the human component in automated bug finding
play

The Human Component in Automated Bug Finding Christian Holler - PowerPoint PPT Presentation

Aug 14, 2022 •381 likes •1.12k views

The Human Component in Automated Bug Finding Christian Holler (:decoder) Staff Security Engineer ~ 16M lines source code ~ 16M lines source code Last month: 340 authors with 2,475 commits Interfaces Media Formats Markup Fonts Languages

  1. The Human Component in Automated Bug Finding Christian Holler (:decoder) Staff Security Engineer

  3. ~ 16M lines source code

  4. ~ 16M lines source code Last month: 340 authors with 2,475 commits

  5. Interfaces Media Formats Markup Fonts Languages JavaScript Networking

  6. Developers know... Domain Knowledge

  7. Developers know... … code architecture/contracts Domain Knowledge

  8. Developers know... … code architecture/contracts … expected behavior Domain Knowledge

  9. Developers know... … code architecture/contracts … expected behavior Domain … weaknesses Knowledge

  10. Developers know... … code architecture/contracts … expected behavior Domain … weaknesses Knowledge “Lone warrior” approach not sustainable

  11. Mutual Trust Relationship

  12. The Do’s and Don’ts

  13. Ninja Style

  14. Ninja Style Build fuzzer alone and in secret

  15. Ninja Style Build fuzzer alone and in secret Rapid fire bugs at developers

  16. Ninja Style Build fuzzer alone and in secret Rapid fire bugs at developers “ They’ll never know what hit them. Tehehe!!11oneeleven ”

  17. Defensive Behavior

  18. Defensive Behavior Overwhelmed

  19. Defensive Behavior Overwhelmed Lack of Resources

  20. Defensive Behavior Overwhelmed Lack of Resources Code Ownership Bias

  21. 21

  22. “please stop filing fuzz bugs for the next few weeks until they can be addressed.” 22

  23. Surprise your developers DON’T

  24. Surprise your developers Act superior or DON’T adversarial

  25. Surprise your developers Act superior or DON’T adversarial Assume equal priorities

  26. DO: Kickoff Meeting

  27. Developers, Fuzzing and Management DO: Kickoff Meeting

  28. Developers, Fuzzing and Management Show previous success stories DO: Kickoff Meeting

  29. Developers, Fuzzing and Management Show previous success stories DO: Offer your help, Kickoff Meeting ask about problems

  30. Developers, Fuzzing and Management Show previous success stories DO: Offer your help, Kickoff Meeting ask about problems Define Goals - Allocate Resources

  31. Developers, Fuzzing and Management Show previous success stories DO: Offer your help, Kickoff Meeting ask about problems Define Goals - Allocate Resources Educate on Requirements

  32. Developers, Fuzzing and Management Show previous success stories DO: Offer your help, Kickoff Meeting ask about problems Define Goals - Allocate Resources Educate on Requirements

  33. Developers, Fuzzing and Management Show previous success stories DO: Offer your help, Kickoff Meeting ask about problems Define Goals - Allocate Resources Educate on Requirements

  34. Requirements and Goals Fuzzing Developer

  35. Requirements and Goals Fuzzing Developer

  36. Requirements and Goals Fuzzing Developer

  37. Requirements and Goals Fuzzing Developer

  38. Example Requirement Bugs must be fixed

  39. Example Requirement Bugs must be fixed “ That bug isn’t interesting, please ignore it. ”

  40. Example Requirement Bugs must be fixed “ ... but that’s not a bug. ”

  41. Example Requirement Bugs must be fixed “ ... but that’s not a bug. ” “Contract” about what constitutes a bug

  42. $ js js>

  43. $ js js> print("Hello watman") Hello watman js>

  44. $ js js> print("Hello watman") Hello watman js> crash(); Hit MOZ_CRASH(forced crash) at shell/js.cpp:3700 Segmentation fault

  45. $ js --fuzzing-safe js>

  46. $ js --fuzzing-safe js> crash(); typein:1:1 ReferenceError: crash is not defined

