large scale api protocol mining for automated bug
play

Large-Scale API Protocol Mining for Automated Bug Detection Michael - PowerPoint PPT Presentation

Dec 11, 2022 •262 likes •1.55k views

Large-Scale API Protocol Mining for Automated Bug Detection Michael Pradel Department of Computer Science ETH Zurich 1 Motivation LinkedList pinConnections = ...; Iterator i = pinConnections.iterator (); while ( i.hasNext () ) { PinLink

  1. State Partitioning Protocol transformation: Setup states vs. liable states l.add i.hasNext l.iterator new LinkedList → i i.hasNext → l l.add i.next ambiguous → split l.add 29

  2. State Partitioning Protocol transformation: Setup states vs. liable states l.add i.hasNext l.iterator new LinkedList → i i.hasNext → l i.next l.add l.add l.add 29

  3. State Partitioning Protocol transformation: Setup states vs. liable states l.add i.hasNext l.iterator new LinkedList → i i.hasNext → l i.next l.add l.add setup liable l.add 29

  4. Overview Analysis Static Runtime checking verification 30

  5. Overview Analysis Static Runtime checking verification 30

  6. Dynamic Protocol Checking Runtime verification Input (JavaMOP) 31

  7. Dynamic Protocol Checking Runtime verification Input (JavaMOP) Challenge 1: Check many different execution paths 31

  8. Dynamic Protocol Checking Runtime verification Input (JavaMOP) Challenge 1: Challenge 2: Check many different Monitoring execution paths mined protocols 31

  9. Randomly Generated Input Challenge 1: Check many different execution paths Input 32

  10. Randomly Generated Input Challenge 1: Check many different execution paths Input Random test generation 32

  11. Randomly Generated Input Challenge 1: Check many different execution paths Input Random test Call sequences generation that trigger an exception 32

  12. Randomly Generated Input Challenge 1: Check many different execution paths Input Non-exceptional Random test Call sequences sequences generation that trigger an exception 32

  13. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i.hasNext new LinkedList → l i.iterator → i i.next 33

  14. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i.hasNext new LinkedList → l i.iterator → i l i.next 33

  15. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i.hasNext new LinkedList → l i.iterator → i l i.next 33

  16. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () Violation!? i.hasNext new LinkedList → l i.iterator → i l i.next 33

  17. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i1 = l.iterator () i2.next() i.hasNext new LinkedList → l i.iterator → i l i.next 33

  18. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i1 = l.iterator () i2.next() i.hasNext new LinkedList → l i.iterator → i (l,i1) i.next 33

  19. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i1 = l.iterator () i2.next() i.hasNext new LinkedList → l i.iterator → i (l,i1) i2 i.next 33

  20. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i1 = l.iterator () Violation!? i2.next() i.hasNext new LinkedList → l i.iterator → i (l,i1) i2 i.next 33

  21. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i1 = l.iterator () Naive approach gives Violation!? i2.next() too many violations i.hasNext new LinkedList → l i.iterator → i (l,i1) i2 i.next 33

  22. Explicit Fail Transitions Fail only in liable states i.hasNext new LinkedList → l i.iterator → i i.next i.next i.hasNext F 34

  23. Explicit Fail Transitions Fail only in liable states i.hasNext new LinkedList → l i.iterator → i i.next i.next i.hasNext Violation: F � Reach fail state � End in non-final, liable state 34

  24. Evaluation Questions � Find relevant issues by monitoring mined protocols? � How useful is generated input? Setup: DaCapo benchmarks, 1.6 MLOC Java 35

  25. Results Randomly generated Protocol violations Bug (exception, Program Test cases Total Relevant unexpected behavior) avrora 15,753 5 4 or batik 3,477 0 0 code smell (perfor- daytrader 32,446 0 0 eclipse 816 0 0 mance/maintainability fop 6,536 52 50 problem) h2 7,584 14 7 lucene 1,985 0 0 pmd 1,286 0 0 sunflow 4,300 1 0 tomcat 14,627 1 1 xalan 21,083 1 1 Sum 160,857 74 63 36

