PS3: Precise patch presence test based on semantic symbolic signature
During software development, vulnerabilities have posed a significant threat to users. Patches are the most effective way to combat vulnerabilities. In a large-scale software system, testing the presence of a security patch in every affected binary is crucial to ensure system security. Identifying w...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2024
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/9251 https://ink.library.smu.edu.sg/context/sis_research/article/10251/viewcontent/icse2024ps3.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-10251 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-102512024-09-02T06:39:50Z PS3: Precise patch presence test based on semantic symbolic signature ZHAN, Qi HU, Xing LI, Zhiyang XIA, Xin LO, David LI, Shanping During software development, vulnerabilities have posed a significant threat to users. Patches are the most effective way to combat vulnerabilities. In a large-scale software system, testing the presence of a security patch in every affected binary is crucial to ensure system security. Identifying whether a binary has been patched for a known vulnerability is challenging, as there may only be small differences between patched and vulnerable versions. Existing approaches mainly focus on detecting patches that are compiled in the same compiler options. However, it is common for developers to compile programs with very different compiler options in different situations, which causes inaccuracy for existing methods. In this paper, we propose a new approach named PS3, referring to precise patch presence test based on semantic-level symbolic signature. PS3 exploits symbolic emulation to extract signatures that are stable under different compiler options. Then PS3 can precisely test the presence of the patch by comparing the signatures between the reference and the target at semantic level.To evaluate the effectiveness of our approach, we constructed a dataset consisting of 3,631 (CVE, binary) pairs of 62 recent CVEs in four C/C++ projects. The experimental results show that PS3 achieves scores of 0.82, 0.97, and 0.89 in terms of precision, recall, and F1 score, respectively. PS3 outperforms the state-of-the-art baselines by improving 33% in terms of F1 score and remains stable in different compiler options. 2024-04-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/9251 info:doi/10.1145/3597503.3639134 https://ink.library.smu.edu.sg/context/sis_research/article/10251/viewcontent/icse2024ps3.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Patch presence test Binary analysis Software security Software Engineering |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Patch presence test Binary analysis Software security Software Engineering |
| spellingShingle |
Patch presence test Binary analysis Software security Software Engineering ZHAN, Qi HU, Xing LI, Zhiyang XIA, Xin LO, David LI, Shanping PS3: Precise patch presence test based on semantic symbolic signature |
| description |
During software development, vulnerabilities have posed a significant threat to users. Patches are the most effective way to combat vulnerabilities. In a large-scale software system, testing the presence of a security patch in every affected binary is crucial to ensure system security. Identifying whether a binary has been patched for a known vulnerability is challenging, as there may only be small differences between patched and vulnerable versions. Existing approaches mainly focus on detecting patches that are compiled in the same compiler options. However, it is common for developers to compile programs with very different compiler options in different situations, which causes inaccuracy for existing methods. In this paper, we propose a new approach named PS3, referring to precise patch presence test based on semantic-level symbolic signature. PS3 exploits symbolic emulation to extract signatures that are stable under different compiler options. Then PS3 can precisely test the presence of the patch by comparing the signatures between the reference and the target at semantic level.To evaluate the effectiveness of our approach, we constructed a dataset consisting of 3,631 (CVE, binary) pairs of 62 recent CVEs in four C/C++ projects. The experimental results show that PS3 achieves scores of 0.82, 0.97, and 0.89 in terms of precision, recall, and F1 score, respectively. PS3 outperforms the state-of-the-art baselines by improving 33% in terms of F1 score and remains stable in different compiler options. |
| format |
text |
| author |
ZHAN, Qi HU, Xing LI, Zhiyang XIA, Xin LO, David LI, Shanping |
| author_facet |
ZHAN, Qi HU, Xing LI, Zhiyang XIA, Xin LO, David LI, Shanping |
| author_sort |
ZHAN, Qi |
| title |
PS3: Precise patch presence test based on semantic symbolic signature |
| title_short |
PS3: Precise patch presence test based on semantic symbolic signature |
| title_full |
PS3: Precise patch presence test based on semantic symbolic signature |
| title_fullStr |
PS3: Precise patch presence test based on semantic symbolic signature |
| title_full_unstemmed |
PS3: Precise patch presence test based on semantic symbolic signature |
| title_sort |
ps3: precise patch presence test based on semantic symbolic signature |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2024 |
| url |
https://ink.library.smu.edu.sg/sis_research/9251 https://ink.library.smu.edu.sg/context/sis_research/article/10251/viewcontent/icse2024ps3.pdf |
| _version_ |
1814047845037113344 |