 PyData Singapore 9
Bokeh • Bo(w)-Ke(ttle) 10 June 2015 PyData Singapore 10
10 June 2015 PyData Singapore 11
Demo 2 • Plotting with Bokeh – Line Plot – Scatter Plot – Bokeh Server 10 June 2015 PyData Singapore 12
Visualizing SE • Time Taken – Generate path conditions (path exploration) – Generate new inputs (by solving constraints) 10 June 2015 PyData Singapore 13
Demo 3 • Pathgrind + Bokeh = Visualize SE – fuzz/plotfuzz.py 10 June 2015 PyData Singapore 14
10 June 2015 PyData Singapore 15
All paths are not equal • Use Levenshtein distance to measure the similarity between the path conditions when represented as strings • Scatter plot of similarity using Bokeh 10 June 2015 PyData Singapore 16
10 June 2015 PyData Singapore 17
Optimization for SE • Prune paths that are >90% similar – As measured using Levenshtein edit distance 10 June 2015 PyData Singapore 18
10 June 2015 PyData Singapore 19
10 June 2015 PyData Singapore 20
Take Away • Symbolic Execution • Using Bokeh to Visualize SE • Identify Optimizations for SE • Future – Statically Sampling of Paths – Probabilistic Analysis 10 June 2015 PyData Singapore 21
We are hiring … Shape the future of software security at SourceClear. By joining our team, you can help define the way modern developers identify and fix vulnerabilities in their code. Check out https://jobs.lever.co/sourceclear 10 June 2015 PyData Singapore 22
Thank You! • Questions? • Contact – Twitter: @asankhaya • Links – Source Code: https://github.com/codelion/pathgrind – Slides: http://asankhaya.github.io/ppt/PyDataSing.pptx 10 June 2015 PyData Singapore 23

Recommended

Space complexity
Space complexitySpace complexity
Space complexityBhanusree Koduru
 
Radix Sort
Radix SortRadix Sort
Radix SortTirth Dave
 
Data Structure Radix Sort
Data Structure Radix SortData Structure Radix Sort
Data Structure Radix SortBhavik Vashi
 
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...Mumbai B.Sc.IT Study
 
Linked List Implementation of Queue in C
Linked List Implementation of Queue in CLinked List Implementation of Queue in C
Linked List Implementation of Queue in CKasun Ranga Wijeweera
 
Lecture02
Lecture02Lecture02
Lecture02Rudy Martinez
 
Information security Seminar #3
Information security Seminar #3 Information security Seminar #3
Information security Seminar #3 Alexander Kolybelnikov
 
[Question Paper] Advanced Java (Old Syllabus) [April / 2013]
[Question Paper] Advanced Java (Old Syllabus) [April / 2013][Question Paper] Advanced Java (Old Syllabus) [April / 2013]
[Question Paper] Advanced Java (Old Syllabus) [April / 2013]Mumbai B.Sc.IT Study
 

Recommended

Space complexity
Space complexitySpace complexity
Space complexityBhanusree Koduru
 
Radix Sort
Radix SortRadix Sort
Radix SortTirth Dave
 
Data Structure Radix Sort
Data Structure Radix SortData Structure Radix Sort
Data Structure Radix SortBhavik Vashi
 
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...
[Question Paper] Object Oriented Programming with C++ (Old Course) [April / 2...Mumbai B.Sc.IT Study
 
Linked List Implementation of Queue in C
Linked List Implementation of Queue in CLinked List Implementation of Queue in C
Linked List Implementation of Queue in CKasun Ranga Wijeweera
 
Lecture02
Lecture02Lecture02
Lecture02Rudy Martinez
 
Information security Seminar #3
Information security Seminar #3 Information security Seminar #3
Information security Seminar #3 Alexander Kolybelnikov
 
[Question Paper] Advanced Java (Old Syllabus) [April / 2013]
[Question Paper] Advanced Java (Old Syllabus) [April / 2013][Question Paper] Advanced Java (Old Syllabus) [April / 2013]
[Question Paper] Advanced Java (Old Syllabus) [April / 2013]Mumbai B.Sc.IT Study
 
Pert analysis
Pert analysisPert analysis
Pert analysisHashamuddin Yaakob
 
Cpmprt
CpmprtCpmprt
CpmprtShakti Ranjan
 
Programing Slicing and Its applications
Programing Slicing and Its applicationsPrograming Slicing and Its applications
Programing Slicing and Its applicationsAnkur Jain
 
Spm ap-network model-
Spm ap-network model-Spm ap-network model-
Spm ap-network model-Kanchana Devi
 