  26. Results Randomly generated Protocol violations Bug (exception, Program Test cases Total Relevant unexpected behavior) avrora 15,753 5 4 or batik 3,477 0 0 code smell (perfor- daytrader 32,446 0 0 eclipse 816 0 0 mance/maintainability fop 6,536 52 50 problem) h2 7,584 14 7 lucene 1,985 0 0 pmd 1,286 0 0 sunflow 4,300 1 0 tomcat 14,627 1 1 85% true xalan 21,083 1 1 Sum 160,857 74 63 positives 36

  27. Examples try { is = u.openStream (); r = new InputStreamReader(is, "UTF -8"); br = new BufferedReader(r); } finally { if ( is != null ){ try { is.close (); } catch ( IOException ignored ){} is = null; } if ( r != null ){ try{ r.close (); } catch ( IOException ignored ){} r = null; } if ( br == null ){ try{ br.close (); } catch ( IOException ignored ){} br = null; } 37 }

  28. Examples try { is = u.openStream (); r = new InputStreamReader(is, "UTF -8"); br = new BufferedReader(r); } finally { if ( is != null ){ try { is.close (); } catch ( IOException ignored ){} is = null; } if ( r != null ){ try{ r.close (); } catch ( IOException ignored ){} r = null; } if ( br == null ){ try{ br.close (); } catch ( IOException ignored ){} br = null; Reader never closed } 37 }

  29. Examples Iterator i = pinConnections.iterator (); PinLink currLink = (PinConnect.PinLink) i.next (); currLink.propagateSignals (); while (i.hasNext ()) { currLink = (PinConnect.PinLink) i.next (); currLink.propagateSignals (); } 38

  30. Examples Iterator i = pinConnections.iterator (); PinLink currLink = (PinConnect.PinLink) i.next (); currLink.propagateSignals (); while (i.hasNext ()) { currLink = (PinConnect.PinLink) i.next (); currLink.propagateSignals (); } Incorrect iterator usage 38

  31. Normal vs. Generated Input 39

  32. Overview Analysis Static Runtime checking verification 40

  33. Overview Analysis Static Runtime checking verification 40

  34. State of the Art + specification Typestate Anomaly checking detection 41

  35. State of the Art + specification Typestate Anomaly checking detection + Precise + Automatic - Needs specification - Imprecise 41

  36. State of the Art + specification Typestate Anomaly checking detection + Precise + Automatic - Needs specification - Imprecise Combine both! Precise checker for mined multi-object protocols 41

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

An Email Contact Protocol Experiment in a Large-Scale Survey of U.S. in a Large Scale Survey of

An Email Contact Protocol Experiment in a Large-Scale Survey of U.S. in a Large Scale Survey of

An Email Contact Protocol Experiment in a Large-Scale Survey of U.S. in a Large Scale Survey of U.S. Government Employees DC-AAPOR Summer Conference Preview/Review Bureau of Labor Statistics Conference Center Washington DC Washington, DC

1.17k views • 25 slides
VetTag: improving automated veterinary diagnosis coding via large-scale language modeling

VetTag: improving automated veterinary diagnosis coding via large-scale language modeling

VetTag: improving automated veterinary diagnosis coding via large-scale language modeling Published in npj (Nature) Digital Medicine Yuhui Zhang, Allen Nie, James Zou Introduction Large-scale veterinary clinical records can become a powerful

529 views • 14 slides
Is the Future Almost Here? Large-Scale Completely Automated Vowel

Is the Future Almost Here? Large-Scale Completely Automated Vowel

Is the Future Almost Here? Large-Scale Completely Automated Vowel Extrac8on of Free Speech Sravana Reddy and James N. Stanford Dartmouth College

563 views • 31 slides
Large-scale Graph Mining @ Google NY Vahab Mirrokni Google Research New York, NY DIMACS

Large-scale Graph Mining @ Google NY Vahab Mirrokni Google Research New York, NY DIMACS

Large-scale Graph Mining @ Google NY Vahab Mirrokni Google Research New York, NY DIMACS Workshop Large-scale graph mining Many applications Friend suggestions Recommendation systems Security Advertising Benefits Big data available Rich

822 views • 71 slides
S MV -H UNTER : Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in

S MV -H UNTER : Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in

S MV -H UNTER : Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps David Sounthiraraj Justin Sahs Garret Greenwood Zhiqiang Lin Latifur Khan University of Texas at Dallas February 26, 2014

