Towards Practical Binary Code Similarity Detection: Vulnerability Verification via Patch Semantic Analysis
نویسندگان
چکیده
Vulnerability is a major threat to software security. It has been proven that binary code similarity detection approaches are efficient search for recurring vulnerabilities introduced by sharing in software. However, these suffer from high false-positive rates since they usually take the patched functions as vulnerable, and do not work well when binaries compiled with different compilation settings. To this end, we propose an approach, named Robin , confirm filtering out functions. powered lightweight symbolic execution solve set of function inputs can lead vulnerability-related code. then executes target same capture vulnerable or behaviors filtration. Experimental results show achieves accuracy patch across compilers compiler optimization levels respectively on 287 real-world 10 Based accurate detection, significantly reduces rate state-of-the-art vulnerability tools (by 94.3% average), making them more practical. additionally detects 12 new potentially
منابع مشابه
Towards Optimal Binary Code Learning via Ordinal Embedding
Binary code learning, a.k.a., hashing, has been recently popular due to its high efficiency in large-scale similarity search and recognition. It typically maps high-dimensional data points to binary codes, where data similarity can be efficiently computed via rapid Hamming distance. Most existing unsupervised hashing schemes pursue binary codes by reducing the quantization error from an origina...
متن کاملTowards Energy Consumption Verification via Static Analysis
In this paper we leverage an existing general framework for resource usage verification and specialize it for verifying energy consumption specifications of embedded programs. Such specifications can include both lower and upper bounds on energy usage, and they can express intervals within which energy usage is to be certified to be within such bounds. The bounds of the intervals can be given i...
متن کاملShot boundary detection via similarity analysis
In this paper, we present a framework for analyzing video using selfsimilarity. Video scenes are located by analyzing inter-frame similarity matrices. The approach is flexible to the choice of both feature parametrization and similarity measure and it is robust because the data is used to model itself. We present the approach and its application to shot boundary detection.
متن کاملTowards Verification via Supercompilation
Supercompilation, or Supervised Compilation is a technique for program specialization, optimization and, more generally, program transformation. We present an idea to use supercompilation for verification of parameterized programs and protocols, present a case study and report on our initial experiments. 1 Supercompilation and Verification Verification of infinite-state or parameterized systems...
متن کاملBinary code-based Human Detection
HOG features are effective for object detection, but their focus on local regions makes them highdimensional features. To reduce the memory required for the HOG features, this paper proposes a new feature, R-HOG, which creates binary codes from the HOG features extracted from two local regions. This approach enables the created binary codes to reflect the relationships between local regions. Co...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: ACM Transactions on Software Engineering and Methodology
سال: 2023
ISSN: ['1049-331X', '1557-7392']
DOI: https://doi.org/10.1145/3604608