Keynote: Algorithms and Metaphors for Graph Visualization, Stephen Kobourov

Abstract. Relational data sets are often visualized with graphs: objects become the graph vertices and relations become the graph edges. Graph drawing algorithms aim to present such data in an effective and aesthetically appealing way. Map representations, provide a way to visualize relational data with the help of conceptual maps as a data representation metaphor. While graphs often require considerable effort to comprehend, a map representation is more intuitive, as most people are familiar with maps and standard map interactions via zooming and panning. The graph-to-map (GMap) algorithmic framework will be discussed, including applications, as well as experimental results on the effectiveness of the approach.

Bio. Stephen Kobourov is a Professor of Computer Science at the University of Arizona. He completed BS degrees in Mathematics and Computer Science at Dartmouth College in 1995, and a PhD in Computer Science at Johns Hopkins University in 2000. He has worked as a Research Scientist at AT&T Research Labs, as Hulmboldt Fellow at the University of Tübingen in Germany, and as a Distinguished Fulbright Chair at Charles University in Prague.



Shared Keynote with SCAM: Automating Variant Analysis at Scale, Oege de Moor

Abstract. When a security incident happens, security teams identify the root cause and if it is in the code, they suggest a fix to the product team. In addition, they look for other instances of the same coding mistake, not just in the same code base, but throughout a software portfolio - this process is called "variant analysis". Variant analysis is a search problem, but today it is often performed manually with simple tools like grep. I'll discuss our experience creating a query engine for code that enables security experts to quickly perform deep, accurate analysis, in the form of concise queries that can be easily modified and shared. The technology is currently run on over 135,000 open source projects on LGTM.com. I'll present some concrete examples of vulnerabilities that were discovered this way. There are interesting challenges in visualising the results of such deep analyses on huge code bases, and even more so when they're run at scale across 10s of thousands of repositories.

Bio. Oege de Moor is the CEO and Founder of Semmle. Semmle's mission is to secure software, together: security researchers, developers and the community. From 1994 to 2014, Oege was a professor of computer science at the University of Oxford, where he did research in programming languages and tools. Semmle's products are used by Microsoft, Google, NASA, Uber, NASDAQ, Credit Suisse, Dell, and many other leading software organisations. It has offices in Oxford, Copenhagen, Valencia, New York, San Francisco and Seattle. The technology at Semmle is a fun combination of deep theory (if you like lattice theory, you'll like our engine), good engineering (making it work on some of the largest code bases on the planet) and cool applications (like the 0-days we report in open source). Semmle is always on the look-out for new team members.