  47. Requirements vs. Goals Fuzzing Developer

  48. Fuzzblockers

  49. Disruptive effect on fuzzing operations Fuzzblockers

  50. Disruptive effect on fuzzing operations (e.g. highly frequent, resource intensive) Fuzzblockers + Hard to avoid

  51. Disruptive effect on fuzzing operations (e.g. highly frequent, resource intensive) Fuzzblockers + Hard to avoid Highest Priority for Fuzzing (Usually) low priority for developers

  52. Disruptive effect on fuzzing operations (e.g. highly frequent, resource intensive) Fuzzblockers + Hard to avoid Highest Priority for Fuzzing (Usually) low priority for developers Try writing a fix yourself !

  53. I want you to fix a bug

  54. I want you to fix a bug You learn something about the code

  55. I want you to fix a bug You learn something about the code You learn something about development

  56. I want you to fix a bug You learn something about the code You learn something about development You can progress faster

  57. I want you to fix a bug You learn something about the code You learn something about development You can progress faster Developers will be happy

  58. When?

  59. When to Fuzz?

  60. When to Fuzz?

  61. When to Fuzz?

  62. When to Fuzz?

  63. When to Fuzz? Earliest version with well-defined behavior

  64. When to Fuzz? Could help Earliest version with developers well-defined behavior

  65. When to Fuzz? Could help Earliest version with developers well-defined behavior As early as possible (*)

  66. DO: Simple Steps to reproduce

  67. DO: Simple Steps to reproduce

  68. DO: Measure Code Coverage

  69. SHARE! DO: Measure Code Coverage

  70. DO: Educate

  71. Fuzzing is Teamwork

  72. Thank You

Recommend

NEEDFINDING IN HUMAN CENTERED DESIGN What is need finding? What is need finding? What is need

NEEDFINDING IN HUMAN CENTERED DESIGN What is need finding? What is need finding? What is need

NEEDFINDING IN HUMAN CENTERED DESIGN What is need finding? What is need finding? What is need finding? Needfinding is the process of uncovering User needs Opportunities for improvement Design Insights by learning about their goals

418 views • 14 slides
12. Finding Components with Metadata in Component Repositories 1. Searching and Browsing with

12. Finding Components with Metadata in Component Repositories 1. Searching and Browsing with

Fakultt Informatik - Institut Software- und Multimediatechnik - Softwaretechnologie Prof. Amann - CBSE 12. Finding Components with Metadata in Component Repositories 1. Searching and Browsing with Lecturer : Dr. Sebastian Gtz Faceted

872 views • 38 slides
UPDATE Matt King 07/07/2015 Region Finding 2 Have been working on an automated fiducial

UPDATE Matt King 07/07/2015 Region Finding 2 Have been working on an automated fiducial

1 MOEDAL SIMULATION UPDATE Matt King 07/07/2015 Region Finding 2 Have been working on an automated fiducial region finding algorithm for the MMTs With assistance from Katarina Bendtz, who designed the algorithm for ATLAS. Our

361 views • 7 slides
RP2: Automated end-to-end email component testing MSc. Security & Network Engineering Kevin

RP2: Automated end-to-end email component testing MSc. Security & Network Engineering Kevin

RP2: Automated end-to-end email component testing MSc. Security & Network Engineering Kevin Csuka, Isaac Klop October 16, 2018 University of Amsterdam Supervisor: Michiel Leenaars, NLnet Intro 1 Intro E-mail software is complex

951 views • 27 slides
Automated Transformation from Descartes Modeling Language to Palladio Component Model Jrgen

Automated Transformation from Descartes Modeling Language to Palladio Component Model Jrgen

Automated Transformation from Descartes Modeling Language to Palladio Component Model Jrgen Walter, Simon Eismann, Adrian Hildebrandt Dept. of Computer Science, University of Wrzburg Symposium on Software Performance, Nov 6 th 2015, Munich,

