Model-based Testing - From Safety to Security
|
|
- Maria Chambers
- 5 years ago
- Views:
Transcription
1 Model-based Testing - From Safety to Security Josip Bozic, Franz Wotawa Graz University of Technology {jbozic, wotawa}@ist.tugraz.at October 24, 2012 Josip Bozic, Franz Wotawa October 24, 2012 Page 1/28
2 Introduction Objects of Research model-based testing SQL injection black-box testing white-box testing fuzzing mutation testing Josip Bozic, Franz Wotawa October 24, 2012 Page 2/28
3 Introduction Model-based Testing Active testing methodology with the objective to generate test suites from models of the SUT. When using models for test suite generation it can be guaranteed that the test suite is complete with respect to the given model. Some faults might still not be detected either because of shortcomings regarding the system s model or combinations of test inputs that make use of unintended interactions between the system under test and its environment. Josip Bozic, Franz Wotawa October 24, 2012 Page 3/28
4 Intention Exploit SQL injection (SQLI) vulnerabilities of a given application. Avoid SUTs built-in input filters, which check every submitted piece of data for suspiciousness. Definition of methods for generating inputs, which will be able to escape all predefined filters so a valid query may be submitted to the database, retrieving stored information (e.g. passwords etc.). Josip Bozic, Franz Wotawa October 24, 2012 Page 4/28
5 Model-based Fuzzing Testing technique, which generates random or semi-random inputs through a fuzz generator. White-box testing method: the structure of the SUT is known. The goal of a SQLI fuzzer is to modify a part of the structure of a SQL statement as a new input without violating its existing syntactic validity. Josip Bozic, Franz Wotawa October 24, 2012 Page 5/28
6 Model-based Fuzzing Approach Description Josip Bozic, Franz Wotawa October 24, 2012 Page 6/28
7 Model-based Fuzzing Approach Description Grammar-based white-box fuzzing method Josip Bozic, Franz Wotawa October 24, 2012 Page 6/28
8 Model-based Fuzzing Approach Description Grammar-based white-box fuzzing method Uses symbolic tokens and input grammar Josip Bozic, Franz Wotawa October 24, 2012 Page 6/28
9 Model-based Fuzzing Approach Description Grammar-based white-box fuzzing method Uses symbolic tokens and input grammar Josip Bozic, Franz Wotawa October 24, 2012 Page 6/28
10 Model-based Fuzzing Josip Bozic, Franz Wotawa October 24, 2012 Page 7/28
11 Model-based Fuzzing 1. Predefined input is symbolically executed. 2. Create constraints on inputs from conditional statements ( input filters). 3. Negation of constraints. 4. Processing in a constraint solver. Find a concrete input that satisfies the constraints according to the grammar. Josip Bozic, Franz Wotawa October 24, 2012 Page 8/28
12 Model-based Fuzzing Example: Given input filters: Initial input: Josip Bozic, Franz Wotawa October 24, 2012 Page 9/28
13 Model-based Fuzzing Example: Given input filters: Initial input: Define symbolic token constraints: Josip Bozic, Franz Wotawa October 24, 2012 Page 9/28
14 Model-based Fuzzing Example: Given input filters: Initial input: Define symbolic token constraints: Josip Bozic, Franz Wotawa October 24, 2012 Page 9/28
15 Model-based Fuzzing Example: Given input filters: Initial input: Define symbolic token constraints: Negate constraint in path Josip Bozic, Franz Wotawa October 24, 2012 Page 9/28
16 Model-based Fuzzing Example: Given input filters: Initial input: Define symbolic token constraints: Negate constraint in path Josip Bozic, Franz Wotawa October 24, 2012 Page 10/28
17 Model-based Fuzzing Example: Given input filters: Initial input: Define symbolic token constraints: Negate constraint in path Satisfy constraint according to grammar Josip Bozic, Franz Wotawa October 24, 2012 Page 10/28
18 Model-based Fuzzing Example: Given input filters: Initial input: Define symbolic token constraints: Negate constraint in path Satisfy constraint according to grammar Josip Bozic, Franz Wotawa October 24, 2012 Page 11/28
19 Model-based Fuzzing Example: Given input filters: Initial input: Define symbolic token constraints: Negate constraint in path Satisfy constraint according to grammar Josip Bozic, Franz Wotawa October 24, 2012 Page 12/28
20 Model-based Fuzzing Fillter white spaces: URL encode the apostrophe: Double-, triple- etc. encodings may be also applied on other input characters, thus getting a very huge number of possible input patterns. Josip Bozic, Franz Wotawa October 24, 2012 Page 13/28
21 Model Inference Assisted Evolutionary Fuzzing Black-box testing approach Combines the usage of model inference and an evolutionary algorithm (EA) in order to generate better input parameters Uses an attack grammar G for generating test cases Mutation of individuals from initial population pool: replacement, crossover Fitness function for evaluation of individual input parts from initial population Goal: reach all locations within a program Josip Bozic, Franz Wotawa October 24, 2012 Page 14/28