671 views • 40 slides
What is Data Mining Many Definitions Search for valuable information in large amounts of

What is Data Mining Many Definitions Search for valuable information in large amounts of

What is Data Mining Many Definitions Search for valuable information in large amounts of data Automated or Semi Automated Exploration and Analysis of large volumes of data in order to discover meaningful patterns A step in KDD process

1.21k views • 54 slides
Automated Iterative Partitioning for Cooperatively Coevolving Particle Swarms in Large Scale

Automated Iterative Partitioning for Cooperatively Coevolving Particle Swarms in Large Scale

CCPSO2 Proposed Approach Experimental Results Conclusion Automated Iterative Partitioning for Cooperatively Coevolving Particle Swarms in Large Scale Optimization Peter Frank Perroni 1 Daniel Weingaertner 1 Myriam Regattieri Delgado 2 1

319 views • 21 slides
Developing Automated Scoring for Large-scale Assessments of Three-dimensional Learning Jay Thomas

Developing Automated Scoring for Large-scale Assessments of Three-dimensional Learning Jay Thomas

Developing Automated Scoring for Large-scale Assessments of Three-dimensional Learning Jay Thomas 1 , Ellen Holste 2 , Karen Draney 3 , Shruti Bathia 3 , and Charles W. Anderson 2 1. ACT, Inc. Michigan State University 2. UC Berkeley, BEAR

473 views • 14 slides
Inject the future Process technologies and automated production cells for large-scale

Inject the future Process technologies and automated production cells for large-scale

Inject the future Process technologies and automated production cells for large-scale manufacturing of lightw eight thermoplastic composites for automotive applications Georg Steinbichler ENGEL AUSTRIA GmbH | EU Technology transfer

487 views • 11 slides
Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale

Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale

Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale electronic voting protocol: Primarily Internet-based Users voting from their own devices (such as home PC/laptop) Aimed toward actual

721 views • 21 slides
UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko

UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko

UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko https://arstechnica.com/information-technology/2012/11/mushrooming-growth-of-ransomware- extorts-5-million-a-year/

298 views • 13 slides
Support Vector Machines for Large Scale Text Mining in R Ingo Feinerer 1 Alexandros Karatzoglou 2

Support Vector Machines for Large Scale Text Mining in R Ingo Feinerer 1 Alexandros Karatzoglou 2

Support Vector Machines for Large Scale Text Mining in R Ingo Feinerer 1 Alexandros Karatzoglou 2 1 Vienna University of Technology, Austria 2 Telefonica Research, Spain COMPSTAT2010 Motivation Machine learning and data mining require

451 views • 13 slides
Internet Topology Generation for Large Scale BGP Simulation Jean-Michel Fourneau - Houssame

Internet Topology Generation for Large Scale BGP Simulation Jean-Michel Fourneau - Houssame

Internet Topology Generation for Large Scale BGP Simulation Jean-Michel Fourneau - Houssame Yahiaoui Outlook BGP: Border Gateway Protocol Large Scale Simulation: motivations Large Scale BGP Simulation Model Realistic Topologies

550 views • 17 slides
Automated Large-Scale Phonetic Analysis: DASS William A. Kretzschmar, Jr., Joseph Stanley,

Automated Large-Scale Phonetic Analysis: DASS William A. Kretzschmar, Jr., Joseph Stanley,

Automated Large-Scale Phonetic Analysis: DASS William A. Kretzschmar, Jr., Joseph Stanley, Katherine Kuiper University of Georgia 1 DASS 64 interviews available on a portable USB drive 370 hours of sound files--c. 200Gb, about

335 views • 12 slides
LAVA: Large-scale Automated Vulnerability Addition Tim Leek, Patrick Hulin, Ryan Whelan (MIT/LL),

LAVA: Large-scale Automated Vulnerability Addition Tim Leek, Patrick Hulin, Ryan Whelan (MIT/LL),

LAVA: Large-scale Automated Vulnerability Addition Tim Leek, Patrick Hulin, Ryan Whelan (MIT/LL), Brendan Dolan-Gavitt (NYU), Fredrick Ulrich, Andrea Mambretti, Wil Robertson, and Engin Kirda (Northeastern) May 22, 2016 This work is sponsored

