compile time detection of machine image sniping
play

Compile-time detection of machine image sniping Martin Kellogg - PowerPoint PPT Presentation

Feb 23, 2024 •189 likes •608 views

Compile-time detection of machine image sniping Martin Kellogg University of Washington 1 What is a machine image? cloud computer 2 What is a machine image? What software to run? cloud computer 3 What is a machine image? What software

  1. Compile-time detection of machine image sniping Martin Kellogg University of Washington 1

  2. What is a machine image? cloud computer 2

  3. What is a machine image? What software to run? cloud computer 3

  4. What is a machine image? What software to run? cloud computer “machine image” 4

  5. What is a machine image? What software to run? This software! cloud computer “machine image” 5

  6. How to choose a machine image: Look it up in a repository. By unique id: ● aws ec2 describe-images --imageIds ami-5731123e By owner and name: ● aws ec2 describe-images --owners myOrg \ --filters "Name=name,Values=ubuntu16.04-*" By name alone: ● aws ec2 describe-images \ --filters "Name=name,Values=ubuntu16.04-*" 6

  7. How to choose a machine image: Look it up in a repository. By unique id: ● aws ec2 describe-images --imageIds ami-5731123e By owner and name: ● aws ec2 describe-images --owners myOrg \ --filters "Name=name,Values=ubuntu16.04-*" By name alone: ● aws ec2 describe-images \ --filters "Name=name,Values=ubuntu16.04-*" 7

  8. How to choose a machine image: Look it up in a repository. By unique id: ● aws ec2 describe-images --imageIds ami-5731123e By owner and name: ● aws ec2 describe-images --owners myOrg \ --filters "Name=name,Values=ubuntu16.04-*" By name alone: ● aws ec2 describe-images \ --filters "Name=name,Values=ubuntu16.04-*" 8

  9. How to choose a machine image: Look it up in a repository. By unique id: ● aws ec2 describe-images --imageIds ami-5731123e By owner and name: ● aws ec2 describe-images --owners myOrg \ --filters "Name=name,Values=ubuntu16.04-*" By name alone: ● aws ec2 describe-images \ X --filters "Name=name,Values=ubuntu16.04-*" 9

  10. This isn’t hypothetical... 10

  11. This isn’t hypothetical... 11

  12. This isn’t hypothetical... DescribeImagesRequest request = new DescribeImagesRequest (); request. withFilters ( new Filter ("name", "RHEL-7.5_HVM_GA")); api. describeImages (request); 12

  13. This isn’t hypothetical... DescribeImagesRequest request = new DescribeImagesRequest (); request. withFilters ( new Filter ("name", "RHEL-7.5_HVM_GA")); X api. describeImages (request); 13

  14. This isn’t hypothetical... DescribeImagesRequest request = new DescribeImagesRequest (); request. withFilters ( new Filter ("name", "RHEL-7.5_HVM_GA")); X api. describeImages (request); Unsafe: returns all images with that name from public repo! 14

  15. How to make this client safe? DescribeImagesRequest request = new DescribeImagesRequest (); request. withFilters ( new Filter ("name", "RHEL-7.5_HVM_GA")); api. describeImages (request); 15

  16. How to make this client safe? DescribeImagesRequest request = new DescribeImagesRequest (); request. withFilters ( new Filter ("name", "RHEL-7.5_HVM_GA")); request. withOwners (“myOrg”); api. describeImages (request); 16

  17. How to prove this safe? 17

  18. How to prove this safe? A traditional approach: typestate 18

  19. How to prove this safe? A traditional approach: typestate * withImageIds() * withOwners() * 19

  20. How to prove this safe? A traditional approach: typestate ● create a finite state machine for each object ● on method calls, transition the state machine ● only permit certain calls in certain states ● use alias analysis to ensure all copies are in same state 20

  21. How to prove this safe? A traditional approach: typestate ● create a finite state machine for each object ● on method calls, transition the state machine ● only permit certain calls in certain states ● use alias analysis to ensure all copies are in same state 21

  22. Advantages of a type system ● still provides a proof ● modular ⇒ scalable ● no alias analysis ⇒ cheap 22

  23. Specifying describeImages() DescribeImageResponse describeImages ( @CalledMethods ("withImageIds || withOwners") DescribeImageRequest request) { … } 23

