List of videos

"Docker and Python: making them play nicely and securely for Data Science and ML EuroPython 2020 - Talk - 2020-07-23 - Parrot Data Science Online By Tania Allard Docker has become a standard tool for developers around the world to deploy applications in a reproducible and robust manner. The existence of Docker and Docker compose have reduced the time needed to set up new software and implementing complex technology stacks for our applications. Now, six years after the initial release of Docker, we can say with confidence that containers and containers orchestration have become some of the defaults in the current technology stacks. There are thousands of tutorials and getting started documents for those wanting to adopt Docker for apps deployment. However, if you are a Data Scientist, a researcher or someone working on scientific computing wanting to adopt Docker, the story is quite different. There are very few tutorials (in comparison to app/web) and documents focused on Docker best practices for DS and scientific computing. If you are working on DS, ML or scientific computing, this talk is for you. We'll cover best practices when building Docker containers for data-intensive applications, from optimising your image build, to ensuring your containers are secure and efficient deployment workflows. We will talk about the most common problems faced while using Docker with data intensive applications and how you can overcome most of them. Finally I'll give some practical and useful tips for you to improve your Docker workflows and practises. Attendees will leave the talk feeling confident about adopting Docker across a range of DS, ML and research projects. Who and Why (audience) This talk is designed for folks working in data-intensive environments (i.e. Machine Learning, Data Science, research and scientific computing) and that are either using Docker or want to learn more about how to use Docker in these environments. Attendees will leave the talk feeling confident about adopting Docker in their workflows as well as have acquired several best practices and guidelines to do this robustly. Introduction (5 minutes) About me When is Docker the right choice? Docker for all Python users: introduction to Docker in Machine Learning (ML), Data Science (DS) and research contexts The usual culprits Optimising for data-oriented application (10 minutes) Creating a data-oriented Docker image - how is this different from an app/web image? Choosing the right base image - set yourself for success Dependencies, volumes and code best practices Security and performance (10 minutes) Finding vulnerabilities in your images Image consistency and reproducibility Optimising image building - cache and image size considerations Do not reinvent the wheel - automate! (10 minutes) Consider tools to assist with Dockerfile generation - e.g. repo2docker, dokta Creating templates for projects Automating image build and publishing - e.g. GitHub actions Automated deployment strategies - going from local to deploying your containerised application Conclusions (5 minutes) Top 10 best practices when working with Docker and Python for DS/ML and research Additional resources Thanks and getting in touch License: This video is licensed under the CC BY-NC-SA 3.0 license: https://creativecommons.org/licenses/by-nc-sa/3.0/ Please see our speaker release agreement for details: https://ep2020.europython.eu/events/speaker-release-agreement/ "

"So, You Want to Build an Anti-Virus Engine? EuroPython 2020 - Talk - 2020-07-23 - Ni Online By JunWei Song, KunYu Chen https://github.com/quark-engine/quark-engine Android malware analysis engine is not a new story. Every antivirus company has their own secrets to build it. With python and curiosity, we develop a malware scoring system from the perspective of Taiwan Criminal Law in an easy but solid way. We have an order theory of criminal which explains stages of committing a crime. For example, crime of murder consists of five stages, they are determined, conspiracy, preparation, start and practice. The latter the stage the more we’re sure that the crime is practiced. According to the above principle, we developed our order theory of android malware. We develop five stages to see if the malicious activity is being practiced. They are ol Permission requested. Native API call. Certain combination of native API. Calling sequence of native API. APIs that handle the same register. /ol We not only define malicious activities and their stages but also develop weights and thresholds for calculating the threat level of a malware. Malware evolved with new techniques to gain difficulties for reverse engineering. Obfuscation is one of the most commonly used techniques. In this talk, we present a Dalvik bytecode loader with the order theory of android malware to neglect certain cases of obfuscation. Inspired by the design principles of the CPython interpreter, our Dalvik bytecode loader consists of functionalities such as 1. Finding cross-reference and calling sequence of the native API. 2. Tracing the bytecode register. The combination of these functionalities (yes, the order theory) not only can neglect obfuscation but also match perfectly to the design of our malware scoring system. Further, we will also show a case study of Android malware and demonstrate how the obfuscation technique is useless to our engine. Last but not least, we will be open-sourcing everything (Malware Scoring System, Dalvik Bytecode Loader) during our presentation. Audience 1. Who is this talk for? - Anyone who's interested in cyber security or anyone that wants to know how to build an anti-virus engine with Python. ol What background knowledge or experience do you expect the audience to have? A little of Android application development and malware analysis. What do you expect the audience to learn or do after watching the talk? The Dalvik bytecode loader is written as a python module, the audiences can use this module to boost up their malware analysis. The malware scoring system can be applied not only to Android malware but also can be applied for PE files or ELF files in other OS. The audience can copy our ideas to extend their work. Everything’s open-sourced. /ol Outline ol Introduction of Malware Scoring System. First, we will detail how we decode Criminal Law to simple principles. For example, principles to define crime, penalty and the order theory of criminal, etc. And then we will detail how do we develop the order theory of android malware and other developed theories that construct the malware scoring. Design Logic of the Dalvik Bytecode Loader. Once the malware scoring system were built, this will discuss the design logic of our Dalvik bytecode loader which includes our obfuscation-neglect module and bytecode register tracing module. We will also detail why the order theory of android malware succeeds at neglecting the obfuscation. Quark Engine Practice - Case Study of Android Malware Next, we will practice our engine and case study through an android malware. Moreover, we will also demonstrate our obfuscation-neglect technique against obfuscation malware. Future works Here, we will discuss the limitations of our engine. For example, the challenge of our Dalvik bytecode loader. Also, we will share our plans of implementing more detection techniques conquering the escape detection of malware. /ol License: This video is licensed under the CC BY-NC-SA 3.0 license: https://creativecommons.org/licenses/by-nc-sa/3.0/ Please see our speaker release agreement for details: https://ep2020.europython.eu/events/speaker-release-agreement/ "

