chess
play

CHESS Computers and Humans Exploring Software Security Mr. Dustin - PowerPoint PPT Presentation

Jan 26, 2024 •376 likes •596 views

CHESS Computers and Humans Exploring Software Security Mr. Dustin Fraze 4/19/2018 1 Approved for public release; distribution is unlimited. CHESS Develop computer-human systems to rapidly discover all classes of vulnerability in complex

  1. CHESS Computers and Humans Exploring Software Security Mr. Dustin Fraze 4/19/2018 1 Approved for public release; distribution is unlimited.

  2. CHESS Develop computer-human systems to rapidly discover all classes of vulnerability in complex software 2 Approved for public release; distribution is unlimited.

  3. Limits of Current Approaches Vulnerability Vulnerability Representative Approach Discovery Discovery Software Speed Accuracy Complexity Human Low Low Web Browser Computer High Low Small Test Corpora Computer-Human High Moderate Small Test Corpora Experiments 1,2 CHESS High High Web Browser 1 Muntean et al. “Automated Detection of Information Flow Vulnerabilities in UML State Charts and C Code”, http://ieeexplore.ieee.org/document/7322134/, 2015 2 Shoshitaishvili et al. “Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance”, https://arxiv.org/abs/1708.02749, 2017 3 Approved for public release; distribution is unlimited.

  4. Today’s Approach to Vulnerability Discovery Vulnerabilities 1,000,000+ Complexity Human Data/Code Source Automation Injection Code 1,000+ FTE hrs Data Misuse Expert Hackers Logic Errors Binary Authentication Issues Input Validation Access Control Errors Cryptographic Issues Path Traversal Resource Mgmt Errors Information Disclosure Memory Corruption Arithmetic Errors Ablon, Lily “Zero Days, Thousands of Nights”, https://www.rand.org/pubs/research_reports/RR1751.html, 2017 Muntean et al. “Automated Detection of Information Flow Vulnerabilities in UML State Charts and C Code”, http://ieeexplore.ieee.org/document/7322134/, 2015 Shoshitaishvili et al. “Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance”, https://arxiv.org/abs/1708.02749, 2017 4 Approved for public release; distribution is unlimited.

  5. Vulnerability Discovery with CGC Vulnerabilities Human Automation Cyber Reasoning System 1,000+ Complexity Static Fuzzing Analysis Binary Information Disclosure Symbolic SAT/SMT Memory Execution Solvers Corruption Arithmetic Errors Ablon, Lily “Zero Days, Thousands of Nights”, https://www.rand.org/pubs/research_reports/RR1751.html, 2017 Muntean et al. “Automated Detection of Information Flow Vulnerabilities in UML State Charts and C Code”, http://ieeexplore.ieee.org/document/7322134/, 2015 Shoshitaishvili et al. “Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance”, https://arxiv.org/abs/1708.02749, 2017 5 Approved for public release; distribution is unlimited.

  6. Experimental Vulnerability Discovery with Novice Hackers Vulnerabilities Human Automation Vulnerability 1,000+ Complexity Discovery < 1 FTE hrs Access Control Accuracy Source Errors UML Novice UML 0% → 94% Code Generation Hackers Analysis Cryptographic Issues UML: Unified Modeling Language Ablon, Lily “Zero Days, Thousands of Nights”, https://www.rand.org/pubs/research_reports/RR1751.html, 2017 Muntean et al. “Automated Detection of Information Flow Vulnerabilities in UML State Charts and C Code”, http://ieeexplore.ieee.org/document/7322134/, 2015 Shoshitaishvili et al. “Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance”, https://arxiv.org/abs/1708.02749, 2017 6 Approved for public release; distribution is unlimited.

  7. Experimental Vulnerability Discovery with Non-Experts Vulnerabilities Human Automation Vulnerability 1,000+ Complexity Discovery < 1 FTE hrs Access Control Accuracy Source Errors UML Novice UML 0% → 94% Code Generation Hackers Analysis Cryptographic Issues UML: Unified Modeling Language 335 FTE hrs Cyber Reasoning System 1,000+ Complexity Non- Hackers Static Vulnerability Fuzzing Analysis Binary Information Discovery Disclosure Accuracy Symbolic SAT/SMT 42% → 66% Memory Execution Solvers Corruption Arithmetic Errors Ablon, Lily “Zero Days, Thousands of Nights”, https://www.rand.org/pubs/research_reports/RR1751.html, 2017 Muntean et al. “Automated Detection of Information Flow Vulnerabilities in UML State Charts and C Code”, http://ieeexplore.ieee.org/document/7322134/, 2015 Shoshitaishvili et al. “Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance”, https://arxiv.org/abs/1708.02749, 2017 7 Approved for public release; distribution is unlimited.

