large scale api protocol mining for automated bug
play

Large-Scale API Protocol Mining for Automated Bug Detection Michael - PowerPoint PPT Presentation

Dec 11, 2022 •262 likes •1.55k views

Large-Scale API Protocol Mining for Automated Bug Detection Michael Pradel Department of Computer Science ETH Zurich 1 Motivation LinkedList pinConnections = ...; Iterator i = pinConnections.iterator (); while ( i.hasNext () ) { PinLink

  1. State Partitioning Protocol transformation: Setup states vs. liable states l.add i.hasNext l.iterator new LinkedList → i i.hasNext → l l.add i.next ambiguous → split l.add 29

  2. State Partitioning Protocol transformation: Setup states vs. liable states l.add i.hasNext l.iterator new LinkedList → i i.hasNext → l i.next l.add l.add l.add 29

  3. State Partitioning Protocol transformation: Setup states vs. liable states l.add i.hasNext l.iterator new LinkedList → i i.hasNext → l i.next l.add l.add setup liable l.add 29

  4. Overview Analysis Static Runtime checking verification 30

  5. Overview Analysis Static Runtime checking verification 30

  6. Dynamic Protocol Checking Runtime verification Input (JavaMOP) 31

  7. Dynamic Protocol Checking Runtime verification Input (JavaMOP) Challenge 1: Check many different execution paths 31

  8. Dynamic Protocol Checking Runtime verification Input (JavaMOP) Challenge 1: Challenge 2: Check many different Monitoring execution paths mined protocols 31

  9. Randomly Generated Input Challenge 1: Check many different execution paths Input 32

  10. Randomly Generated Input Challenge 1: Check many different execution paths Input Random test generation 32

  11. Randomly Generated Input Challenge 1: Check many different execution paths Input Random test Call sequences generation that trigger an exception 32

  12. Randomly Generated Input Challenge 1: Check many different execution paths Input Non-exceptional Random test Call sequences sequences generation that trigger an exception 32

  13. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i.hasNext new LinkedList → l i.iterator → i i.next 33

  14. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i.hasNext new LinkedList → l i.iterator → i l i.next 33

  15. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i.hasNext new LinkedList → l i.iterator → i l i.next 33

  16. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () Violation!? i.hasNext new LinkedList → l i.iterator → i l i.next 33

  17. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i1 = l.iterator () i2.next() i.hasNext new LinkedList → l i.iterator → i l i.next 33

  18. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i1 = l.iterator () i2.next() i.hasNext new LinkedList → l i.iterator → i (l,i1) i.next 33

  19. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i1 = l.iterator () i2.next() i.hasNext new LinkedList → l i.iterator → i (l,i1) i2 i.next 33

  20. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i1 = l.iterator () Violation!? i2.next() i.hasNext new LinkedList → l i.iterator → i (l,i1) i2 i.next 33

  21. Protocol Monitoring Challenge 2: Monitoring mined protocols l = new LinkedList () i1 = l.iterator () Naive approach gives Violation!? i2.next() too many violations i.hasNext new LinkedList → l i.iterator → i (l,i1) i2 i.next 33

  22. Explicit Fail Transitions Fail only in liable states i.hasNext new LinkedList → l i.iterator → i i.next i.next i.hasNext F 34

  23. Explicit Fail Transitions Fail only in liable states i.hasNext new LinkedList → l i.iterator → i i.next i.next i.hasNext Violation: F � Reach fail state � End in non-final, liable state 34

  24. Evaluation Questions � Find relevant issues by monitoring mined protocols? � How useful is generated input? Setup: DaCapo benchmarks, 1.6 MLOC Java 35

  25. Results Randomly generated Protocol violations Bug (exception, Program Test cases Total Relevant unexpected behavior) avrora 15,753 5 4 or batik 3,477 0 0 code smell (perfor- daytrader 32,446 0 0 eclipse 816 0 0 mance/maintainability fop 6,536 52 50 problem) h2 7,584 14 7 lucene 1,985 0 0 pmd 1,286 0 0 sunflow 4,300 1 0 tomcat 14,627 1 1 xalan 21,083 1 1 Sum 160,857 74 63 36