"Object Internals EuroPython 2020 - Talk - 2020-07-24 - Brian Online By Mridu Bhatnagar This talk is intended to explain to participants what is happening under the hood when they are playing around with different python built-in data structures. Explain the concepts such that they are not surprised by the behavior of Python. Pre-requisites: Anyone who knows built-in python data structures like List, Dictionaries, set, etc. Curiosity questions that the talk answers: 1. What happens to the memory address when * operator is used? 2. When does python create a new object in memory? 3. What does it refer to the mutability and immutability of objects in Python? 4. If the outer object is immutable but the reference objects are mutable. Can the elements be added? 5. What is the difference at the memory level when we refer to deep copy and shallow copy in lists? 6. Operations like List.sort and sorted in python? What to use, when to use? What happens at the memory level? 7. What is the difference between is vs ==? When should it be used? 8. Lots and lots of interesting examples. 9. How do we determine the memory reference id associated with the object? 10. Meaning of assigning a value to a variable in Python. The existing slides use screenshots. But, I'll be including more interesting examples and would replace the screenshots with GIFs. So, that folks get a feeling of live coding and remain interested in the presentation. Along with the visual representation of what is happening at the memory level. License: This video is licensed under the CC BY-NC-SA 3.0 license: https://creativecommons.org/licenses/by-nc-sa/3.0/ Please see our speaker release agreement for details: https://ep2020.europython.eu/events/speaker-release-agreement/ "

"Deceptive Security using Python EuroPython 2020 - Talk - 2020-07-24 - Ni Online By Gajendra Deshpande Imagine you are passing through an unknown street at midnight and you find that some anti-social elements are following you. To save yourself from them you start running and look for a safe place to hide. On the way, you will find a good person and requests him to help you. He hides you in his place to protect you. When these anti-social elements visit a good person’s place and enquire about you, the good person misguides them and redirects them to some other place in order to protect you. This is exactly how deception works. In this analogy, YOU are the resources to be protected, anti-social elements are the hackers who want to gain access to the resources, and a good person is a deception technique that protects the resources from hackers by making them fall in the trap. The talk begins with an introduction to deception technology, deception types, and methods, a deceptive security life cycle. In this talk, we will demonstrate the following deception tools implemented using python language: • WebTrap (https://github.com/IllusiveNetworks-Labs/WebTrap): is designed to create deceptive webpages to deceive and redirect attackers away from real websites. The deceptive webpages are generated by cloning real websites, specifically their login pages. • DemonHunter (https://github.com/RevengeComing/DemonHunter): is a distributed low interaction honeypot with Agent/Master design Finally, we will conclude the talk with how built a deception tool and demonstrate its working. How we implemented a deception tool in python using machine learning: We designed a deception tool in python language using PyBRAIN package to model and mitigate XPath injection attacks for web services. It is known that XML can be used to store the data and this data can be queried using XPath query language. XPath is a query language, it has injection issues similar to SQL. To handle this issue, we proposed a solution, which uses a count-based validation technique and Long Short-Term Memory (LSTM) modular neural networks to identify and classify atypical behavior in user input. Once the atypical user input is identified, the attacker is redirected to fake resources to protect the critical data. Our experiment resulted in over 90% accuracy in the classification of input vectors. Outline 1. Introduction to deception, Deception types, Deception technology applicable methods and Deception Life cycle(08 Minutes) 2. Demonstration of WebTrap deception tool(04 Minutes) 3. Demonstration of DemonHunter deception tool(04 Minutes) 4. Discussion of our deception tool and demonstration(06 Minutes) 5. Conclusion and Questions(03 Minutes) Audience No experience level of Python is needed. In general, anyone can attend this talk and learn about applying deception techniques and machine learning to application security. License: This video is licensed under the CC BY-NC-SA 3.0 license: https://creativecommons.org/licenses/by-nc-sa/3.0/ Please see our speaker release agreement for details: https://ep2020.europython.eu/events/speaker-release-agreement/ "