  8. Collaborative Vulnerability Discovery with CHESS Vulnerabilities TA5 TA1 TA4 Annotated Representation Integration, Data/Code Control Team Human Representation For Humans Injection Test and Collaboration Expert Evaluation Hackers Data Misuse Context Processor Logic Errors Authentication Issues Expert Human Hackers Input Validation Automation Novice Representation Hackers Generator Access Control Errors Non- Cryptographic Hackers Issues TA3 Voice of Path Traversal TA2 the Vulnerability Discovery Resource Mgmt Offense Errors Info Gap Source Information Detector Code Disclosure Cyber Reasoning System Memory Vulnerability Corruption Detector Binary Proof of Arithmetic Errors Vulnerability 8 Approved for public release; distribution is unlimited.

  9. TA1 Human Collaboration Challenges Possible Approaches • UML Diagrams (Class, Activity, etc.) Identify and generate representations that • Control Flow Graphs communicate information gaps to humans • Hilbert Curves for Cyclic Activity • Annotation/Label Sets Capture and process the insights humans generate • Instrumented Program Interaction by reasoning over the representations • Human Mental Model Analysis Annotated Representation Representation For Humans 1. Process identified information gaps into Context human-understandable representations Processor 2. Summarize and minimize software artifact data 3. Interact with human teammates using Expert generated representations Hackers 4. Capture contextual insights from human Novice Representation Hackers Generator 5. Process human feedback into machine- ingestible formats Non- Hackers 9 Approved for public release; distribution is unlimited.

  10. TA1 Human Collaboration Strong Proposals will: • Reduce the cognitive load and effort required by human collaborators • Explore new representations and methods of human-computer interaction for capturing human insights • Empower non-expert collaborators (novice hackers, non-hackers) • Scale from single computer-human collaboration to N:N team collaboration • Address any relevant HSR issues (data collection, data anonymization, test subject recruitment, etc.) Strong Proposals will NOT: • Involve invasive medical technology • Only improve performance of expert hackers 10 Approved for public release; distribution is unlimited.

  11. TA2 Vulnerability Discovery Challenges Possible Approaches • Type Usage Identify information required to discover classes of • Semantic Metadata vulnerabilities not addressed by automation • Complexity Inference Extend CRS technology to scale up and reason • Compilation Instrumentation over new and existing representations • Type Chain Analysis • Object/Data Type Classification Develop new vulnerability detection techniques to • Function Call Context leverage human-provided insights • Semantic Concreteness/Clustering 1. Analyze source code and related software artifacts for potential Source vulnerabilities Info Gap Code Detector Cyber 2. Identify regions of uncertainty and other PoV Reasoning obstacles to automated analysis in System Vulnerability source code and related software Binary Detector artifacts 3. Identify vulnerabilities in target categories 4. Generate Proofs of Vulnerability (PoV) and patches 11 Approved for public release; distribution is unlimited.

  12. TA2 Vulnerability Discovery Strong Proposals will: • Identify vulnerability discovery techniques that may benefit from human collaborator insights • Address vulnerability classes in a thorough and scalable manner • Generate patches that address underlying vulnerabilities completely and specifically • Scale from single computer-human collaboration to N:N team collaboration Strong Proposals will NOT: • Identify vulnerabilities inserted in challenge sets via diffing • Focus only on memory corruption and arithmetic errors • Rely primarily on fuzzing for vulnerability discovery 12 Approved for public release; distribution is unlimited.

