1,141 Hits in 4.0 sec

Generalized vulnerability extrapolation using abstract syntax trees

Fabian Yamaguchi, Markus Lottmann, Konrad Rieck
2012 Proceedings of the 28th Annual Computer Security Applications Conference on - ACSAC '12  
Our method proceeds by extracting abstract syntax trees from the code and determining structural patterns in these trees, such that each function in the code can be described as a mixture of these patterns  ...  This representation enables us to decompose a known vulnerability and extrapolate it to a code base, such that functions potentially suffering from the same flaw can be suggested to the analyst.  ...  Reporting of Vulnerabilities The discovered vulnerabilities have been reported to the respective developers before submission of this paper.  ... 
doi:10.1145/2420950.2421003 dblp:conf/acsac/YamaguchiLR12 fatcat:7b3scn37fzdorcwh2pjlsyijqy

Leveraging Flawed Tutorials for Seeding Large-Scale Web Vulnerability Discovery [article]

Tommi Unruh, Bhargava Shastry, Malte Skoruppa, Federico Maggi, Konrad Rieck, Jean-Pierre Seifert, Fabian Yamaguchi
2017 arXiv   pre-print
Moreover, our findings testify to the feasibility of large-scale vulnerability discovery using poorly written tutorials as a starting point.  ...  Assuming that these tutorials influence real-world software development, we hypothesize that code snippets from popular tutorials can be used to bootstrap vulnerability discovery at scale.  ...  As an example, Figure 3 (a) shows the abstract syntax tree for the SQLi vulnerability.  ... 
arXiv:1704.02786v1 fatcat:zf7j4pnisrattnwu6ah2aol22i

Big Code: New Opportunities for Improving Software Construction

Francisco Ortin, Javier Escalada, Oscar Rodriguez-Prieto
2016 Journal of Software  
We describe the existing works that have already used this idea to build tools for vulnerability detection, software deobfuscation, automatic code completion for API usage, and efficient querying using  ...  different issues that must be tackled when creating tools based on the big code approach. was awarded his PhD entitled A Flexible Programming Computational System developed over a Non-Restrictive Reflective Abstract  ...  In particular, the Joern tool represents programs as code property graphs, a combination of abstract syntax trees (AST), control flow graphs (CFG) and program dependency graphs (PDG), and stores them in  ... 
doi:10.17706/jsw.11.11.1083-1088 fatcat:niutoovgzbgehhglypka4adfmm

Leveraging semantic signatures for bug search in binary programs

Jannik Pewny, Felix Schuster, Lukas Bernhard, Thorsten Holz, Christian Rossow
2014 Proceedings of the 30th Annual Computer Security Applications Conference on - ACSAC '14  
This allows us to find instances of the same bug in different binaries and even spotting its variants (a concept called vulnerability extrapolation).  ...  Second, we use tree edit distances as a basic blockcentric metric for code similarity.  ...  Yamaguchi et al. proposed extrapolation of vulnerabilities on source code level [28] . Given source code written in C, they extract abstract syntax trees (AST) of all contained functions.  ... 
doi:10.1145/2664243.2664269 dblp:conf/acsac/PewnySBHR14 fatcat:wdmssaj4cfdxvhiuyop6h4ns5q

Asteria: Deep Learning-based AST-Encoding for Cross-platform Binary Code Similarity Detection [article]

Shouguo Yang, Long Cheng, Yicheng Zeng, Zhe Lang, Hongsong Zhu, Zhiqiang Shi
2021 arXiv   pre-print
We notice that the abstract syntax tree (AST) of a function contains rich semantic information.  ...  In the application of vulnerability search, our tool successfully identified 75 vulnerable functions in 5,979 IoT firmware images.  ...  Abstract Syntax Tree An AST is a tree representation of the abstract syntactic structure of code in the compilation and decompilation process.  ... 
arXiv:2108.06082v1 fatcat:gmj4b76wzrdjzluqbnz5gacjvm

Static Exploration of Taint-Style Vulnerabilities Found by Fuzzing [article]

Bhargava Shastry and Federico Maggi and Fabian Yamaguchi and Konrad Rieck and Jean-Pierre Seifert
2017 arXiv   pre-print
In this paper, we use static template matching to find recurrences of fuzzer-discovered vulnerabilities.  ...  We prototype our approach using the Clang/LLVM compiler toolchain and use it in conjunction with afl-fuzz, a modern coverage-guided fuzzer.  ...  The templates are encoded using code properties based on a program abstraction such as the abstract syntax tree (AST).  ... 
arXiv:1706.00206v1 fatcat:ubnef6jcunfmleyiianz7gsgae

Towards improving software security using language engineering and mbeddr C

Markus Voelter, Zaur Molotnikov, Bernd Kolb
2015 Proceedings of the Workshop on Domain-Specific Modeling - DSM 2015  
This paper explores the use of domain-specific languages for improving software security, which deals with developing software in a way that is not maliciously exploitable.  ...  Some of these examples are already implemented, some are analytical extrapolations from related work we have done in the past; a detailed empirical evaluation has not yet been done.  ...  MPS relies on a projectional editor which avoids parsing the concrete syntax of a language to construct the abstract syntax tree (AST); instead, editing gestures directly change the AST, and the concrete  ... 
doi:10.1145/2846696.2846698 dblp:conf/oopsla/VoelterMK15 fatcat:kg2fcf2w7bcpdl2zpt7jzjbhwi