  26. Results Randomly generated Protocol violations Bug (exception, Program Test cases Total Relevant unexpected behavior) avrora 15,753 5 4 or batik 3,477 0 0 code smell (perfor- daytrader 32,446 0 0 eclipse 816 0 0 mance/maintainability fop 6,536 52 50 problem) h2 7,584 14 7 lucene 1,985 0 0 pmd 1,286 0 0 sunflow 4,300 1 0 tomcat 14,627 1 1 85% true xalan 21,083 1 1 Sum 160,857 74 63 positives 36

  27. Examples try { is = u.openStream (); r = new InputStreamReader(is, "UTF -8"); br = new BufferedReader(r); } finally { if ( is != null ){ try { is.close (); } catch ( IOException ignored ){} is = null; } if ( r != null ){ try{ r.close (); } catch ( IOException ignored ){} r = null; } if ( br == null ){ try{ br.close (); } catch ( IOException ignored ){} br = null; } 37 }

  28. Examples try { is = u.openStream (); r = new InputStreamReader(is, "UTF -8"); br = new BufferedReader(r); } finally { if ( is != null ){ try { is.close (); } catch ( IOException ignored ){} is = null; } if ( r != null ){ try{ r.close (); } catch ( IOException ignored ){} r = null; } if ( br == null ){ try{ br.close (); } catch ( IOException ignored ){} br = null; Reader never closed } 37 }

  29. Examples Iterator i = pinConnections.iterator (); PinLink currLink = (PinConnect.PinLink) i.next (); currLink.propagateSignals (); while (i.hasNext ()) { currLink = (PinConnect.PinLink) i.next (); currLink.propagateSignals (); } 38

  30. Examples Iterator i = pinConnections.iterator (); PinLink currLink = (PinConnect.PinLink) i.next (); currLink.propagateSignals (); while (i.hasNext ()) { currLink = (PinConnect.PinLink) i.next (); currLink.propagateSignals (); } Incorrect iterator usage 38

  31. Normal vs. Generated Input 39

  32. Overview Analysis Static Runtime checking verification 40

  33. Overview Analysis Static Runtime checking verification 40

  34. State of the Art + specification Typestate Anomaly checking detection 41

  35. State of the Art + specification Typestate Anomaly checking detection + Precise + Automatic - Needs specification - Imprecise 41

  36. State of the Art + specification Typestate Anomaly checking detection + Precise + Automatic - Needs specification - Imprecise Combine both! Precise checker for mined multi-object protocols 41

Recommend

An Email Contact Protocol Experiment in a Large-Scale Survey of U.S. in a Large Scale Survey of

An Email Contact Protocol Experiment in a Large-Scale Survey of U.S. in a Large Scale Survey of

An Email Contact Protocol Experiment in a Large-Scale Survey of U.S. in a Large Scale Survey of U.S. Government Employees DC-AAPOR Summer Conference Preview/Review Bureau of Labor Statistics Conference Center Washington DC Washington, DC

1.17k views • 25 slides
VetTag: improving automated veterinary diagnosis coding via large-scale language modeling

VetTag: improving automated veterinary diagnosis coding via large-scale language modeling

VetTag: improving automated veterinary diagnosis coding via large-scale language modeling Published in npj (Nature) Digital Medicine Yuhui Zhang, Allen Nie, James Zou Introduction Large-scale veterinary clinical records can become a powerful

529 views • 14 slides
Is the Future Almost Here? Large-Scale Completely Automated Vowel

Is the Future Almost Here? Large-Scale Completely Automated Vowel

Is the Future Almost Here? Large-Scale Completely Automated Vowel Extrac8on of Free Speech Sravana Reddy and James N. Stanford Dartmouth College

563 views • 31 slides
Large-scale Graph Mining @ Google NY Vahab Mirrokni Google Research New York, NY DIMACS

Large-scale Graph Mining @ Google NY Vahab Mirrokni Google Research New York, NY DIMACS

Large-scale Graph Mining @ Google NY Vahab Mirrokni Google Research New York, NY DIMACS Workshop Large-scale graph mining Many applications Friend suggestions Recommendation systems Security Advertising Benefits Big data available Rich

822 views • 71 slides
S MV -H UNTER : Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in

S MV -H UNTER : Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in

S MV -H UNTER : Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps David Sounthiraraj Justin Sahs Garret Greenwood Zhiqiang Lin Latifur Khan University of Texas at Dallas February 26, 2014

671 views • 40 slides
What is Data Mining Many Definitions Search for valuable information in large amounts of