  13. TA3 Voice of the Offense Challenges Possible Approaches Develop challenge problems scaling to • Large-scale Automated Vulnerability 1M+ complexity Addition (LAVA) • Vulnerability test corpora (Juliet, CGC, Ensure challenge problems are representative of OSS-FUZZ, etc.) required vulnerability classes • Public n-day databases 1. Develop challenge problems with Vulnerable Patched vulnerabilities across all required classes Vulnerability Source Source and scaling from 10K to 1M+ complexity Injection Code Code 2. Develop a source code patch for each challenge problem vulnerability Source Source Binary Binary 3. Develop a binary patch for each challenge Code Code problem vulnerability PoV 4. Create a proof of vulnerability (PoV) PoV Spec. specification for each vulnerability class 5. Develop a PoV for each challenge problem vulnerability 13 Approved for public release; distribution is unlimited.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Theory and Practice Rune Djurhuus Chess Grandmaster runed@ifi.uio.no / runedj@microsoft.com

Theory and Practice Rune Djurhuus Chess Grandmaster runed@ifi.uio.no / runedj@microsoft.com

Chess Algorithms Theory and Practice Rune Djurhuus Chess Grandmaster runed@ifi.uio.no / runedj@microsoft.com October 4, 2018 1 Content Complexity of a chess game Solving chess , is it a myth? History of computer chess

277 views • 23 slides
FI FIDE Laws of Chess 2017 (and other ma,ers!) Who am m I? Member of Warley Quinborne Chess

FI FIDE Laws of Chess 2017 (and other ma,ers!) Who am m I? Member of Warley Quinborne Chess

FI FIDE Laws of Chess 2017 (and other ma,ers!) Who am m I? Member of Warley Quinborne Chess Club Interna;onal Arbiter since 2012 Chief Arbiter of the London Chess Classic FIDE Open, the UKs largest Open tournament A,ended the

520 views • 31 slides
CHESS Update June 9, 2020 J oel Brock, Director Cornell High Energy Synchrotron Source (CHESS)

CHESS Update June 9, 2020 J oel Brock, Director Cornell High Energy Synchrotron Source (CHESS)

CHESS Update June 9, 2020 J oel Brock, Director Cornell High Energy Synchrotron Source (CHESS) jdb20@cornell.edu CoVID-19 Date Event March 16 CHESS / CESR shut down only personnel performing essential maintenance allowed on

780 views • 20 slides
AlphaZero The new Chess King How a general reinforcement learning algorithm became the worlds

AlphaZero The new Chess King How a general reinforcement learning algorithm became the worlds

AlphaZero The new Chess King How a general reinforcement learning algorithm became the worlds strongest chess engine after 9 hours of self-play By Rune Djurhuus (Chess Grandmaster and Senior Software Engineer at Microsoft Development Center

497 views • 20 slides
The Future of . From the FIDE Handbook: 2.4 Chess in Schools Commission (CiS) renamed: Chess

The Future of . From the FIDE Handbook: 2.4 Chess in Schools Commission (CiS) renamed: Chess

FIDE CHESS IN EDUCATION COMMISSION The Future of . From the FIDE Handbook: 2.4 Chess in Schools Commission (CiS) renamed: Chess in Education Commission (EDU) 2.4.1 The SCH shall assist National Federations to introduce Chess in schools.

436 views • 10 slides
New Trends in General Game Playing Michael Thielscher, Dresden Chess Players The 1 st Chess

New Trends in General Game Playing Michael Thielscher, Dresden Chess Players The 1 st Chess

IJCAI'09 Tutorial New Trends in General Game Playing Michael Thielscher, Dresden Chess Players The 1 st Chess Computer (Turk, 18 th Century) Alan Turing &amp; Claude Shannon (~1950) Deep-Blue Beats World Champion (1997) In the early

1.24k views • 91 slides
CHESS EDUCATIONAL RESEARCH CENTER Methodologist: SAMVEL MISAKYAN 2016 Bases of Visual and

CHESS EDUCATIONAL RESEARCH CENTER Methodologist: SAMVEL MISAKYAN 2016 Bases of Visual and

Theoretical and Practical Issues of Chess Education in Schools CHESS EDUCATIONAL RESEARCH CENTER Methodologist: SAMVEL MISAKYAN 2016 Bases of Visual and Logical Thinking Development through Chess Assignments To place the white queen on the

370 views • 20 slides
Mission statement scholastic chess Germany Agreed on September 16 in Hanau General target