BinGo: cross-architecture cross-OS binary search

Mahinthan Chandramohan, Yinxing Xue, Zhengzi Xu, Yang Liu, Chia Yuan Cho, Hee Beng Kuan Tan
2016 Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2016  
Using BINGO, we also discovered a zero-day vulnerability in Adobe PDF Reader, a COTS binary.  ...  ., plagiarism detection, malware detection and software vulnerability auditing.  ...  ., approaches based on token [24] , abstract syntax tree (AST) [22] or program dependency graph (PDG) [18] .  ... 
doi:10.1145/2950290.2950350 dblp:conf/sigsoft/ChandramohanXXL16 fatcat:za4rq6ovzbhwrn5kd4hz7surpq

Simple and safe SQL queries with c++ templates

Joseph (Yossi) Gil, Keren Lenz
2007 Proceedings of the 6th international conference on Generative programming and component engineering - GPCE '07  
The fact that these statements are only checked for correctness at runtime is a source for many potential problems such as type and syntax errors and vulnerability to injection attacks.  ...  Most software applications use a relational database for data management and storage.  ...  But, for programs generating SQL statements, the fact that these statements are only checked for correctness at runtime is a source for many potential problems such as type and syntax errors and vulnerability  ... 
doi:10.1145/1289971.1289976 dblp:conf/gpce/GilL07 fatcat:ufmschmcxzb23erubeabe6ghwm

Simple and safe SQL queries with C++ templates

Joseph (Yossi) Gil, Keren Lenz
2010 Science of Computer Programming  
The fact that these statements are only checked for correctness at runtime is a source for many potential problems such as type and syntax errors and vulnerability to injection attacks.  ...  Most software applications use a relational database for data management and storage.  ...  But, for programs generating SQL statements, the fact that these statements are only checked for correctness at runtime is a source for many potential problems such as type and syntax errors and vulnerability  ... 
doi:10.1016/j.scico.2010.01.004 fatcat:hmttvcfsfvdmniv7pxkjxe4ogq

A Certified Denotational Abstract Interpreter [chapter]

David Cachera, David Pichardie
2010 Lecture Notes in Computer Science  
In this paper, we show how we manage to program and prove correct in Coq an abstract interpreter that uses iteration strategies based on program syntax.  ...  In contrast, abstract interpreters are looking for fixpoints in infinite lattices where widening and narrowing are used for accelerating the convergence.  ...  This is done by using a binary widening operator ▽, that extrapolates both of its arguments, and use an iteration of the following form: x 0 = ⊥, x n+1 = x n ▽f (x n ).  ... 
doi:10.1007/978-3-642-14052-5_3 fatcat:spqaffa76bfzzkikywdk5ccu7u

A Survey on Deep Learning for Software Engineering [article]

Yanming Yang, Xin Xia, David Lo, John Grundy
2020 arXiv   pre-print
We analyzed key optimization technologies used in these deep learning models, and finally describe a range of key research topics using DNNs in SE.  ...  We first provide an example to illustrate how deep learning techniques are used in SE. We then summarize and classify different deep learning techniques used in SE.  ...  Tree/graph-based input: To better comprehend the structure of source code, several studies convert source code into Abstract Syntax Trees (AST) or Control Flow Graphs (CFGs), and then generate vector sequences  ... 
arXiv:2011.14597v1 fatcat:pcyg6zbnm5bc3g4yhjomcnye3y


Zhen Li, Deqing Zou, Shouhuai Xu, Hai Jin, Hanchao Qi, Jie Hu
2016 Proceedings of the 32nd Annual Conference on Computer Security Applications - ACSAC '16  
This calls for tools that can automatically search for vulnerable software with respect to a given vulnerability.  ...  Experiments show that VulPecker detects 40 vulnerabilities that are not published in the National Vulnerability Database (NVD).  ...  Acknowledgments We thank the anonymous reviewers for their comments that helped us improve the paper. We thank Marcus Pendleton for proofreading the paper.  ... 
doi:10.1145/2991079.2991102 fatcat:xaoikk45n5hhnep4nfqoj32gaq

Assisting in Auditing of Buffer Overflow Vulnerabilities via Machine Learning

Qingkun Meng, Chao Feng, Bin Zhang, Chaojing Tang
2017 Mathematical Problems in Engineering  
After embedding these attributes into a vector space, five frequently used machine learning algorithms are employed to classify the functions into suspicious vulnerable functions and secure ones.  ...  Buffer overflow vulnerability is a kind of consequence in which programmers' intentions are not implemented correctly.  ...  A robust parser [5, 6] is employed to parse source code to Abstract Syntax Tree (AST), which is directly or indirectly used to generate multiple representations.  ... 
doi:10.1155/2017/5452396 fatcat:uzmf4gto4jdahjcbo4snovboc4

JavaNeighbors: Improving ChuckyJava's neighborhood discovery algorithm

Léopold Ouairy, Hélène Le Bouder, Jean-Louis Lanet
2019 Procedia Computer Science  
In this Microsoft's Phoenix plugin [5] , authors rely on both abstract syntax trees and suffix trees to detect code clones.  ...  While the former tree is generated by the Phoenix's compiler, the latter is generated by the authors.  ... 
doi:10.1016/j.procs.2019.09.445 fatcat:2ck7lxwhgzerpht6y3u53fcas4
« Previous Showing results 1 — 15 out of 1,141 results