What is Data Mining Many Definitions Search for valuable information in large amounts of

What is Data Mining Many Definitions Search for valuable information in large amounts of data Automated or Semi Automated Exploration and Analysis of large volumes of data in order to discover meaningful patterns A step in KDD process

1.21k views • 54 slides
Automated Iterative Partitioning for Cooperatively Coevolving Particle Swarms in Large Scale

Automated Iterative Partitioning for Cooperatively Coevolving Particle Swarms in Large Scale

CCPSO2 Proposed Approach Experimental Results Conclusion Automated Iterative Partitioning for Cooperatively Coevolving Particle Swarms in Large Scale Optimization Peter Frank Perroni 1 Daniel Weingaertner 1 Myriam Regattieri Delgado 2 1

319 views • 21 slides
Developing Automated Scoring for Large-scale Assessments of Three-dimensional Learning Jay Thomas

Developing Automated Scoring for Large-scale Assessments of Three-dimensional Learning Jay Thomas

Developing Automated Scoring for Large-scale Assessments of Three-dimensional Learning Jay Thomas 1 , Ellen Holste 2 , Karen Draney 3 , Shruti Bathia 3 , and Charles W. Anderson 2 1. ACT, Inc. Michigan State University 2. UC Berkeley, BEAR

473 views • 14 slides
Inject the future Process technologies and automated production cells for large-scale

Inject the future Process technologies and automated production cells for large-scale

Inject the future Process technologies and automated production cells for large-scale manufacturing of lightw eight thermoplastic composites for automotive applications Georg Steinbichler ENGEL AUSTRIA GmbH | EU Technology transfer

487 views • 11 slides
Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale

Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale

Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale electronic voting protocol: Primarily Internet-based Users voting from their own devices (such as home PC/laptop) Aimed toward actual

721 views • 21 slides
UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko

UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko

UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko https://arstechnica.com/information-technology/2012/11/mushrooming-growth-of-ransomware- extorts-5-million-a-year/

298 views • 13 slides
Support Vector Machines for Large Scale Text Mining in R Ingo Feinerer 1 Alexandros Karatzoglou 2

Support Vector Machines for Large Scale Text Mining in R Ingo Feinerer 1 Alexandros Karatzoglou 2

Support Vector Machines for Large Scale Text Mining in R Ingo Feinerer 1 Alexandros Karatzoglou 2 1 Vienna University of Technology, Austria 2 Telefonica Research, Spain COMPSTAT2010 Motivation Machine learning and data mining require

451 views • 13 slides
Internet Topology Generation for Large Scale BGP Simulation Jean-Michel Fourneau - Houssame

Internet Topology Generation for Large Scale BGP Simulation Jean-Michel Fourneau - Houssame

Internet Topology Generation for Large Scale BGP Simulation Jean-Michel Fourneau - Houssame Yahiaoui Outlook BGP: Border Gateway Protocol Large Scale Simulation: motivations Large Scale BGP Simulation Model Realistic Topologies

550 views • 17 slides
Automated Large-Scale Phonetic Analysis: DASS William A. Kretzschmar, Jr., Joseph Stanley,

Automated Large-Scale Phonetic Analysis: DASS William A. Kretzschmar, Jr., Joseph Stanley,

Automated Large-Scale Phonetic Analysis: DASS William A. Kretzschmar, Jr., Joseph Stanley, Katherine Kuiper University of Georgia 1 DASS 64 interviews available on a portable USB drive 370 hours of sound files--c. 200Gb, about

335 views • 12 slides
LAVA: Large-scale Automated Vulnerability Addition Tim Leek, Patrick Hulin, Ryan Whelan (MIT/LL),

LAVA: Large-scale Automated Vulnerability Addition Tim Leek, Patrick Hulin, Ryan Whelan (MIT/LL),

LAVA: Large-scale Automated Vulnerability Addition Tim Leek, Patrick Hulin, Ryan Whelan (MIT/LL), Brendan Dolan-Gavitt (NYU), Fredrick Ulrich, Andrea Mambretti, Wil Robertson, and Engin Kirda (Northeastern) May 22, 2016 This work is sponsored

181 views • 16 slides
Staghorn An Automated Large-Scale Distributed System Analysis Platform Kasimir Gabert (5638),

Staghorn An Automated Large-Scale Distributed System Analysis Platform Kasimir Gabert (5638),