Mission statement scholastic chess Germany Agreed on September 16 in Hanau General target

Mission statement scholastic chess Germany Agreed on September 16 in Hanau General target proposal We want to bring chess to (all) types of schools (and kindergardens), if possible nationwide. The DSJ (German chess Youth) is supporting this

276 views • 9 slides
LONDON CHESS CONFERENCE CHESS AS A TOOL TO WORK WITH PEOPLE WITH ADHD WHAT T IS ADHD ADHD or

LONDON CHESS CONFERENCE CHESS AS A TOOL TO WORK WITH PEOPLE WITH ADHD WHAT T IS ADHD ADHD or

LONDON CHESS CONFERENCE CHESS AS A TOOL TO WORK WITH PEOPLE WITH ADHD WHAT T IS ADHD ADHD or Attention Deficit Disorder and Hyperactivity Disorder is a chronic neurobiological disorder, symptomatically evolving nature and probable genetic

711 views • 30 slides
Chess 101 The pieces (http://en.lichess.org/analysis) Chess can be artsy The smothered mate

Chess 101 The pieces (http://en.lichess.org/analysis) Chess can be artsy The smothered mate

Chess 101 The pieces (http://en.lichess.org/analysis) Chess can be artsy The smothered mate white to play and win rr4k1/6pp/2Q5/3KN3/8/q7/8/8 w - - 0 1 Reti problem White to play and draw 7K/8/k1P5/7p/8/8/8/8 w - - 0 1 Top players

793 views • 14 slides
Chess Q&amp;A : Question Answering on Chess Games Reasoning, Attention, Memory NIPS Workshop 12

Chess Q&amp;A : Question Answering on Chess Games Reasoning, Attention, Memory NIPS Workshop 12

Chess Q&amp;A : Question Answering on Chess Games Reasoning, Attention, Memory NIPS Workshop 12 December 2015 Volkan Cirik Louis-Philippe Morency Eduard Hovy 1 Visual Question Answering Which city is pictured? Malinowski et. al. 2015, Gao

466 views • 13 slides
Teacher Training MATCH Chess Curriculum Dr. Teresa Parr Developed by Chess Grandmaster

Teacher Training MATCH Chess Curriculum Dr. Teresa Parr Developed by Chess Grandmaster

Teacher Training MATCH Chess Curriculum Dr. Teresa Parr Developed by Chess Grandmaster Maurice Ashley &amp; Dr. Teresa Parr. IES funded research project Used for training and the main curriculum for Exploring the Malleability of

489 views • 17 slides
Proving Correctness of a KRK Chess Endgame Strategy by SAT-based Constraint Solving Marko

Proving Correctness of a KRK Chess Endgame Strategy by SAT-based Constraint Solving Marko

Introduction Reduction to SAT and URSA system Chess Endgame Strategies and Bratkos Strategy for KRK URSA Specification of KRK Endgame and of Strategy Correctness of Strategy Discussion and Conclusions Proving Correctness of a KRK Chess

390 views • 27 slides
Chess Vision Chua Huiyan Le Vinh Wong Lai Kuan Outline Introduction Background Studies

Chess Vision Chua Huiyan Le Vinh Wong Lai Kuan Outline Introduction Background Studies

Chess Vision Chua Huiyan Le Vinh Wong Lai Kuan Outline Introduction Background Studies 2D Chess Vision Real-time Board Detection Extraction and Undistortion of Board Board Configuration Recognition 3D Chess Vision

248 views • 23 slides
chess problems using Coq Marko Malikovid, Ph.D. The Faculty of Humanities and Social Sciences

chess problems using Coq Marko Malikovid, Ph.D. The Faculty of Humanities and Social Sciences

Automated reasoning about retrograde chess problems using Coq Marko Malikovid, Ph.D. The Faculty of Humanities and Social Sciences University of Rijeka, CROATIA Retrograde chess analysis Method that determine which moves: 1. have to be 2.