22 Model Inference Assisted Evolutionary Fuzzing Evolutionary algorithm 1. generate initial population of individuals 2. evaluate the fitness of each individual using a fitness function 3. select best-fit individuals for reproduction 4. apply mutation and crossover over parents new offspring 5. evaluate the individual fitness of new individuals 6. replace least-fit individuals with new ones new population Josip Bozic, Franz Wotawa October 24, 2012 Page 15/28
23 Model Inference Assisted Evolutionary Fuzzing 1. Infer a model of the SUT with tools from the SPaCIos project all state transitions are obtained. Josip Bozic, Franz Wotawa October 24, 2012 Page 16/28
24 Model Inference Assisted Evolutionary Fuzzing 1. Infer a model of the SUT with tools from the SPaCIos project all state transitions are obtained. Josip Bozic, Franz Wotawa October 24, 2012 Page 17/28
25 Model Inference Assisted Evolutionary Fuzzing 2. Navigate through the entire system for user-controlled input (username, password etc.). Josip Bozic, Franz Wotawa October 24, 2012 Page 18/28
26 Model Inference Assisted Evolutionary Fuzzing 2. Navigate through the entire system for user-controlled input (username, password etc.). Josip Bozic, Franz Wotawa October 24, 2012 Page 19/28
27 Model Inference Assisted Evolutionary Fuzzing 3. Apply fuzzing from the initial state: according to the attack grammar G, generate input parts of SQL statement. Josip Bozic, Franz Wotawa October 24, 2012 Page 20/28
28 Model Inference Assisted Evolutionary Fuzzing 3. Apply fuzzing from the initial state: according to the attack grammar G, generate input parts of SQL statement. Josip Bozic, Franz Wotawa October 24, 2012 Page 21/28
29 Model Inference Assisted Evolutionary Fuzzing Initial query: Josip Bozic, Franz Wotawa October 24, 2012 Page 22/28
30 Model Inference Assisted Evolutionary Fuzzing Initial query: First mutation: Josip Bozic, Franz Wotawa October 24, 2012 Page 22/28
31 Model Inference Assisted Evolutionary Fuzzing Initial query: First mutation: Second mutation: Josip Bozic, Franz Wotawa October 24, 2012 Page 22/28
32 Model Inference Assisted Evolutionary Fuzzing Initial query: First mutation: Second mutation: Crossover: Josip Bozic, Franz Wotawa October 24, 2012 Page 22/28
33 Model-based Mutation Testing Proposed approach White-box approach Uses attack model which describes concrete syntax and order of attacks includes input queries but also alternative attacking directions and bears all known types of filter techniques Generation process of test sequences is directed Level of randomness is minimized Grammar for test case generation Josip Bozic, Franz Wotawa October 24, 2012 Page 23/28
34 Model-based Mutation Testing Josip Bozic, Franz Wotawa October 24, 2012 Page 24/28
35 Model-based Mutation Testing The idea behind this method is to mutate the attack model, either by changing parts of SQL injection statements or by changing the order of the execution. Josip Bozic, Franz Wotawa October 24, 2012 Page 25/28
36 Model-based Mutation Testing Josip Bozic, Franz Wotawa October 24, 2012 Page 26/28
37 Conclusion and Future Work New ideas concerning the implementation of several model-based testing techniques regarding SQLI. The implementation is still an area with high demand for further scientific research. Cover practical problems and examine further fundamental research. The same techniques may also be applied for other security breaking methods. Josip Bozic, Franz Wotawa October 24, 2012 Page 27/28
38 Questions? Thank You / Vielen Dank! Josip Bozic, Franz Wotawa October 24, 2012 Page 28/28
Who are we? Cesena Security and Network Applications. Why join CeSeNA?
Unexpected inputs: the danger of data and code injection Who are we? Cesena Security and Network Applications We like computer security and we want to share our knowledge. Founded by Marco Ramilli in 2005.
More informationAbstract parsing: static analysis of dynamically generated string output using LR-parsing technology
Abstract parsing: static analysis of dynamically generated string output using LR-parsing technology Kyung-Goo Doh 1, Hyunha Kim 1, David A. Schmidt 2 1. Hanyang University, Ansan, South Korea 2. Kansas
More informationLecture 9 Evolutionary Computation: Genetic algorithms
Lecture 9 Evolutionary Computation: Genetic algorithms Introduction, or can evolution be intelligent? Simulation of natural evolution Genetic algorithms Case study: maintenance scheduling with genetic
More informationR E A D : E S S E N T I A L S C R U M : A P R A C T I C A L G U I D E T O T H E M O S T P O P U L A R A G I L E P R O C E S S. C H.