CPU Quiesce Time A vm_density 1 10 14 6 VM 1 VM 2 Time to quiesce CPUs (in ms) A 5 (paused) (paused) 4 VM 1 VM 2 3 X 2 1 10 14 VM 1 VM 2 VM Density Staghorn An Automated Large-Scale Distributed System Analysis

513 views • 24 slides
PyZX: Large Scale Automated Diagrammatic Reasoning Aleks Kissinger aleks@cs.ru.nl John van de

PyZX: Large Scale Automated Diagrammatic Reasoning Aleks Kissinger aleks@cs.ru.nl John van de

PyZX: Large Scale Automated Diagrammatic Reasoning Aleks Kissinger aleks@cs.ru.nl John van de Wetering john@vdwetering.name Institute for Computing and Information Sciences Radboud University Nijmegen June 10, 2019 PyZX Open source

1.06k views • 49 slides
Large-scale Data is Everywhere! There has been enormous data growth in both commercial and

Large-scale Data is Everywhere! There has been enormous data growth in both commercial and

Data Mining: Introduction Lecture Notes for Chapter 1 Introduction to Data Mining, 2 nd Edition by Tan, Steinbach, Karpatne, Kumar Introduction to Data Mining, 2nd Edition 09/09/2020 1 Tan, Steinbach, Karpatne, Kumar 1 Large-scale Data is

163 views • 14 slides
Large-scale Data Mining: MapReduce and Beyond Part 2: Algorithms Spiros Papadimitriou, IBM

Large-scale Data Mining: MapReduce and Beyond Part 2: Algorithms Spiros Papadimitriou, IBM

Large-scale Data Mining: MapReduce and Beyond Part 2: Algorithms Spiros Papadimitriou, IBM Research Jimeng Sun, IBM Research Rong Yan, Facebook Part 2:Mining using MapReduce Mining algorithms using MapReduce Information retrieval

553 views • 40 slides
PageRank and recommenders on very large scale A Big Data perspective through Stratosphere

PageRank and recommenders on very large scale A Big Data perspective through Stratosphere

PageRank and recommenders on very large scale PageRank and recommenders on very large scale A Big Data perspective through Stratosphere Mrton Balassi Data Mining and Search Group 1 1 Computer and Automation Research Institute of the Hungarian

719 views • 68 slides
FINANCING LARGE SCALE SOLAR Large Scale Solar Conference - Sydney Gloria Chan Director, Large

FINANCING LARGE SCALE SOLAR Large Scale Solar Conference - Sydney Gloria Chan Director, Large

FINANCING LARGE SCALE SOLAR Large Scale Solar Conference - Sydney Gloria Chan Director, Large Scale Solar Lead April 2017 CONTENTS 1. Introduction to CEFC 2. Investment trends 3. The future of large scale solar 4. Pathway to sustainable

664 views • 21 slides
Learning with Large Datasets L eon Bottou NEC Laboratories America Why Large-scale Datasets?

Learning with Large Datasets L eon Bottou NEC Laboratories America Why Large-scale Datasets?

Learning with Large Datasets L eon Bottou NEC Laboratories America Why Large-scale Datasets? Data Mining Gain competitive advantages by analyzing data that describes the life of our computerized society. Artificial Intelligence

878 views • 60 slides
A Data-Mining Approach To Time-Series Microarray Alignment for Crossing Large-Scale Biomolecular

A Data-Mining Approach To Time-Series Microarray Alignment for Crossing Large-Scale Biomolecular

A Data-Mining Approach To Time-Series Microarray Alignment for Crossing Large-Scale Biomolecular and Literature Information 3rd Workshop on Algorithms in bioinformatics October 7-9, 2008, Laboratoire J.-V. Poncelet, Moscow

775 views • 44 slides
BMO Global Metals and Mining Conference 25-27 February 2019 HIGH GROWTH LARGE SCALE LOW COST

BMO Global Metals and Mining Conference 25-27 February 2019 HIGH GROWTH LARGE SCALE LOW COST

BMO Global Metals and Mining Conference 25-27 February 2019 HIGH GROWTH LARGE SCALE LOW COST IMPORTANT NOTICE DISCLAIMER Certain statements included in this presentation contain forward-looking information concerning the strategy of KAZ

1.04k views • 64 slides

More recommend