"Live-coding a music synthesizer EuroPython 2020 - Talk - 2020-07-24 - Ni Online By Ram Rachum This is going to be a fun live-coding session using NumPy and SoundDevice. The goal of this talk is to make the computer produce realistic-sounding instrument sounds, using nothing but math. All the code will be written live and we'll hear the audio that it produces. We’ll start with creating a simple sound using a sine wave. We’ll gradually make it sound more like a real instrument, learning a little bit about music theory on the way. We’ll add features one-by-one until by the end of the talk, we’ll hear our synthesizer play a piece of classical music. License: This video is licensed under the CC BY-NC-SA 3.0 license: https://creativecommons.org/licenses/by-nc-sa/3.0/ Please see our speaker release agreement for details: https://ep2020.europython.eu/events/speaker-release-agreement/ "

"Resurrecting a django project in python 2.7 for 3.8 EuroPython 2020 - Poster session - 2020-07-24 - Poster 2 Online By Griffith S Rees Goals: Describe the process I went though to return to and finish the code I wrote for my PhD modelling the geographic growth and decline of a Bulletin Board Systems (BBS) community called FidoNet. I had to leave the project for 2 major surgeries and finally returned to finish, validate the results and present a paper at the Sunbelt conference in Paris. License: This video is licensed under the CC BY-NC-SA 3.0 license: https://creativecommons.org/licenses/by-nc-sa/3.0/ Please see our speaker release agreement for details: https://ep2020.europython.eu/events/speaker-release-agreement/ "

"Simulation of logistic systems in Python with salabim EuroPython 2020 - Poster session - 2020-07-24 - Poster 2 Online By Ruud van der Ham Discrete event simulation is a very powerful technique in many fields, like transport, warehousing, hospitals, manufacturing and logistics. There are several commercial packages that provide high end GUIs to design a system and to animate the operations. These packages are neary always close source and are very expensive (think USD 10-20 K per user). Often implementing complex algorithms is cumbersome. On the other end of the spectrum are open source packages that use existing program languages. Python is particularly interesting because of the vast number of (scientific) packages, like machine learning, statistics and databases. In te Python landscape there is SimPy, that is rather limited in functionality. In this poster I will present my discrete even simulation package called salabim. Salabim uses coroutines via generators and makes it very easy to model complex systems. The package offers advanced real time (2D) animation, monitoring and statistical sampling. I will show some applications and how a simple model is built up. Ruud van der Ham, core developer salabim License: This video is licensed under the CC BY-NC-SA 3.0 license: https://creativecommons.org/licenses/by-nc-sa/3.0/ Please see our speaker release agreement for details: https://ep2020.europython.eu/events/speaker-release-agreement/ "

"Reduce hardware costs in Internet of Things using Python EuroPython 2020 - Poster session - 2020-07-24 - Poster 2 Online By Vijay Sajjanar I guide students in developing systems which are real world and need less hardware. This is possible in 2 steps. One,reduce collecting data which is already available online. Two, compute on cloud instead on the hardware. Cloud computing and Web services have opened a plethora of ways which were science fiction for electronics academia. Python packages such as requests, beautifulsoup and pyserial automate electronics at the grassroot level pushing all complexities to the cloud. This talk is about how I motivate students to use python for tasks which otherwise would require complex setup and costly hardware. I will present case studies of accessing websites (ethically per se!) of Indian Meteorological Department and Indian Railways for Internet of Things. Ready to return to a classroom session? Login for More!! License: This video is licensed under the CC BY-NC-SA 3.0 license: https://creativecommons.org/licenses/by-nc-sa/3.0/ Please see our speaker release agreement for details: https://ep2020.europython.eu/events/speaker-release-agreement/ "

"Writing Extensions and Bindings for GPU made Easy EuroPython 2020 - Poster session - 2020-07-24 - Poster 1 Online By Krishna Kanta Singh As Deep Learning Engineer and Researcher we are always trying to optimize some bottleneck computation in our programs. Sometimes we are faced with situations when scientific libraries like NumPy, SciPy aren't just cutting it or worse there are no libraries that implement the esoteric function on our expensive GPU hardware. *Writing Custom C and Cuda Extension becomes an important skill and necessity for applications that require really fast computation. * In this talk, we go through a detailed example of image search on billions of items, we write custom C and Cuda kernel for distance computation and learn how to connect them seamlessly with our python codebase. We compare methods for writing these extensions and bindings for python in terms of both speed and ease of use. Finally, we make it all work together by hacking the setup.py file for easy deployment and sharing of the License: This video is licensed under the CC BY-NC-SA 3.0 license: https://creativecommons.org/licenses/by-nc-sa/3.0/ Please see our speaker release agreement for details: https://ep2020.europython.eu/events/speaker-release-agreement/ "