R E A D : E S S E N T I A L S C R U M : A P R A C T I C A L G U I D E T O T H E M O S T P O P U L A R A G I L E P R O C E S S. C H. 5 S O F T W A R E E N G I N E E R I N G B Y S O M M E R V I L L E S E
More informationAttack Graph Modeling and Generation
Attack Graph Modeling and Generation Ratnesh Kumar, Professor, IEEE Fellow Electrical and Computer Engineering, Iowa State University PhD Students: Mariam Ibrahim German Jordanian University Attack Graph:
More informationCSC 4510 Machine Learning
10: Gene(c Algorithms CSC 4510 Machine Learning Dr. Mary Angela Papalaskari Department of CompuBng Sciences Villanova University Course website: www.csc.villanova.edu/~map/4510/ Slides of this presenta(on
More informationGIS Functions and Integration. Tyler Pauley Associate Consultant
GIS Functions and Integration Tyler Pauley Associate Consultant Contents GIS in AgileAssets products Displaying data within AMS Symbolizing the map display Display on Bing Maps Demo- Displaying a map in
More informationTowards Lightweight Integration of SMT Solvers
Towards Lightweight Integration of SMT Solvers Andrei Lapets Boston University Boston, USA lapets@bu.edu Saber Mirzaei Boston University Boston, USA smirzaei@bu.edu 1 Introduction A large variety of SMT
More informationDETECTING THE FAULT FROM SPECTROGRAMS BY USING GENETIC ALGORITHM TECHNIQUES
DETECTING THE FAULT FROM SPECTROGRAMS BY USING GENETIC ALGORITHM TECHNIQUES Amin A. E. 1, El-Geheni A. S. 2, and El-Hawary I. A **. El-Beali R. A. 3 1 Mansoura University, Textile Department 2 Prof. Dr.
More informationNormalization by Evaluation
Normalization by Evaluation Andreas Abel Department of Computer Science and Engineering Chalmers and Gothenburg University PhD Seminar in Mathematical Engineering EAFIT University, Medellin, Colombia 9
More informationProperty Checking of Safety- Critical Systems Mathematical Foundations and Concrete Algorithms
Property Checking of Safety- Critical Systems Mathematical Foundations and Concrete Algorithms Wen-ling Huang and Jan Peleska University of Bremen {huang,jp}@cs.uni-bremen.de MBT-Paradigm Model Is a partial
More informationVäxjö University. Software Security Testing. A Flexible Architecture for Security Testing. School of Mathematics and System Engineering
School of Mathematics and System Engineering Reports from MSI - Rapporter från MSI Växjö University Software Security Testing A Flexible Architecture for Security Testing Martin Andersson Aug 2008 MSI
More informationProbabilistic Partial Evaluation: Exploiting rule structure in probabilistic inference
Probabilistic Partial Evaluation: Exploiting rule structure in probabilistic inference David Poole University of British Columbia 1 Overview Belief Networks Variable Elimination Algorithm Parent Contexts
More informationModel-based Mutation Testing via Symbolic Refinement Checking
Model-based Mutation Testing via Symbolic Refinement Checking Bernhard K. Aichernig a, Elisabeth Jöbstl a, Stefan Tiran a,b a Institute for Software Technology, Graz University of Technology Inffeldgasse
More informationA Stochastic Framework for Quantitative Analysis of Attack-Defense Trees
1 / 35 A Stochastic Framework for Quantitative Analysis of R. Jhawar K. Lounis S. Mauw CSC/SnT University of Luxembourg Luxembourg Security and Trust of Software Systems, 2016 ADT2P & TREsPASS Project
More informationGenetic Algorithms. Donald Richards Penn State University
Genetic Algorithms Donald Richards Penn State University Easy problem: Find the point which maximizes f(x, y) = [16 x(1 x)y(1 y)] 2, x, y [0,1] z (16*x*y*(1-x)*(1-y))**2 0.829 0.663 0.497 0.331 0.166 1
More informationStructural Induction
Structural Induction In this lecture we ll extend the applicability of induction to many universes, ones where we can define certain kinds of objects by induction, in addition to proving their properties
More informationThe State Explosion Problem
The State Explosion Problem Martin Kot August 16, 2003 1 Introduction One from main approaches to checking correctness of a concurrent system are state space methods. They are suitable for automatic analysis
More informationAdvanced Topics in LP and FP
Lecture 1: Prolog and Summary of this lecture 1 Introduction to Prolog 2 3 Truth value evaluation 4 Prolog Logic programming language Introduction to Prolog Introduced in the 1970s Program = collection
More informationCS 243 Lecture 11 Binary Decision Diagrams (BDDs) in Pointer Analysis
CS 243 Lecture 11 Binary Decision Diagrams (BDDs) in Pointer Analysis 1. Relations in BDDs 2. Datalog -> Relational Algebra 3. Relational Algebra -> BDDs 4. Context-Sensitive Pointer Analysis 5. Performance
More informationDatabases Exam HT2016 Solution
Databases Exam HT2016 Solution Solution 1a Solution 1b Trainer ( ssn ) Pokemon ( ssn, name ) ssn - > Trainer. ssn Club ( name, city, street, streetnumber ) MemberOf ( ssn, name, city ) ssn - > Trainer.