  24. Type hierarchy @CalledMethods({}) Object @CalledMethods({“foo”}) Object @CalledMethods({“foo”, “bar”}) Object 24

  25. Experimental results No. projects 548 Source LoC 9.2M True positives 14 False positives 3 25

  26. Example: Netflix/SimianArmy public List < Image > describeImages ( String ... imageIds) { DescribeImagesRequest request = new DescribeImagesRequest(); if (imageIds != null ) { request. setImageIds ( Arrays . asList (imageIds)); } DescribeImagesResult result = ec2client. describeImages (request); return result. getImages (); } 26

  27. Accumulation analysis ● Our type system accumulates method calls 27

  28. Accumulation analysis ● Our type system accumulates method calls Insight: can generalize to any analysis that accumulates something 28

  29. Accumulation analyses ● machine sniping (this talk!) 29

  30. Accumulation analyses ● machine sniping (this talk!) ● the builder pattern 30

  31. Accumulation analyses ● machine sniping (this talk!) ● the builder pattern ● dependency injection providers 31

  32. Contributions ● Accumulation analysis can detect machine-image sniping vulnerabilities -- and more ● Experiments that show: ○ those vulnerabilities exist in practice, and ○ we can find them! 32

  33. 33

  34. Lombok/AutoValue builders Lombok and AutoValue generate builder implementations from structs Fields can be marked @NonNull; NPE if the corresponding setter isn’t called 34

  35. Lombok/AutoValue builders @Builder public class UserIdentity { private final @NonNull String name; private final @NonNull String displayName; private final @NonNull ByteArray id; } 35

  36. Lombok/AutoValue builders UserIdentity identity = UserIdentity . builder () . name (username) . displayName (displayName) . id ( generateRandom (32)) . build (); 36

  37. Lombok/AutoValue builders UserIdentity identity = UserIdentity . builder () . name (username) . displayName (displayName) . id ( generateRandom (32)) . build (); 37

  38. Lombok/AutoValue builders UserIdentity identity = UserIdentity . builder () . name (username) //. displayName (displayName) . id ( generateRandom (32)) . build (); 38

  39. Lombok/AutoValue builders UserIdentity identity = UserIdentity . builder () . name (username) X //. displayName (displayName) . id ( generateRandom (32)) . build (); 39

  40. Lombok user study 6 industrial developers with Java + Lombok experience Task: add a new @NonNull field to a builder, and update all call sites Results: ● 6/6 succeeded with our tool, only 3/6 without ● Those who succeeded at both 1.5x faster with our tool ● “It was easier to have the tool report issues at compile time” 40

  41. Lombok/AutoValue case studies 5 projects: 2 Lombok, 3 AutoValue (~500k sloc) 563 calls verified, 1 true positive (google/gapic-generator) 110 annotations, 19 false positives 41

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Compile-Time Detection of False Sharing via Loop Cost Modeling Munara Tolubaeva, Yonghong Yan and

Compile-Time Detection of False Sharing via Loop Cost Modeling Munara Tolubaeva, Yonghong Yan and

Compile-Time Detection of False Sharing via Loop Cost Modeling Munara Tolubaeva, Yonghong Yan and Barbara Chapman High Performance Computing and Tools Group (HPCTools) Computer Science Department University of Houston OUTLINE } Introduction

458 views • 32 slides
LLVM Compile Time. Challenges. Improvements. Outlook. Michael Zolotukhin, Apple Agenda

LLVM Compile Time. Challenges. Improvements. Outlook. Michael Zolotukhin, Apple Agenda

LLVM Compile Time. Challenges. Improvements. Outlook. Michael Zolotukhin, Apple Agenda Benchmarking and tracking Historical findings Future work Tools and tricks Compile Time Trend O0-g Os O3 1.5x Compile Time

702 views • 52 slides
A New Architecture for Building Software Daniel Dunbar Overview Compile time How

A New Architecture for Building Software Daniel Dunbar Overview Compile time How

A New Architecture for Building Software Daniel Dunbar Overview Compile time How software is built llbuild A new architecture Compile Time Clang &amp; Compile Times Designed to be a fast compiler Tuned lex &amp; parse

917 views • 44 slides
From image classification to object detection Image classification Object detection Image source

From image classification to object detection Image classification Object detection Image source

