Generalized vulnerability extrapolation using abstract syntax trees.

Our method proceeds by extracting abstract syntax trees from the code and determining structural patterns in these trees, such that each function in the code can be described as a mixture of these patterns ... This representation enables us to decompose a known vulnerability and extrapolate it to a code base, such that functions potentially suffering from the same flaw can be suggested to the analyst. ... Reporting of Vulnerabilities The discovered vulnerabilities have been reported to the respective developers before submission of this paper. ...

doi:10.1145/2420950.2421003 dblp:conf/acsac/YamaguchiLR12 fatcat:7b3scn37fzdorcwh2pjlsyijqy

Moreover, our findings testify to the feasibility of large-scale vulnerability discovery using poorly written tutorials as a starting point. ... Assuming that these tutorials influence real-world software development, we hypothesize that code snippets from popular tutorials can be used to bootstrap vulnerability discovery at scale. ... As an example, Figure 3 (a) shows the abstract syntax tree for the SQLi vulnerability. ...

arXiv:1704.02786v1 fatcat:zf7j4pnisrattnwu6ah2aol22i

We describe the existing works that have already used this idea to build tools for vulnerability detection, software deobfuscation, automatic code completion for API usage, and efficient querying using ... different issues that must be tackled when creating tools based on the big code approach. was awarded his PhD entitled A Flexible Programming Computational System developed over a Non-Restrictive Reflective Abstract ... In particular, the Joern tool represents programs as code property graphs, a combination of abstract syntax trees (AST), control flow graphs (CFG) and program dependency graphs (PDG), and stores them in ...

doi:10.17706/jsw.11.11.1083-1088 fatcat:niutoovgzbgehhglypka4adfmm

Open Access

This allows us to find instances of the same bug in different binaries and even spotting its variants (a concept called vulnerability extrapolation). ... Second, we use tree edit distances as a basic blockcentric metric for code similarity. ... Yamaguchi et al. proposed extrapolation of vulnerabilities on source code level [28] . Given source code written in C, they extract abstract syntax trees (AST) of all contained functions. ...

doi:10.1145/2664243.2664269 dblp:conf/acsac/PewnySBHR14 fatcat:wdmssaj4cfdxvhiuyop6h4ns5q

We notice that the abstract syntax tree (AST) of a function contains rich semantic information. ... In the application of vulnerability search, our tool successfully identified 75 vulnerable functions in 5,979 IoT firmware images. ... Abstract Syntax Tree An AST is a tree representation of the abstract syntactic structure of code in the compilation and decompilation process. ...

arXiv:2108.06082v1 fatcat:gmj4b76wzrdjzluqbnz5gacjvm

Multiple Versions

In this paper, we use static template matching to find recurrences of fuzzer-discovered vulnerabilities. ... We prototype our approach using the Clang/LLVM compiler toolchain and use it in conjunction with afl-fuzz, a modern coverage-guided fuzzer. ... The templates are encoded using code properties based on a program abstraction such as the abstract syntax tree (AST). ...

arXiv:1706.00206v1 fatcat:ubnef6jcunfmleyiianz7gsgae

This paper explores the use of domain-specific languages for improving software security, which deals with developing software in a way that is not maliciously exploitable. ... Some of these examples are already implemented, some are analytical extrapolations from related work we have done in the past; a detailed empirical evaluation has not yet been done. ... MPS relies on a projectional editor which avoids parsing the concrete syntax of a language to construct the abstract syntax tree (AST); instead, editing gestures directly change the AST, and the concrete ...

doi:10.1145/2846696.2846698 dblp:conf/oopsla/VoelterMK15 fatcat:kg2fcf2w7bcpdl2zpt7jzjbhwi

Using BINGO, we also discovered a zero-day vulnerability in Adobe PDF Reader, a COTS binary. ... ., plagiarism detection, malware detection and software vulnerability auditing. ... ., approaches based on token [24] , abstract syntax tree (AST) [22] or program dependency graph (PDG) [18] . ...

doi:10.1145/2950290.2950350 dblp:conf/sigsoft/ChandramohanXXL16 fatcat:za4rq6ovzbhwrn5kd4hz7surpq

The fact that these statements are only checked for correctness at runtime is a source for many potential problems such as type and syntax errors and vulnerability to injection attacks. ... Most software applications use a relational database for data management and storage. ... But, for programs generating SQL statements, the fact that these statements are only checked for correctness at runtime is a source for many potential problems such as type and syntax errors and vulnerability ...