More informationInformation Flow Analysis via Path Condition Refinement
Information Flow Analysis via Path Condition Refinement Mana Taghdiri, Gregor Snelting, Carsten Sinz Karlsruhe Institute of Technology, Germany FAST September 16, 2010 KIT University of the State of Baden-Wuerttemberg
More informationFrequency-hiding Dependency-preserving Encryption for Outsourced Databases
Frequency-hiding Dependency-preserving Encryption for Outsourced Databases ICDE 17 Boxiang Dong 1 Wendy Wang 2 1 Montclair State University Montclair, NJ 2 Stevens Institute of Technology Hoboken, NJ April
More informationSolving Extended Regular Constraints Symbolically
Solving Extended Regular Constraints Symbolically Margus Veanes Microsoft Research, Redmond 16 Dec 2009 Küberneetika Instituudi Seminar 1 Initial Motivation Test table and test data generation for SQL
More informationSmart Data Collection and Real-time Digital Cartography
Smart Data Collection and Real-time Digital Cartography Yuji Murayama and Ko Ko Lwin Division of Spatial Information Science Faculty of Life and Environmental Sciences University of Tsukuba IGU 2013 1
More informationArchaeoKM: Managing Archaeological data through Archaeological Knowledge
Computer Applications and Quantitative Methods in Archeology - CAA 2010 Fco. Javier Melero & Pedro Cano (Editors) ArchaeoKM: Managing Archaeological data through Archaeological Knowledge A. Karmacharya
More informationOECD QSAR Toolbox v.4.1. Tutorial on how to predict Skin sensitization potential taking into account alert performance
OECD QSAR Toolbox v.4.1 Tutorial on how to predict Skin sensitization potential taking into account alert performance Outlook Background Objectives Specific Aims Read across and analogue approach The exercise
More informationOECD QSAR Toolbox v.4.1. Tutorial illustrating new options for grouping with metabolism
OECD QSAR Toolbox v.4.1 Tutorial illustrating new options for grouping with metabolism Outlook Background Objectives Specific Aims The exercise Workflow 2 Background Grouping with metabolism is a procedure
More informationArtificial Intelligence (AI) Common AI Methods. Training. Signals to Perceptrons. Artificial Neural Networks (ANN) Artificial Intelligence
Artificial Intelligence (AI) Artificial Intelligence AI is an attempt to reproduce intelligent reasoning using machines * * H. M. Cartwright, Applications of Artificial Intelligence in Chemistry, 1993,
More informationEvolution & Natural Selection
Evolution & Natural Selection Learning Objectives Know what biological evolution is and understand the driving force behind biological evolution. know the major mechanisms that change allele frequencies
More informationAn Evolution Strategy for the Induction of Fuzzy Finite-state Automata
Journal of Mathematics and Statistics 2 (2): 386-390, 2006 ISSN 1549-3644 Science Publications, 2006 An Evolution Strategy for the Induction of Fuzzy Finite-state Automata 1,2 Mozhiwen and 1 Wanmin 1 College
More informationDatabase Applications (15-415)
Database Applications (15-415) Relational Calculus Lecture 6, January 26, 2016 Mohammad Hammoud Today Last Session: Relational Algebra Today s Session: Relational calculus Relational tuple calculus Announcements:
More informationForecasting & Futurism
Article from: Forecasting & Futurism December 2013 Issue 8 A NEAT Approach to Neural Network Structure By Jeff Heaton Jeff Heaton Neural networks are a mainstay of artificial intelligence. These machine-learning
More informationSearch. Search is a key component of intelligent problem solving. Get closer to the goal if time is not enough
Search Search is a key component of intelligent problem solving Search can be used to Find a desired goal if time allows Get closer to the goal if time is not enough section 11 page 1 The size of the search
More informationImproved TBL algorithm for learning context-free grammar
Proceedings of the International Multiconference on ISSN 1896-7094 Computer Science and Information Technology, pp. 267 274 2007 PIPS Improved TBL algorithm for learning context-free grammar Marcin Jaworski
More informationProgram Analysis Part I : Sequential Programs
Program Analysis Part I : Sequential Programs IN5170/IN9170 Models of concurrency Program Analysis, lecture 5 Fall 2018 26. 9. 2018 2 / 44 Program correctness Is my program correct? Central question for