From image classification to object detection Image classification Object detection Image source Slides from L. Lazebnik What are the challenges of object detection? Images may contain more than one class, multiple instances from the same

1.11k views • 57 slides
Image Blob Detection: A Machine Learning Approach Andrew Colello Undergraduate Thesis 2016

Image Blob Detection: A Machine Learning Approach Andrew Colello Undergraduate Thesis 2016

Image Blob Detection: A Machine Learning Approach Andrew Colello Undergraduate Thesis 2016 Union College Department of Computer Science Faculty Advisor: Valerie Barr Background: Golf Ball Problem Photo of landing location Finding bright

429 views • 17 slides
Machine Learning on Blue Waters Using TensorFlow with the Image Feature Detection Problem Or:

Machine Learning on Blue Waters Using TensorFlow with the Image Feature Detection Problem Or:

2/8/18 Machine Learning on Blue Waters Using TensorFlow with the Image Feature Detection Problem Or: How I Learned to Stop Worrying And Love AI Presented By: Dr. Aaron D. Saxton Todays Topics Blue Waters overview TensorFlow Basics

533 views • 22 slides
1 Key Issues Reference Counting Idea For both for each heap allocated object, maintain

1 Key Issues Reference Counting Idea For both for each heap allocated object, maintain

Garbage Collection Background Last time Static allocation: variables are bound to storage at compile-time Compiling Object-Oriented Languages pros: easy to implement cons: no recursion, data structure sizes are compile-time

260 views • 8 slides
Digital Image Processing (CS/ECE 545) Lecture 5: Edge Detection (Part 2) &amp; Corner Detection

Digital Image Processing (CS/ECE 545) Lecture 5: Edge Detection (Part 2) &amp; Corner Detection

Digital Image Processing (CS/ECE 545) Lecture 5: Edge Detection (Part 2) &amp; Corner Detection Prof Emmanuel Agu Computer Science Dept. Worcester Polytechnic Institute (WPI) Recall: Edge Detection Image processing task that finds edges and

773 views • 63 slides
The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code Michael

The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code Michael

Virtual Machines in Compilation Virtual Machines in Compilation Abstract Syntax Tree compile Compilation 2007 Compilation 2007 Virtual Machine Code The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code

541 views • 11 slides
E9 205 Machine Learning for Signal Processing 23-8-17 Outline Basics for Image Processing

E9 205 Machine Learning for Signal Processing 23-8-17 Outline Basics for Image Processing

E9 205 Machine Learning for Signal Processing 23-8-17 Outline Basics for Image Processing Filtering Smoothing Edge Detection Scale Invariant Feature Transform (SIFT) Reference: UCF, Computer Vision Course Link:

599 views • 42 slides
Object Detection Sanja Fidler CSC420: Intro to Image Understanding 1 / 48 Object Detection The

Object Detection Sanja Fidler CSC420: Intro to Image Understanding 1 / 48 Object Detection The

Object Detection Sanja Fidler CSC420: Intro to Image Understanding 1 / 48 Object Detection The goal of object detection is to localize objects in an image and tell their class Localization: place a tight bounding box around object Most

1.17k views • 91 slides
Edge Detection (points and lines too) Image analysis Image Analysis Derive

Edge Detection (points and lines too) Image analysis Image Analysis Derive

Edge Detection (points and lines too) Image analysis Image Analysis Derive features from an image segment an image into its constituent parts or objects how and why depends on application Segmentation Hard

243 views • 22 slides
Image Features: Detection, Description, and Matching and their Applications Image

Image Features: Detection, Description, and Matching and their Applications Image

Image Features: Detection, Description, and Matching and their Applications Image Representation: Global Versus Local Features Features/ keypoints/ interset points are interesting locations in the image. Features serve to give a new

235 views • 22 slides
Outline Last time: window-based generic object detection Discriminative classifiers

Outline Last time: window-based generic object detection Discriminative classifiers

4/14/2011 Outline Last time: window-based generic object detection Discriminative classifiers basic pipeline for image recognition face detection with boosting as case study Wednesday, April 13 Today: discriminative

365 views • 11 slides
You Only Look Once: Unified, Real-Time Object Detection Redmon et al., CVPR 2016 Mincheul Kang

You Only Look Once: Unified, Real-Time Object Detection Redmon et al., CVPR 2016 Mincheul Kang