doi:10.1145/1289971.1289976 dblp:conf/gpce/GilL07 fatcat:ufmschmcxzb23erubeabe6ghwm

The fact that these statements are only checked for correctness at runtime is a source for many potential problems such as type and syntax errors and vulnerability to injection attacks. ... Most software applications use a relational database for data management and storage. ... But, for programs generating SQL statements, the fact that these statements are only checked for correctness at runtime is a source for many potential problems such as type and syntax errors and vulnerability ...

doi:10.1016/j.scico.2010.01.004 fatcat:hmttvcfsfvdmniv7pxkjxe4ogq

Szczepanski

In this paper, we show how we manage to program and prove correct in Coq an abstract interpreter that uses iteration strategies based on program syntax. ... In contrast, abstract interpreters are looking for fixpoints in infinite lattices where widening and narrowing are used for accelerating the convergence. ... This is done by using a binary widening operator ▽, that extrapolates both of its arguments, and use an iteration of the following form: x 0 = ⊥, x n+1 = x n ▽f (x n ). ...

doi:10.1007/978-3-642-14052-5_3 fatcat:spqaffa76bfzzkikywdk5ccu7u

We analyzed key optimization technologies used in these deep learning models, and finally describe a range of key research topics using DNNs in SE. ... We first provide an example to illustrate how deep learning techniques are used in SE. We then summarize and classify different deep learning techniques used in SE. ... Tree/graph-based input: To better comprehend the structure of source code, several studies convert source code into Abstract Syntax Trees (AST) or Control Flow Graphs (CFGs), and then generate vector sequences ...

arXiv:2011.14597v1 fatcat:pcyg6zbnm5bc3g4yhjomcnye3y

Open Access

This calls for tools that can automatically search for vulnerable software with respect to a given vulnerability. ... Experiments show that VulPecker detects 40 vulnerabilities that are not published in the National Vulnerability Database (NVD). ... Acknowledgments We thank the anonymous reviewers for their comments that helped us improve the paper. We thank Marcus Pendleton for proofreading the paper. ...

doi:10.1145/2991079.2991102 fatcat:xaoikk45n5hhnep4nfqoj32gaq

After embedding these attributes into a vector space, five frequently used machine learning algorithms are employed to classify the functions into suspicious vulnerable functions and secure ones. ... Buffer overflow vulnerability is a kind of consequence in which programmers' intentions are not implemented correctly. ... A robust parser [5, 6] is employed to parse source code to Abstract Syntax Tree (AST), which is directly or indirectly used to generate multiple representations. ...

doi:10.1155/2017/5452396 fatcat:uzmf4gto4jdahjcbo4snovboc4

DOAJ Szczepanski

In this Microsoft's Phoenix plugin [5] , authors rely on both abstract syntax trees and suffix trees to detect code clones. ... While the former tree is generated by the Phoenix's compiler, the latter is generated by the authors. ...

doi:10.1016/j.procs.2019.09.445 fatcat:2ck7lxwhgzerpht6y3u53fcas4

Open Access

Generalized vulnerability extrapolation using abstract syntax trees

Preserved Fulltext

Leveraging Flawed Tutorials for Seeding Large-Scale Web Vulnerability Discovery [article]

Preserved Fulltext

Big Code: New Opportunities for Improving Software Construction

Preserved Fulltext

Leveraging semantic signatures for bug search in binary programs

Preserved Fulltext

Asteria: Deep Learning-based AST-Encoding for Cross-platform Binary Code Similarity Detection [article]

Preserved Fulltext

Other Versions

Static Exploration of Taint-Style Vulnerabilities Found by Fuzzing [article]

Preserved Fulltext

Towards improving software security using language engineering and mbeddr C

Preserved Fulltext

BinGo: cross-architecture cross-OS binary search

Preserved Fulltext

Simple and safe SQL queries with c++ templates

Preserved Fulltext

Simple and safe SQL queries with C++ templates

Preserved Fulltext

A Certified Denotational Abstract Interpreter [chapter]

Preserved Fulltext

A Survey on Deep Learning for Software Engineering [article]

Preserved Fulltext

VulPecker

Preserved Fulltext

Assisting in Auditing of Buffer Overflow Vulnerabilities via Machine Learning

Preserved Fulltext

JavaNeighbors: Improving ChuckyJava's neighborhood discovery algorithm

Preserved Fulltext