4.9 cpm network calculations
4.9 cpm network calculations4.9 cpm network calculations
4.9 cpm network calculationsVishal Tidake
 
13 lecture project management
13 lecture project management13 lecture project management
13 lecture project managementAhmad Basim Hamza
 
Spm
SpmSpm
Spmdebarati roy
 
Lec 09 network scheduling_techniques
Lec 09 network scheduling_techniquesLec 09 network scheduling_techniques
Lec 09 network scheduling_techniquesSAJID ALI RUK
 
Realistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS dataRealistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS datahanguyenhoang
 
SPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptxSPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptxMuhammadAbubakar114879
 
Gantt PERT and CPM
Gantt PERT and CPMGantt PERT and CPM
Gantt PERT and CPMGurbakash Phonsa
 
Abhik-Satish-dagstuhl
Abhik-Satish-dagstuhlAbhik-Satish-dagstuhl
Abhik-Satish-dagstuhlAbhik Roychoudhury
 
Three-point estimation technique for software development
Three-point estimation technique for software developmentThree-point estimation technique for software development
Three-point estimation technique for software developmentSakir Temel
 
Online_Examination
Online_ExaminationOnline_Examination
Online_ExaminationRupam Dey
 
Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...Fajar Purnama
 
Project Management Techniques
Project Management TechniquesProject Management Techniques
Project Management Techniquesproject management
 
Syam critical path cpa
Syam critical path cpaSyam critical path cpa
Syam critical path cpasyamputra
 
Per tand project crashing
Per tand project crashingPer tand project crashing
Per tand project crashingHarinadh Karimikonda
 
Project management@ ppt doms
Project management@ ppt doms Project management@ ppt doms
Project management@ ppt doms Babasab Patil
 
Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015wolf4ood
 
9 types of people you find on your team
9 types of people you find on your team9 types of people you find on your team
9 types of people you find on your teamAsankhaya Sharma
 
Design and Implementation of the Security Graph Language
Design and Implementation of the Security Graph LanguageDesign and Implementation of the Security Graph Language
Design and Implementation of the Security Graph LanguageAsankhaya Sharma
 

More Related Content

Similar to Visualizing Symbolic Execution with Bokeh

Programing Slicing and Its applications
Programing Slicing and Its applicationsPrograming Slicing and Its applications
Programing Slicing and Its applicationsAnkur Jain
 
Spm ap-network model-
Spm ap-network model-Spm ap-network model-
Spm ap-network model-Kanchana Devi
 
4.9 cpm network calculations
4.9 cpm network calculations4.9 cpm network calculations
4.9 cpm network calculationsVishal Tidake
 
13 lecture project management
13 lecture project management13 lecture project management
13 lecture project managementAhmad Basim Hamza
 
Lec 09 network scheduling_techniques
Lec 09 network scheduling_techniquesLec 09 network scheduling_techniques
Lec 09 network scheduling_techniquesSAJID ALI RUK
 
Realistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS dataRealistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS datahanguyenhoang
 
SPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptxSPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptxMuhammadAbubakar114879
 
Three-point estimation technique for software development
Three-point estimation technique for software developmentThree-point estimation technique for software development
Three-point estimation technique for software developmentSakir Temel
 
Online_Examination
Online_ExaminationOnline_Examination
Online_ExaminationRupam Dey
 
Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...Fajar Purnama
 
Syam critical path cpa
Syam critical path cpaSyam critical path cpa
Syam critical path cpasyamputra
 
Project management@ ppt doms
Project management@ ppt doms Project management@ ppt doms
Project management@ ppt doms Babasab Patil
 
Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015wolf4ood
 

Similar to Visualizing Symbolic Execution with Bokeh (20)

Pert analysis
Pert analysisPert analysis
Pert analysis
 
Cpmprt
CpmprtCpmprt
Cpmprt
 
Programing Slicing and Its applications
Programing Slicing and Its applicationsPrograming Slicing and Its applications
Programing Slicing and Its applications
 
Spm ap-network model-
Spm ap-network model-Spm ap-network model-
Spm ap-network model-
 
4.9 cpm network calculations
4.9 cpm network calculations4.9 cpm network calculations
4.9 cpm network calculations
 
13 lecture project management
13 lecture project management13 lecture project management
13 lecture project management
 
Spm
SpmSpm
Spm
 
Lec 09 network scheduling_techniques
Lec 09 network scheduling_techniquesLec 09 network scheduling_techniques
Lec 09 network scheduling_techniques
 
Realistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS dataRealistic road path reconstruction from GIS data
Realistic road path reconstruction from GIS data
 
SPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptxSPM presentation extra material-Lect 9and 10.pptx
SPM presentation extra material-Lect 9and 10.pptx
 
Gantt PERT and CPM
Gantt PERT and CPMGantt PERT and CPM
Gantt PERT and CPM
 
Abhik-Satish-dagstuhl
Abhik-Satish-dagstuhlAbhik-Satish-dagstuhl
Abhik-Satish-dagstuhl
 
Three-point estimation technique for software development
Three-point estimation technique for software developmentThree-point estimation technique for software development
Three-point estimation technique for software development
 
Online_Examination
Online_ExaminationOnline_Examination
Online_Examination
 
Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...Demonstration on extending_the_pageview_feature_to_page_section_based_present...
Demonstration on extending_the_pageview_feature_to_page_section_based_present...
 
Project Management Techniques
Project Management TechniquesProject Management Techniques
Project Management Techniques
 
Syam critical path cpa
Syam critical path cpaSyam critical path cpa
Syam critical path cpa
 
Per tand project crashing
Per tand project crashingPer tand project crashing
Per tand project crashing
 
Project management@ ppt doms
Project management@ ppt doms Project management@ ppt doms
Project management@ ppt doms
 
Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015Time Series With OrientDB - Fosdem 2015
Time Series With OrientDB - Fosdem 2015
 

More from Asankhaya Sharma

9 types of people you find on your team
9 types of people you find on your team9 types of people you find on your team
9 types of people you find on your teamAsankhaya Sharma
 
Design and Implementation of the Security Graph Language
Design and Implementation of the Security Graph LanguageDesign and Implementation of the Security Graph Language
Design and Implementation of the Security Graph LanguageAsankhaya Sharma
 
Securing Open Source Code in Enterprise
Securing Open Source Code in EnterpriseSecuring Open Source Code in Enterprise
Securing Open Source Code in EnterpriseAsankhaya Sharma
 
Secure Software Development
Secure Software DevelopmentSecure Software Development
Secure Software DevelopmentAsankhaya Sharma
 
Verified Subtyping with Traits and Mixins
Verified Subtyping with Traits and MixinsVerified Subtyping with Traits and Mixins
Verified Subtyping with Traits and MixinsAsankhaya Sharma
 
Specifying compatible sharing in data structures
Specifying compatible sharing in data structuresSpecifying compatible sharing in data structures
Specifying compatible sharing in data structuresAsankhaya Sharma
 
Exploiting undefined behaviors for efficient symbolic execution
Exploiting undefined behaviors for efficient symbolic executionExploiting undefined behaviors for efficient symbolic execution
Exploiting undefined behaviors for efficient symbolic executionAsankhaya Sharma
 
DIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryDIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryAsankhaya Sharma
 
Developer-focused Software Security
Developer-focused Software SecurityDeveloper-focused Software Security
Developer-focused Software SecurityAsankhaya Sharma
 
Crafting a Successful Engineering Career
Crafting a Successful Engineering CareerCrafting a Successful Engineering Career
Crafting a Successful Engineering CareerAsankhaya Sharma
 
Certified Reasoning for Automated Verification
Certified Reasoning for Automated VerificationCertified Reasoning for Automated Verification
Certified Reasoning for Automated VerificationAsankhaya Sharma
 

More from Asankhaya Sharma (13)

9 types of people you find on your team
9 types of people you find on your team9 types of people you find on your team
9 types of people you find on your team
 
Design and Implementation of the Security Graph Language
Design and Implementation of the Security Graph LanguageDesign and Implementation of the Security Graph Language
Design and Implementation of the Security Graph Language
 
Securing Open Source Code in Enterprise
Securing Open Source Code in EnterpriseSecuring Open Source Code in Enterprise
Securing Open Source Code in Enterprise
 
Secure Software Development
Secure Software DevelopmentSecure Software Development
Secure Software Development
 
Verified Subtyping with Traits and Mixins
Verified Subtyping with Traits and MixinsVerified Subtyping with Traits and Mixins
Verified Subtyping with Traits and Mixins
 
Specifying compatible sharing in data structures
Specifying compatible sharing in data structuresSpecifying compatible sharing in data structures
Specifying compatible sharing in data structures
 
Exploiting undefined behaviors for efficient symbolic execution
Exploiting undefined behaviors for efficient symbolic executionExploiting undefined behaviors for efficient symbolic execution
Exploiting undefined behaviors for efficient symbolic execution
 
DIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryDIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated Recovery
 
Developer-focused Software Security
Developer-focused Software SecurityDeveloper-focused Software Security
Developer-focused Software Security
 