More informationComputational Logic Fundamentals (of Definite Programs): Syntax and Semantics
Computational Logic Fundamentals (of Definite Programs): Syntax and Semantics 1 Towards Logic Programming Conclusion: resolution is a complete and effective deduction mechanism using: Horn clauses (related
More informationAlgorithms for Data Science
Algorithms for Data Science CSOR W4246 Eleni Drinea Computer Science Department Columbia University Tuesday, December 1, 2015 Outline 1 Recap Balls and bins 2 On randomized algorithms 3 Saving space: hashing-based
More informationWeak Synchronization & Synchronizability. Multi-tape Automata and Machines
Weak Synchronization and Synchronizability of Multi-tape Automata and Machines Oscar H. Ibarra 1 and Nicholas Tran 2 1 Department of Computer Science University of California at Santa Barbara ibarra@cs.ucsb.edu
More informationOECD QSAR Toolbox v.4.0. Tutorial on how to predict Skin sensitization potential taking into account alert performance
OECD QSAR Toolbox v.4.0 Tutorial on how to predict Skin sensitization potential taking into account alert performance Outlook Background Objectives Specific Aims Read across and analogue approach The exercise
More informationVerification of String Manipulating Programs Using Multi-Track Automata
Verification of String Manipulating Programs Using Multi-Track Automata Fang Yu University of California, Santa Barbara yuf@cs.ucsb.edu Tevfik Bultan University of California, Santa Barbara bultan@cs.ucsb.edu
More information7 RC Simulates RA. Lemma: For every RA expression E(A 1... A k ) there exists a DRC formula F with F V (F ) = {A 1,..., A k } and
7 RC Simulates RA. We now show that DRC (and hence TRC) is at least as expressive as RA. That is, given an RA expression E that mentions at most C, there is an equivalent DRC expression E that mentions
More informationMechanizing Elliptic Curve Associativity
Mechanizing Elliptic Curve Associativity Why a Formalized Mathematics Challenge is Useful for Verification of Crypto ARM Machine Code Joe Hurd Computer Laboratory University of Cambridge Galois Connections
More informationGenetic Engineering and Creative Design
Genetic Engineering and Creative Design Background genes, genotype, phenotype, fitness Connecting genes to performance in fitness Emergent gene clusters evolved genes MIT Class 4.208 Spring 2002 Evolution
More informationFall 2003 BMI 226 / CS 426 LIMITED VALIDITY STRUCTURES
Notes III-1 LIMITED VALIDITY STRUCTURES Notes III-2 TRAVELING SALESPERSON PROBLEM (TSP) Given a (symmetric) matrix of distances between N cities Salesperson is to visit each city once and only once Goal
More informationCS145 Midterm Examination
S145 Midterm Examination Please read all instructions (including these) carefully. The exam is open book and open notes; any written materials may be used. There are four parts on the exam, with a varying
More informationConfiguring LDAP Authentication in iway Service Manager
Configuring LDAP Authentication in iway Service Manager LDAP authentication in iway Service Manager (ism) allows ism to authenticate against LDAP and associate an LDAP ism role to the user. ism includes
More informationGecco 2007 Tutorial / Grammatical Evolution
Gecco 2007 Grammatical Evolution Tutorial Conor Ryan Biocomputing and Developmental Systems Group Department of Computer Science and Information Systems University of Limerick Copyright is held by the
More informationGrade 9 District Formative Assessment-Extended Response. Name Teacher
Name Teacher /5 ER.DFA1.9.RST.04 Determine the meaning of symbols, key terms, and other domain-specific words and phrases as they are used in a specific scientific or technical context relevant to grades
More informationOn computer aided knowledge discovery in logic and related areas
Proceedings of the Conference on Mathematical Foundations of Informatics MFOI2016, July 25-29, 2016, Chisinau, Republic of Moldova On computer aided knowledge discovery in logic and related areas Andrei
More informationThe PITA System for Logical-Probabilistic Inference
The System for Logical-Probabilistic Inference Fabrizio Riguzzi 1 and Terrance Swift 2 1 EDIF University of Ferrara, Via Saragat 1, I-44122, Ferrara, Italy fabrizio.riguzzi@unife.it 2 CETRIA Universidade
More informationKoza s Algorithm. Choose a set of possible functions and terminals for the program.