597 views • 34 slides
W ORD P ROBLEM 1 The Fable of the Chess Board and the Grains of Wheat There is a well-known fable

W ORD P ROBLEM 1 The Fable of the Chess Board and the Grains of Wheat There is a well-known fable

D AY 91 G EOMETRIC SEQUENCES W ORD P ROBLEM 1 The Fable of the Chess Board and the Grains of Wheat There is a well-known fable about a man from India who invented the game of chess, as a gift for his king. The king was so pleased with the

349 views • 23 slides
Global Fund Valuation Briefing HOTEL LE ROYAL, LUXEMBOURG, 20 TH APRIL 2016 Agenda 2 09:00

Global Fund Valuation Briefing HOTEL LE ROYAL, LUXEMBOURG, 20 TH APRIL 2016 Agenda 2 09:00

Global Fund Valuation Briefing HOTEL LE ROYAL, LUXEMBOURG, 20 TH APRIL 2016 Agenda 2 09:00 Introduction and presentation of Research from Voltaire Advisors 09:30 Experts panel and Q&amp;A 10:30 Evaluated Pricing &amp; Due Diligence

520 views • 24 slides
What is a digital photo, really? Fabian Tamp //capnfabs.net/photo

What is a digital photo, really? Fabian Tamp //capnfabs.net/photo

What is a digital photo, really? Fabian Tamp //capnfabs.net/photo http://guide-images.ifixit.net/igi/fR1pdbj2GxX6wlDM CC BY-SA 3.0 Color Filter Mosaic https://commons.wikimedia.org/wiki/File:Bayer_pattern_on_sensor.svg CC BY-SA 3.0 (Bayer

256 views • 23 slides
Comodules over relative comonads for streams and infinite matrices R egis Spadotti joint work

Comodules over relative comonads for streams and infinite matrices R egis Spadotti joint work

Comodules over relative comonads for streams and infinite matrices R egis Spadotti joint work with Benedikt Ahrens Institut de Recherche en Informatique de Toulouse Universit e Paul Sabatier types 2014 B. Ahrens and R. Spadotti

611 views • 34 slides
Making and Measuring Progress in Adversarial Machine Learning Nicholas Carlini Google Research

Making and Measuring Progress in Adversarial Machine Learning Nicholas Carlini Google Research

Making and Measuring Progress in Adversarial Machine Learning Nicholas Carlini Google Research Act I Background Why should we care about adversarial examples? Make ML Make ML robust better Act II An Apparent Problem Let's go

1.12k views • 79 slides
OBJECT-ORIENTED CONCEPTS, PROJECT WORK CSSE 120 Rose Hulman Institute of Technology Exam 2

OBJECT-ORIENTED CONCEPTS, PROJECT WORK CSSE 120 Rose Hulman Institute of Technology Exam 2

OBJECT-ORIENTED CONCEPTS, PROJECT WORK CSSE 120 Rose Hulman Institute of Technology Exam 2 Facts Date: Tuesday, October 16, 2007 Time: 7:00 to 9:00 PM Venue: Section 1 (Delvin) O257 Section 3 (Curt) O267 Section 2 (Claude) A-G

574 views • 19 slides
Monotype Semantics Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of

Monotype Semantics Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of

Introduction Typing Rules Monotypes Monotype Semantics Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of Computer Science Introduction Typing Rules Monotypes Objectives Explain the parts of a type judgment.

221 views • 19 slides
Lumps, Bumps, Leaking and Pain Management of Breast Conditions Rebecca A. Jackson, MD Professor

Lumps, Bumps, Leaking and Pain Management of Breast Conditions Rebecca A. Jackson, MD Professor

10/9/15 Lumps, Bumps, Leaking and Pain Management of Breast Conditions Rebecca A. Jackson, MD Professor Department of Obstetrics, Gynecology and Reproductive Sciences University of California, San Francisco I HAVE NO DISCLOSURES 1 10/9/15

486 views • 33 slides
CO CO 447 CO COURSE INTRODUCTION SE SECU CURIT RITY P PROP OPER ERTIE IES SE SECU

CO CO 447 CO COURSE INTRODUCTION SE SECU CURIT RITY P PROP OPER ERTIE IES SE SECU

CO CO 447 CO COURSE INTRODUCTION SE SECU CURIT RITY P PROP OPER ERTIE IES SE SECU CURE D RE DESIG SIGN Dr. Ben Livshits Hi High-Le Level el Course e Lo Logistics cs 2 https://co447.doc.ic.ac.uk/ Cou Course Log ogistics

984 views • 25 slides

More recommend