700 views • 20 slides
Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser

Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser

Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Yi-Min Wang, Doug Beck, Xuxian Jiang, Roussi Roussev, Chad Verbowski, Shuo Chen, and Sam King Microsoft Research, Redmond Lisa Johansen

428 views • 16 slides
Tapelifting System for Fibres Evidence Screening and Ventures into Automated Fibre Finding. Dr

Tapelifting System for Fibres Evidence Screening and Ventures into Automated Fibre Finding. Dr

Easylift Three Years On: Use of this Novel Tapelifting System for Fibres Evidence Screening and Ventures into Automated Fibre Finding. Dr Claire Gwinnett, Prof Andrew Jackson, Forensic and Crime Science Department, Staffordshire University, UK

575 views • 23 slides
Finding and proving new geometry theorems in regular polygons with dynamic geometry and automated

Finding and proving new geometry theorems in regular polygons with dynamic geometry and automated

Finding and proving new geometry theorems in regular polygons with dynamic geometry and automated reasoning tools Zolt an Kov acs The Private University College of Education of the Diocese of Linz CICM Hagenberg, Calculemus August 16,

730 views • 68 slides
Strongly connected components Finding strongly-connected components A strongly connected component

Strongly connected components Finding strongly-connected components A strongly connected component

Strongly connected components Finding strongly-connected components A strongly connected component is the maximal subset of a graph with a directed path between any two vertices B Tyler Moore CSE 3353, SMU, Dallas, TX g e Lecture 9 f a b

166 views • 5 slides
Towards Safety Analysis of Interactions Between Human Users and Automated Driving Systems

Towards Safety Analysis of Interactions Between Human Users and Automated Driving Systems

10th European Congress on Embedded Real-Time Systems - ERTS 2020 Towards Safety Analysis of Interactions Between Human Users and Automated Driving Systems Fredrik Warg Stig Ursing Martin Kaalhus Richard Wiik Safety of Automated Driving

763 views • 19 slides
Report and Presentation Requirements Dr Ian Storey 2018 Fact Finding Fact finding is a major

Report and Presentation Requirements Dr Ian Storey 2018 Fact Finding Fact finding is a major

Report and Presentation Requirements Dr Ian Storey 2018 Fact Finding Fact finding is a major component of the analysis in this assignment. Describe techniques used, and give a small number of examples with associated data ( no less than 3 ). For

203 views • 7 slides
A Novel Approach to Integrate Human-in-the-Loop Testing in the Development Chain of Automated

A Novel Approach to Integrate Human-in-the-Loop Testing in the Development Chain of Automated

Institute of Automotive Engineering A Novel Approach to Integrate Human-in-the-Loop Testing in the Development Chain of Automated Driving on the Example of Automated Lane Change Branko Rogic TU Graz 1 Agenda Institute of Automotive

296 views • 16 slides
TEXT AND TEXT AND AUTOMATED BIASES AUTOMATED BIASES NATURAL LANGUAGES ARE THE NATURAL

TEXT AND TEXT AND AUTOMATED BIASES AUTOMATED BIASES NATURAL LANGUAGES ARE THE NATURAL

TEXT AND TEXT AND AUTOMATED BIASES AUTOMATED BIASES NATURAL LANGUAGES ARE THE NATURAL LANGUAGES ARE THE BASE HUMAN COMMUNICATION BASE HUMAN COMMUNICATION we learn from books of all kinds about complex topics and keep ourself updated

532 views • 51 slides
Towards Automated Recognition of Human Emotions Using EEG Haiyan Xu The Edward S. Rogers Sr.

Towards Automated Recognition of Human Emotions Using EEG Haiyan Xu The Edward S. Rogers Sr.