Step 1 Koza s Algorithm Choose a set of possible functions and terminals for the program. You don t know ahead of time which functions and terminals will be needed. User needs to make intelligent choices
More informationAuthentication. Chapter Message Authentication
Chapter 5 Authentication 5.1 Message Authentication Suppose Bob receives a message addressed from Alice. How does Bob ensure that the message received is the same as the message sent by Alice? For example,
More informationTimo Latvala. March 7, 2004
Reactive Systems: Safety, Liveness, and Fairness Timo Latvala March 7, 2004 Reactive Systems: Safety, Liveness, and Fairness 14-1 Safety Safety properties are a very useful subclass of specifications.
More informationPatrol: Revealing Zero-day Attack Paths through Network-wide System Object Dependencies
Patrol: Revealing Zero-day Attack Paths through Network-wide System Object Dependencies Jun Dai, Xiaoyan Sun, and Peng Liu College of Information Sciences and Technology Pennsylvania State University,
More informationEvolutionary computation in high-energy physics
Evolutionary computation in high-energy physics Liliana Teodorescu Brunel University, United Kingdom Abstract Evolutionary computation is a branch of computer science with which, traditionally, high-energy
More informationIntegrating Induction and Deduction for Verification and Synthesis
Integrating Induction and Deduction for Verification and Synthesis Sanjit A. Seshia Associate Professor EECS Department UC Berkeley DATE 2013 Tutorial March 18, 2013 Bob s Vision: Exploit Synergies between
More informationDifferential Privacy and Verification. Marco Gaboardi University at Buffalo, SUNY
Differential Privacy and Verification Marco Gaboardi University at Buffalo, SUNY Given a program P, is it differentially private? P Verification Tool yes? no? Proof P Verification Tool yes? no? Given a
More informationOECD QSAR Toolbox v.3.2. Step-by-step example of how to build and evaluate a category based on mechanism of action with protein and DNA binding
OECD QSAR Toolbox v.3.2 Step-by-step example of how to build and evaluate a category based on mechanism of action with protein and DNA binding Outlook Background Objectives Specific Aims The exercise Workflow
More informationPropositional Reasoning
Propositional Reasoning CS 440 / ECE 448 Introduction to Artificial Intelligence Instructor: Eyal Amir Grad TAs: Wen Pu, Yonatan Bisk Undergrad TAs: Sam Johnson, Nikhil Johri Spring 2010 Intro to AI (CS
More informationUniversität Augsburg
Universität Augsburg Algebraic Separation Logic H.-H. Dang P. Höfner B. Möller Report 2010-06 July 2010 Institut für Informatik D-86135 Augsburg Copyright c H.-H. Dang P. Höfner B. Möller Institut für
More informationErly Marsh - a Model-Based Testing tool. Johan Blom, PhD
Erly Marsh - a Model-Based Testing tool Johan Blom, PhD 1 Motivation Mobile Arts Develops server software for mobile telecom operators (Location server, SMSC etc.) Implementations rather big and complicated
More informationAdvanced DB CHAPTER 5 DATALOG
Advanced DB CHAPTER 5 DATALOG Datalog Basic Structure Syntax of Datalog Rules Semantics of Nonrecursive Datalog Safety Relational Operations in Datalog Recursion in Datalog The Power of Recursion A More
More informationOn the Probabilistic Symbolic Analysis of Software. Corina Pasareanu CMU-SV NASA Ames
On the Probabilistic Symbolic Analysis of Software Corina Pasareanu CMU-SV NASA Ames Probabilistic Symbolic Execution Quantifies the likelihood of reaching a target event e.g., goal state or assert violation
More informationElite Galaxy Online. API Documentation v Elite Galaxy Online. All rights reserved
Elite Galaxy Online API Documentation v2.1 Contents 1. Version Control... 3 2. Overview of Elite Galaxy Online API... 4 3. Retrieving Data from Elite Galaxy Online... 5 3.1. Retrieving Star System Data...
More informationEfficient query evaluation
Efficient query evaluation Maria Luisa Sapino Set of values E.g. select * from EMPLOYEES where SALARY = 1500; Result of a query Sorted list E.g. select * from CAR-IMAGE where color = red ; 2 Queries as
More informationImproving Effectiveness of Automated Software Testing in the Absence of Specifications
Improving Effectiveness of Automated Software ing in the Absence of Specifications Tao Xie Department of Computer Science North Carolina State University, Raleigh http://www.csc.ncsu.edu/faculty/xie/ 2005
More informationProcesses of Evolution
15 Processes of Evolution Forces of Evolution Concept 15.4 Selection Can Be Stabilizing, Directional, or Disruptive Natural selection can act on quantitative traits in three ways: Stabilizing selection
More informationOutline Introduction Background Related Rl dw Works Proposed Approach Experiments and Results Conclusion
A Semantic Approach to Detecting Maritime Anomalous Situations ti José M Parente de Oliveira Paulo Augusto Elias Emilia Colonese Carrard Computer Science Department Aeronautics Institute of Technology,
More informationGeometric Semantic Genetic Programming (GSGP): theory-laden design of variation operators
Geometric Semantic Genetic Programming (GSGP): theory-laden design of variation operators Andrea Mambrini University of Birmingham, UK NICaiA Exchange Programme LaMDA group, Nanjing University, China 7th
More informationDetailed Chemical Kinetics in Multidimensional CFD Using Storage/Retrieval Algorithms
13 th International Multidimensional Engine Modeling User's Group Meeting, Detroit, MI (2 March 23) Detailed Chemical Kinetics in Multidimensional CFD Using Storage/Retrieval Algorithms D.C. Haworth, L.