You Only Look Once: Unified, Real-Time Object Detection Redmon et al., CVPR 2016 Mincheul Kang 1 Image Retrieval using Scene Graphs Develop novel framework for semantic image retrieval based on the notion of a scene graph Use scene

757 views • 22 slides
May 12: Information Flow Static (compile-time) mechanisms Dynamic (run-time) mechanisms

May 12: Information Flow Static (compile-time) mechanisms Dynamic (run-time) mechanisms

May 12: Information Flow Static (compile-time) mechanisms Dynamic (run-time) mechanisms May 12, 2017 ECS 235B Spring Quarter 2017 Slide #1 Array Elements Information flowing out: ... := a [ i ] Value of i , a [ i ] both affect

1.12k views • 40 slides
Using EBS with Auto Scaling Groups How to use the immense power of AWS Auto-Scaling Groups for a

Using EBS with Auto Scaling Groups How to use the immense power of AWS Auto-Scaling Groups for a

Using EBS with Auto Scaling Groups How to use the immense power of AWS Auto-Scaling Groups for a stateful Docker application. Background Background In a service-oriented world where requests can come from anywhere at any time, keeping a

1.04k views • 31 slides
Evacuation simulation based on a cognitive decision making model in a socio-technical system

Evacuation simulation based on a cognitive decision making model in a socio-technical system

K. Zia, A. Riener, A. Ferscha D Department for Pervasive Computing, JKU Linz/Austria t t f P i C ti JKU Li /A t i A. Sharpanskykh VU University Amsterdam, the Netherlands Evacuation simulation based on a cognitive decision making

446 views • 21 slides
Increasing our Impact: Washington State Opportunity Zones November 15, 2018 National Development

Increasing our Impact: Washington State Opportunity Zones November 15, 2018 National Development

Increasing our Impact: Washington State Opportunity Zones November 15, 2018 National Development Council HomeSight Opportunity Center at Othello Square Located adjacent to light rail, at intersection of 2 major arterials HomeSight

701 views • 35 slides
Expanding Residential Solar in Connecticut's Communities of Color December 6, 2019 Housekeeping

Expanding Residential Solar in Connecticut's Communities of Color December 6, 2019 Housekeeping

Clean Energy States Alliance Webinar Sharing Solar Benefits - Expanding Residential Solar in Connecticut's Communities of Color December 6, 2019 Housekeeping Join audio: Choose Mic &amp; Speakers to use VoIP Choose Telephone and

518 views • 25 slides
AWS and OpenAI gym Tutorial 10-703: Deep Reinforcement Learning: Recitation I Objectives for

AWS and OpenAI gym Tutorial 10-703: Deep Reinforcement Learning: Recitation I Objectives for

AWS and OpenAI gym Tutorial 10-703: Deep Reinforcement Learning: Recitation I Objectives for Today What is AWS How do we use it (safely!)? What is OpenAI Gym How do we use it? Objectives for Today What is AWS

830 views • 29 slides
Cyber-Physical Systems Security Alvaro A. Crdenas Department of Computer Science University of

Cyber-Physical Systems Security Alvaro A. Crdenas Department of Computer Science University of

Cyber-Physical Systems Security Alvaro A. Crdenas Department of Computer Science University of Texas at Dallas Modernization of our Physical Infrastructures Physical Systems are Being Modernized with New Technologies Smart Smart

601 views • 23 slides
Going deep and learning to love the haters Advice for graduate school Kay Ousterhout UC Berkeley

Going deep and learning to love the haters Advice for graduate school Kay Ousterhout UC Berkeley

Going deep and learning to love the haters Advice for graduate school Kay Ousterhout UC Berkeley PhD Depth fi rst Starting grad school Draw an outline Starting a project Ask questions Log log log Running experiments Love the haters

553 views • 31 slides
Cloud-Powered Continuous Integration and Deployment Jinesh Varia jvaria@amazon.com @jinman

Cloud-Powered Continuous Integration and Deployment Jinesh Varia jvaria@amazon.com @jinman

Cloud-Powered Continuous Integration and Deployment Jinesh Varia jvaria@amazon.com @jinman About Me Jinesh Varia @jinman jvaria@amazon.com linkedin/in/jinman http://jinesh.varia.in Cloud Architectures Cloud Best Practices

1.31k views • 102 slides

More recommend