Towards Automated Recognition of Human Emotions Using EEG Haiyan Xu The Edward S. Rogers Sr. Department of Electrical and Computer Engineering, University of Toronto July 12, 2012 Research Objective To investigate whether EEG signal is

512 views • 33 slides
About this presentation Some basics about human (or interpersonal) communication Automated

About this presentation Some basics about human (or interpersonal) communication Automated

About this presentation Some basics about human (or interpersonal) communication Automated Driving and the effects on Short information about a study on automated driving and the effects on communication in communication in road

229 views • 3 slides
Visualizing and Exploring Data Visual Methods for finding structures in data Power of human

Visualizing and Exploring Data Visual Methods for finding structures in data Power of human

Visualizing and Exploring Data Visual Methods for finding structures in data Power of human eye/brain to detect structures Product of eons of evolution Display data in ways that capitalize on human pattern processing abilities

403 views • 15 slides
Current Insights in Human Factors of Automated Driving and Future Outlook Towards Tele-Driving

Current Insights in Human Factors of Automated Driving and Future Outlook Towards Tele-Driving

1 Cognitive Robotics, Delft University of Technology, The Netherlands 2 Driver and Vehicle, Swedish National Road and Transport Research Institute, Sweden Current Insights in Human Factors of Automated Driving and Future Outlook Towards

1.57k views • 93 slides
Finding your way in a graph Finding your way in a graph Finding your way in a graph Finding your

Finding your way in a graph Finding your way in a graph Finding your way in a graph Finding your

Finding your way in a graph Finding your way in a graph Finding your way in a graph Finding your way in a graph = station One loop = junction A system of interconnected loops L L What is the best way to go from L to ? L L L 1 ? L

2.13k views • 166 slides
Interactions Between Human-driven Vehicles and Automated Truck Platoons Karl H. Johansson

Interactions Between Human-driven Vehicles and Automated Truck Platoons Karl H. Johansson

7/8/19 Interactions Between Human-driven Vehicles and Automated Truck Platoons Karl H. Johansson Electrical Engineering and Computer Science KTH Royal Institute of Technology Sweden Workshop on Control for Networked Transportation Systems

476 views • 8 slides
The Role of Human Performance in Decision Making Maritime Automated Systems Development:

The Role of Human Performance in Decision Making Maritime Automated Systems Development:

The Role of Human Performance in Decision Making Maritime Automated Systems Development: Implications of Autonomy in Naval and Maritime Command, Training and Assessment Dr. Tareq Ahram Lead Scientist, Research Manager Institute for Advanced

751 views • 56 slides
Automated Reasoning: Some Successes and New Challenges Predrag Jani ci c

Automated Reasoning: Some Successes and New Challenges Predrag Jani ci c

What is this talk about? What is automated reasoning? Automated reasoning in propositional logic Automated reasoning in first-order logic Automated reasoning in higher-order logic Automated reasoning in geometry Conclusions Automated

806 views • 52 slides
Continuous Flow Scoring of Prose Constructed Response: A Hybrid of Automated and Human Scoring

Continuous Flow Scoring of Prose Constructed Response: A Hybrid of Automated and Human Scoring

Continuous Flow Scoring of Prose Constructed Response: A Hybrid of Automated and Human Scoring Denny Way Pearson June 22, 2016 Presented at that National Conference on Student Assessment, Philadelphia, PA 1 Background This

301 views • 15 slides
For use in AIM Awards centres Component Level: Level Three Component Guided Learning Hours: 28

For use in AIM Awards centres Component Level: Level Three Component Guided Learning Hours: 28

Qualification Component and Record of Learner Achievement Garden Design: Presentation Techniques L3(Y/504/1124) For use in AIM Awards centres Component Level: Level Three Component Guided Learning Hours: 28 Ofqual Component Reference No:

344 views • 6 slides
Part II Black-Box Composition Systems 20. Finding UML Business Components in a

Part II Black-Box Composition Systems 20. Finding UML Business Components in a

Fakultt Informatik - Institut Software- und Multimediatechnik - Softwaretechnologie Prof. Amann - CBSE Part II Black-Box Composition Systems 20. Finding UML Business Components in a Component-Based Development Process 1. Business

524 views • 25 slides

More recommend