PS$^3$: Precise Patch Presence Test based on Semantic Symbolic Signature

• URL: http://arxiv.org/abs/2312.03393v4
• Date: Fri, 12 Jan 2024 05:18:22 GMT
• Title: PS$^3$: Precise Patch Presence Test based on Semantic Symbolic Signature
• Authors: Qi Zhan, Xing Hu, Zhiyang Li, Xin Xia, David Lo, and Shanping Li
• Abstract summary: Existing approaches mainly focus on detecting patches that are compiled in the same compiler options. PS3 exploits symbolic emulation to extract signatures that are stable under different compiler options. PS3 achieves scores of 0.82, 0.97, and 0.89 in terms of precision, recall, and F1 score.
• Score: 13.9637348151437
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: During software development, vulnerabilities have posed a significant threat to users. Patches are the most effective way to combat vulnerabilities. In a large-scale software system, testing the presence of a security patch in every affected binary is crucial to ensure system security. Identifying whether a binary has been patched for a known vulnerability is challenging, as there may only be small differences between patched and vulnerable versions. Existing approaches mainly focus on detecting patches that are compiled in the same compiler options. However, it is common for developers to compile programs with very different compiler options in different situations, which causes inaccuracy for existing methods. In this paper, we propose a new approach named PS3, referring to precise patch presence test based on semantic-level symbolic signature. PS3 exploits symbolic emulation to extract signatures that are stable under different compiler options. Then PS3 can precisely test the presence of the patch by comparing the signatures between the reference and the target at semantic level. To evaluate the effectiveness of our approach, we constructed a dataset consisting of 3,631 (CVE, binary) pairs of 62 recent CVEs in four C/C++ projects. The experimental results show that PS3 achieves scores of 0.82, 0.97, and 0.89 in terms of precision, recall, and F1 score, respectively. PS3 outperforms the state-of-the-art baselines by improving 33% in terms of F1 score and remains stable in different compiler options.

Related papers

• PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open-Source Software [15.867607171943698]
  We propose a two-phase framework with end-to-end correlation learning for better-tracing security patches. PatchFinder achieves a Recall@10 of 80.63% and a Mean Reciprocal Rank (MRR) of 0.7951. When applying PatchFinder in practice, we initially identified 533 patch commits and submitted them to the official, 482 of which have been confirmed by CVE Numbering Authorities.
  arXiv  Detail & Related papers  (2024-07-24T07:46:24Z)
• JailbreakBench: An Open Robustness Benchmark for Jailbreaking Large Language Models [123.66104233291065]
  Jailbreak attacks cause large language models (LLMs) to generate harmful, unethical, or otherwise objectionable content. evaluating these attacks presents a number of challenges, which the current collection of benchmarks and evaluation techniques do not adequately address. JailbreakBench is an open-sourced benchmark with the following components.
  arXiv  Detail & Related papers  (2024-03-28T02:44:02Z)
• FoC: Figure out the Cryptographic Functions in Stripped Binaries with LLMs [54.27040631527217]
  We propose a novel framework called FoC to Figure out the Cryptographic functions in stripped binaries. FoC-BinLLM outperforms ChatGPT by 14.61% on the ROUGE-L score. FoC-Sim outperforms the previous best methods with a 52% higher Recall@1.
  arXiv  Detail & Related papers  (2024-03-27T09:45:33Z)
• Game Rewards Vulnerabilities: Software Vulnerability Detection with Zero-Sum Game and Prototype Learning [17.787508315322906]
  We propose a software vulneRability dEteCtion framework with zerO-sum game and prototype learNing, named RECON. We show that RECON outperforms the state-of-the-art baseline by 6.29% in F1 score.
  arXiv  Detail & Related papers  (2024-01-16T05:50:42Z)
• PPT4J: Patch Presence Test for Java Binaries [15.297767260561491]
  The number of vulnerabilities reported in open source software has increased substantially in recent years. The ability to test whether a patch is applied to the target binary, a.k.a. patch presence test, is crucial for practitioners. We propose a new patch presence test framework named PPT4J ($textbfP$atch $textbfP$resence $textbfT$est $textbffor$ $textbfJ$ava Binaries).
  arXiv  Detail & Related papers  (2023-12-18T08:28:13Z)
• BinGo: Identifying Security Patches in Binary Code with Graph Representation Learning [19.22004583230725]
  We propose BinGo, a new security patch detection system for binary code. BinGo consists of four phases, namely, patch data pre-processing, graph extraction, embedding generation, and graph representation learning. Our experimental results show BinGo can achieve up to 80.77% accuracy in identifying security patches between two neighboring versions of binary code.
  arXiv  Detail & Related papers  (2023-12-13T06:35:39Z)
• Segment and Complete: Defending Object Detectors against Adversarial Patch Attacks with Robust Patch Detection [142.24869736769432]
  Adversarial patch attacks pose a serious threat to state-of-the-art object detectors. We propose Segment and Complete defense (SAC), a framework for defending object detectors against patch attacks. We show SAC can significantly reduce the targeted attack success rate of physical patch attacks.
  arXiv  Detail & Related papers  (2021-12-08T19:18:48Z)
• PatchCensor: Patch Robustness Certification for Transformers via Exhaustive Testing [7.88628640954152]
  Vision Transformer (ViT) is known to be highly nonlinear like other classical neural networks and could be easily fooled by both natural and adversarial patch perturbations. This limitation could pose a threat to the deployment of ViT in the real industrial environment, especially in safety-critical scenarios. We propose PatchCensor, aiming to certify the patch robustness of ViT by applying exhaustive testing.
  arXiv  Detail & Related papers  (2021-11-19T23:45:23Z)
• DPT: Deformable Patch-based Transformer for Visual Recognition [57.548916081146814]
  We propose a new Deformable Patch (DePatch) module which learns to adaptively split the images into patches with different positions and scales in a data-driven way. The DePatch module can work as a plug-and-play module, which can easily be incorporated into different transformers to achieve an end-to-end training.
  arXiv  Detail & Related papers  (2021-07-30T07:33:17Z)
• Robust Encodings: A Framework for Combating Adversarial Typos [85.70270979772388]
  NLP systems are easily fooled by small perturbations of inputs. Existing procedures to defend against such perturbations provide guaranteed robustness to worst-case attacks. We introduce robust encodings (RobEn) that confer guaranteed robustness without making compromises on model architecture.
  arXiv  Detail & Related papers  (2020-05-04T01:28:18Z)
• (De)Randomized Smoothing for Certifiable Defense against Patch Attacks [136.79415677706612]
  We introduce a certifiable defense against patch attacks that guarantees for a given image and patch attack size. Our method is related to the broad class of randomized smoothing robustness schemes. Our results effectively establish a new state-of-the-art of certifiable defense against patch attacks on CIFAR-10 and ImageNet.
  arXiv  Detail & Related papers  (2020-02-25T08:39:46Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.