Crafting a Successful Engineering Career
Crafting a Successful Engineering CareerCrafting a Successful Engineering Career
Crafting a Successful Engineering Career
 
Certified Reasoning for Automated Verification
Certified Reasoning for Automated VerificationCertified Reasoning for Automated Verification
Certified Reasoning for Automated Verification
 
Last Days of Academy
Last Days of AcademyLast Days of Academy
Last Days of Academy
 
SayCheese Ad
SayCheese AdSayCheese Ad
SayCheese Ad
 

Recently uploaded

Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Visualizing Symbolic Execution with Bokeh

  • 1. Visualizing Symbolic Execution with Bokeh Asankhaya Sharma SRC:CLR
  • 2. Symbolic Execution (SE) • Analyzing a program to determine what inputs cause each part of a program to execute [Wikipedia] • The idea – Execute the program with an input – Build a symbolic formula during execution which captures the path taken by the input through the program 10 June 2015 PyData Singapore 2
  • 3. Path Condition (PC) int max(int x, int y, int z){ int m = x; if(y>m && y>z) m = y; else if(z>m) m = z; return m; } max(1,3,2) = 3 Inputs: x0,y0,z0 PC: true PC: m0=x0 PC: m0=x0∧y0>m0∧y0>z0 ∧m1=y0 Output: m1 10 June 2015 PyData Singapore 3
  • 4. 10 June 2015 PyData Singapore 4 m = x m = y y>m && y>z z > m m = z return m true m=x …∧y>m∧y>z …∧¬(y>m∧y>z) …∧z>m …∧¬(z>m) …∧m=z …∧m=y Execution Tree
  • 5. Path Exploration PC: m0=x0∧y0>m0∧y0>z0∧m1=y0 PC1: y0>x0∧y0>z0∧3=y0 Negate first constraint PC2: y0<=x0∧y0>z0∧3=y0 Check satisfiability using a constraint solver New Inputs: x0=3, y0=3, z0=2 Repeat SE with new inputs 10 June 2015 PyData Singapore 5
  • 6. Why is SE useful? • Automated Fuzzing • Test Case Generation • Debugging Error Traces • Program Analysis • … 10 June 2015 PyData Singapore 6
  • 7. Bottlenecks • Path Explosion – Loops and recursion – Unbounded number of paths in a program • Constraint Solving – int is easy but what about other data types floats, strings, bit vectors etc. – Handling data structures with pointers 10 June 2015 PyData Singapore 7
  • 8. Exploiting Undefined Behaviors for Efficient Symbolic Execution [ICSE 14] 10 June 2015 PyData Singapore 8
  • 9. Demo 1 • Symbolic execution with Pathgrind – fuzz/fuzz.py 10 June 2015 PyData Singapore 9
  • 10. Bokeh • Bo(w)-Ke(ttle) 10 June 2015 PyData Singapore 10
  • 11. 10 June 2015 PyData Singapore 11
  • 12. Demo 2 • Plotting with Bokeh – Line Plot – Scatter Plot – Bokeh Server 10 June 2015 PyData Singapore 12
  • 13. Visualizing SE • Time Taken – Generate path conditions (path exploration) – Generate new inputs (by solving constraints) 10 June 2015 PyData Singapore 13
  • 14. Demo 3 • Pathgrind + Bokeh = Visualize SE – fuzz/plotfuzz.py 10 June 2015 PyData Singapore 14
  • 15. 10 June 2015 PyData Singapore 15
  • 16. All paths are not equal • Use Levenshtein distance to measure the similarity between the path conditions when represented as strings • Scatter plot of similarity using Bokeh 10 June 2015 PyData Singapore 16
  • 17. 10 June 2015 PyData Singapore 17
  • 18. Optimization for SE • Prune paths that are >90% similar – As measured using Levenshtein edit distance 10 June 2015 PyData Singapore 18
  • 19. 10 June 2015 PyData Singapore 19
  • 20. 10 June 2015 PyData Singapore 20
  • 21. Take Away • Symbolic Execution • Using Bokeh to Visualize SE • Identify Optimizations for SE • Future – Statically Sampling of Paths – Probabilistic Analysis 10 June 2015 PyData Singapore 21
  • 22. We are hiring … Shape the future of software security at SourceClear. By joining our team, you can help define the way modern developers identify and fix vulnerabilities in their code. Check out https://jobs.lever.co/sourceclear 10 June 2015 PyData Singapore 22
  • 23. Thank You! • Questions? • Contact – Twitter: @asankhaya • Links – Source Code: https://github.com/codelion/pathgrind – Slides: http://asankhaya.github.io/ppt/PyDataSing.pptx 10 June 2015 PyData Singapore 23