SCVD: A New Semantics-Based Approach for Cloned Vulnerable Code Detection

Zou, Deqing; Qi, Hanchao; Li, Zhen; Wu, Song; Jin, Hai; Sun, Guangchun; Wang, Sujuan; Zhong, Yuyi

doi:10.1007/978-3-319-60876-1_15

Cited by 7 publications

(8 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the Debian system alone, researchers [3] have found 145 cloned 1-day vulnerabilities. Over the last few years, various automatical 1-day vulnerability detection tools for binaries have been proposed [3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18] to protect users who fail to adopt 1-day vulnerability patches in time.…”

Section: Introductionmentioning

confidence: 99%

P1OVD: Patch-Based 1-Day Out-of-Bounds Vulnerabilities Detection Tool for Downstream Binaries

Zhu

et al. 2022

Electronics

View full text Add to dashboard Cite

In the past decades, due to the popularity of cloning open-source software, 1-day vulnerabilities are prevalent among cyber-physical devices. Detection tools for 1-day vulnerabilities effectively protect users who fail to adopt 1-day vulnerability patches in time. However, manufacturers can non-standardly build the binaries from customized source codes to multiple architectures. The code variants in the downstream binaries decrease the accuracy of 1-day vulnerability detections, especially when signatures of out-of-bounds vulnerabilities contain incomplete information of vulnerabilities and patches. Motivated by the above observations, in this paper, we propose P1OVD, an effective patch-based 1-day out-of-bounds vulnerability detection tool for downstream binaries. P1OVD first generates signatures containing patch information and vulnerability root cause information. Then, P1OVD uses an accurate and robust matching algorithm to scan target binaries. We have evaluated P1OVD on 104 different versions of 30 out-of-bounds vulnerable functions and 620 target binaries in six different compilation environments. The results show that P1OVD achieved an accuracy of 83.06%. Compared to the widely used patch-level vulnerability detection tool ReDeBug, P1OVD ignores 4.07 unnecessary lines on average. The experiments on the x86_64 platform and the O0 optimization show that P1OVD increases the accuracy of the state-of-the-art tool, BinXray, by 8.74%. Besides, it can analyze a single binary in 4 s after a 20-s offline signature extraction on average.

show abstract

Section: Introductionmentioning

confidence: 99%

P1OVD: Patch-Based 1-Day Out-of-Bounds Vulnerabilities Detection Tool for Downstream Binaries

Zhu

et al. 2022

Electronics

View full text Add to dashboard Cite

show abstract

“…These approaches [110,175,[184][185][186] share the same goal with ours. However, as they build vulnerability signature either broadly (e.g., from a whole function)…”

Section: Related Workmentioning

confidence: 81%

“…Then, it uses sub-graph isomorphism matching to discover potentially buggy code. Zou et al [186] proposed SCVD to detect vulnerable code clones. It generates a program feature tree.…”

Section: Related Workmentioning

confidence: 99%

“…Existing Approaches. A general idea to detect recurring vulnerabilities is to match the source code of a target system with known vulnerabilities; and various approaches have been proposed (e.g., [110,175,178,180,[183][184][185][186][187][188]). Existing approaches can be classified into clone-based and function matching-based approaches.…”

Section: Introductionmentioning

confidence: 99%

“…Clone-based approaches (e.g., [110,175,[184][185][186]) consider the recurring vulnerability detection problem as a code clone detection problem; i.e., they extract tokenor syntax-level signature from a known vulnerability, and identify code clones to the signature as potentially vulnerable. Function matching-based approaches (e.g., [187,188]) directly use vulnerable functions in a known vulnerability as the signature and detect code clones to those vulnerable functions.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Semantic driven vulnerability detection and patch analysis

Xu¹

View full text Add to dashboard Cite

First, I would like to express my very great appreciation to my Ph.D. supervisor Prof. Liu Yang. He has been always supportive to all my researches and gave me valuable suggestions on all my projects. He is passionate about researches. He always tries to find time to synchronize the project progress with me, despite that he has many other projects and teams to be supervised. We often stay up late to discusses research ideas and methodologies. I am appreciated that he can sacrifice his after-work time to join the meetings. I have learned a lot from Prof. Liu Yang, not only the way to do researches but also the positive attitude towards work and life.Second, I would like to offer my great appreciation to Prof. Chen Bihuan, Prof.Meng Guozhu and Prof. Xue Yingxing. They co-worked with me to publish several papers. They provides help when I first start my Ph.D. journey. I learned from them gradually to become a independent research, who can lead a research project. I would like to thank Dr. Xie Xiaofei, Prof. Wang Zhi and Prof. Song Fu for their help in my researches.

show abstract