More informationEvolutionary Algorithms
Evolutionary Algorithms a short introduction Giuseppe Narzisi Courant Institute of Mathematical Sciences New York University 31 January 2008 Outline 1 Evolution 2 Evolutionary Computation 3 Evolutionary
More informationOECD QSAR Toolbox v.3.4. Step-by-step example of how to build and evaluate a category based on mechanism of action with protein and DNA binding
OECD QSAR Toolbox v.3.4 Step-by-step example of how to build and evaluate a category based on mechanism of action with protein and DNA binding Outlook Background Objectives Specific Aims The exercise Workflow
More informationNon-linear Interpolant Generation and Its Application to Program Verification
Non-linear Interpolant Generation and Its Application to Program Verification Naijun Zhan State Key Laboratory of Computer Science, Institute of Software, CAS Joint work with Liyun Dai, Ting Gan, Bow-Yaw
More informationEvolutionary Computation: introduction
Evolutionary Computation: introduction Dirk Thierens Universiteit Utrecht The Netherlands Dirk Thierens (Universiteit Utrecht) EC Introduction 1 / 42 What? Evolutionary Computation Evolutionary Computation
More informationSequence Alignment: A General Overview. COMP Fall 2010 Luay Nakhleh, Rice University
Sequence Alignment: A General Overview COMP 571 - Fall 2010 Luay Nakhleh, Rice University Life through Evolution All living organisms are related to each other through evolution This means: any pair of
More informationOECD QSAR Toolbox v.3.3. Step-by-step example of how to build and evaluate a category based on mechanism of action with protein and DNA binding
OECD QSAR Toolbox v.3.3 Step-by-step example of how to build and evaluate a category based on mechanism of action with protein and DNA binding Outlook Background Objectives Specific Aims The exercise Workflow
More informationMinimization of Energy Loss using Integrated Evolutionary Approaches
Minimization of Energy Loss using Integrated Evolutionary Approaches Attia A. El-Fergany, Member, IEEE, Mahdi El-Arini, Senior Member, IEEE Paper Number: 1569614661 Presentation's Outline Aim of this work,
More informationINVARIANT SUBSETS OF THE SEARCH SPACE AND THE UNIVERSALITY OF A GENERALIZED GENETIC ALGORITHM
INVARIANT SUBSETS OF THE SEARCH SPACE AND THE UNIVERSALITY OF A GENERALIZED GENETIC ALGORITHM BORIS MITAVSKIY Abstract In this paper we shall give a mathematical description of a general evolutionary heuristic
More informationIt s about time... The only timeline tool you ll ever need!
It s about time... The only timeline tool you ll ever need! Introduction about me Jon Tomczak Senior Consultant Crypsis Game Dev turned Forensicator Past: Started TZWorks in 2006 Consultant at Mandiant
More informationProposal to Include a Grid Referencing System in S-100
1 st IHO-HSSC Meeting The Regent Hotel, Singapore, 22-24 October 2009 Paper for consideration by HSSC Proposal to Include a Grid Referencing System in S-100 Submitted by: Executive Summary: Related Documents:
More informationThe Science of Biology. Chapter 1
The Science of Biology Chapter 1 Properties of Life Living organisms: are composed of cells are complex and ordered respond to their environment can grow and reproduce obtain and use energy maintain internal
More informationMutation-based spreadsheet debugging
W I S S E N! T E C H N I K! L E I D E N S C H A F T Mutation-based spreadsheet debugging Birgit Hofer and Franz Wotawa, Institute for Software Technology, {bhofer,wotawa}@ist.tugraz.at!! www.tugraz.at
More informationIntroduction to Optimization
Introduction to Optimization Blackbox Optimization Marc Toussaint U Stuttgart Blackbox Optimization The term is not really well defined I use it to express that only f(x) can be evaluated f(x) or 2 f(x)
More informationKnowledge-based Agents. CS 331: Artificial Intelligence Propositional Logic I. Knowledge-based Agents. Outline. Knowledge-based Agents
Knowledge-based Agents CS 331: Artificial Intelligence Propositional Logic I Can represent knowledge And reason with this knowledge How is this different from the knowledge used by problem-specific agents?