181 views • 16 slides
Staghorn An Automated Large-Scale Distributed System Analysis Platform Kasimir Gabert (5638),

Staghorn An Automated Large-Scale Distributed System Analysis Platform Kasimir Gabert (5638),

CPU Quiesce Time A vm_density 1 10 14 6 VM 1 VM 2 Time to quiesce CPUs (in ms) A 5 (paused) (paused) 4 VM 1 VM 2 3 X 2 1 10 14 VM 1 VM 2 VM Density Staghorn An Automated Large-Scale Distributed System Analysis

513 views • 24 slides
Relating Multiset Rewriting and Process Algebra for Immediate Decryption Protocols Iliano

Relating Multiset Rewriting and Process Algebra for Immediate Decryption Protocols Iliano

Relating Multiset Rewriting and Process Algebra for Immediate Decryption Protocols Iliano Cervesato iliano@itd.nrl.navy.mil ITT Industries, inc @ NRL Washington, DC http://www.cs.stanford.edu/~iliano Joint work with S. Bistarelli, G. Lenzini,

498 views • 21 slides
iot.schema.org Overview and Update July 1, 2018 Semantic Interoperability What? Common

iot.schema.org Overview and Update July 1, 2018 Semantic Interoperability What? Common

iot.schema.org Overview and Update July 1, 2018 Semantic Interoperability What? Common ways to describe interactions with the physical world Abstract Interactions e.g. Temperature How? Detailed instructions for protocol

494 views • 17 slides
I nformation Technology Advisory Committee (I TAC) Public Business Meeting February 2, 2018

I nformation Technology Advisory Committee (I TAC) Public Business Meeting February 2, 2018

I nformation Technology Advisory Committee (I TAC) Public Business Meeting February 2, 2018 Teleconference Hon. Sheila F . Hanson Chair, Information Technology Advisory Committee 1 Administrative Matters Open Meeting I. Call to Order,

770 views • 33 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Spring 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Spring 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Spring 2010 Sonja Buchegger buc@kth.se Lecture 8, Feb. 10, 2010 Malicious Software, Denial of Service Announcements ! Lab reports ! Bonus points !

1.08k views • 42 slides
Measuring Energy Storage System Performance: A Government/ Industry-Developed Protocol June 30,

Measuring Energy Storage System Performance: A Government/ Industry-Developed Protocol June 30,

Energy Storage Technology Advancement Partnership (ESTAP) Webinar: Measuring Energy Storage System Performance: A Government/ Industry-Developed Protocol June 30, 2016 Hosted by Todd Olinsky-Paul ESTAP Project Director Clean Energy States

667 views • 43 slides
Natural Language Processing Info 159/259 Lecture 20: Semantic roles (Nov. 2, 2017) David

Natural Language Processing Info 159/259 Lecture 20: Semantic roles (Nov. 2, 2017) David

Natural Language Processing Info 159/259 Lecture 20: Semantic roles (Nov. 2, 2017) David Bamman, UC Berkeley Semantic parsing Semantic parsing with CCG is simply syntactic parsing, assuming mapping from syntactic primitives to logical

802 views • 54 slides
November 9 th 2012 Agenda Items Graduate Forms Processing Resource Manual (Sharon Matson)

November 9 th 2012 Agenda Items Graduate Forms Processing Resource Manual (Sharon Matson)

Council of Graduate Coordinators and Staff (CGCS) Meeting November 9 th 2012 Agenda Items Graduate Forms Processing Resource Manual (Sharon Matson) GLO Update Staff Storm- GLO ETD Update Office of Graduate Studies Sponsored

538 views • 14 slides
CRD/IARD Forum October 8, 2013 NASAA Annual Conference Salt Lake City, UT WWW.NASAA.ORG |

CRD/IARD Forum October 8, 2013 NASAA Annual Conference Salt Lake City, UT WWW.NASAA.ORG |

CRD/IARD Forum October 8, 2013 NASAA Annual Conference Salt Lake City, UT WWW.NASAA.ORG | 202 737 0900 | 750 FIRST ST NE STE 140 WASHINGTON, DC 20002 Melanie Senter Lubin , Maryland Securities Commissioner & Chair of NASAA

377 views • 27 slides

More recommend