More informationCS 331: Artificial Intelligence Propositional Logic I. Knowledge-based Agents
CS 331: Artificial Intelligence Propositional Logic I 1 Knowledge-based Agents Can represent knowledge And reason with this knowledge How is this different from the knowledge used by problem-specific agents?
More informationGenetic Algorithm: introduction
1 Genetic Algorithm: introduction 2 The Metaphor EVOLUTION Individual Fitness Environment PROBLEM SOLVING Candidate Solution Quality Problem 3 The Ingredients t reproduction t + 1 selection mutation recombination
More information7. Propositional Logic. Wolfram Burgard and Bernhard Nebel
Foundations of AI 7. Propositional Logic Rational Thinking, Logic, Resolution Wolfram Burgard and Bernhard Nebel Contents Agents that think rationally The wumpus world Propositional logic: syntax and semantics
More informationThe Expressivity of Universal Timed CCP: Undecidability of Monadic FLTL and Closure Operators for Security
The Expressivity of Universal Timed CCP: Undecidability of Monadic FLTL and Closure Operators for Security Carlos Olarte and Frank D. Valencia INRIA /CNRS and LIX, Ecole Polytechnique Motivation Concurrent
More informationSpatial Data Management of Bio Regional Assessments Phase 1 for Coal Seam Gas Challenges and Opportunities
Spatial Data Management of Bio Regional Assessments Phase 1 for Coal Seam Gas Challenges and Opportunities By Dr Zaffar Sadiq Mohamed-Ghouse Principal Consultant, Spatial & IT, GHD zaffar.sadiq@ghd.com
More informationQuery-based Learning of XPath Expressions
Query-based Learning of XPath Expressions Julien Carme, Michal Ceresna, and Max Goebel Database and Artificial Intelligence Group Vienna University of Technology Abstract. XML is data format for storing
More informationLocal Search & Optimization
Local Search & Optimization CE417: Introduction to Artificial Intelligence Sharif University of Technology Spring 2017 Soleymani Artificial Intelligence: A Modern Approach, 3 rd Edition, Chapter 4 Outline
More informationOECD QSAR Toolbox v.3.0
OECD QSAR Toolbox v.3.0 Step-by-step example of how to categorize an inventory by mechanistic behaviour of the chemicals which it consists Background Objectives Specific Aims Trend analysis The exercise
More informationOn Real-time Monitoring with Imprecise Timestamps
On Real-time Monitoring with Imprecise Timestamps David Basin 1, Felix Klaedtke 2, Srdjan Marinovic 1, and Eugen Zălinescu 1 1 Institute of Information Security, ETH Zurich, Switzerland 2 NEC Europe Ltd.,
More informationOECD QSAR Toolbox v.3.3. Step-by-step example of how to categorize an inventory by mechanistic behaviour of the chemicals which it consists
OECD QSAR Toolbox v.3.3 Step-by-step example of how to categorize an inventory by mechanistic behaviour of the chemicals which it consists Background Objectives Specific Aims Trend analysis The exercise
More informationAthena Visual Software, Inc. 1
Athena Visual Studio Visual Kinetics Tutorial VisualKinetics is an integrated tool within the Athena Visual Studio software environment, which allows scientists and engineers to simulate the dynamic behavior
More informationLOCAL SEARCH. Today. Reading AIMA Chapter , Goals Local search algorithms. Introduce adversarial search 1/31/14
LOCAL SEARCH Today Reading AIMA Chapter 4.1-4.2, 5.1-5.2 Goals Local search algorithms n hill-climbing search n simulated annealing n local beam search n genetic algorithms n gradient descent and Newton-Rhapson
More informationCausality in Concurrent Systems
Causality in Concurrent Systems F. Russo Vrije Universiteit Brussel Belgium S.Crafa Università di Padova Italy HaPoC 31 October 2013, Paris Causality in Concurrent Systems software, hardware or even physical
More informationGeometric Semantic Genetic Programming (GSGP): theory-laden design of semantic mutation operators
Geometric Semantic Genetic Programming (GSGP): theory-laden design of semantic mutation operators Andrea Mambrini 1 University of Birmingham, Birmingham UK 6th June 2013 1 / 33 Andrea Mambrini GSGP: theory-laden
More informationModel Checking in the Propositional µ-calculus
Model Checking in the Propositional µ-calculus Ka I Violet Pun INF 9140 - Specification and Verification of Parallel Systems 13 th May, 2011 Overview Model Checking is a useful means to automatically ascertain
More information