ASE 2024
Sun 27 October - Fri 1 November 2024 Sacramento, California, United States
Thu 31 Oct 2024 10:45 - 11:00 at Magnoila - Vulnerability and security2 Chair(s): Yiming Tang

Since its major release in 2006, the Unified Extensible Firmware Interface (UEFI) has become the industry standard for interfacing a computer’s hardware and operating system, replacing BIOS. UEFI has higher privileged security access to system resources than any other software component, including the system kernel. Hence, identifying and characterizing vulnerabilities in UEFI is extremely important for computer security. However, automated detection and characterization of UEFI vulnerabilities is a challenging problem. Static vulnerability analysis techniques are scalable but lack precision (reporting many false positives), whereas symbolic analysis techniques are precise but are hampered by scalability issues due to path explosion and the cost of constraint solving. In this paper, we introduce a technique called STatic Analysis guided Symbolic Execution (STASE), which integrates both analysis approaches to leverage their strengths and minimize their weaknesses. We begin with a rule-based static vulnerability analysis on LLVM bitcode to identify potential vulnerability targets for symbolic execution. We then focus symbolic execution on each target to achieve precise vulnerability detection and signature generation. STASE relies on the manual specification of reusable vulnerability rules and attacker-controlled inputs. However, it automates the generation of harnesses that guide the symbolic execution process, addressing the usability and scalability of symbolic execution, which typically requires manual harness generation to reduce the state space. We implemented and applied STASE to the implementations of UEFI code base. STASE detects and generates vulnerability signatures for 5 out of 9 recently reported PixieFail vulnerabilities and 13 new vulnerabilities in Tianocore’s EDKII codebase.

Thu 31 Oct

Displayed time zone: Pacific Time (US & Canada) change

10:30 - 12:00
Vulnerability and security2NIER Track / Research Papers / Tool Demonstrations at Magnoila
Chair(s): Yiming Tang Rochester Institute of Technology
10:30
15m
Talk
Coding-PTMs: How to Find Optimal Code Pre-trained Models for Code Embedding in Vulnerability Detection?
Research Papers
Yu Zhao , Lina Gong Nanjing University of Aeronautics and Astronautic, Zhiqiu Huang Nanjing University of Aeronautics and Astronautics, Yongwei Wang Shanghai Institute for Advanced Study and College of Computer Science, Zhejiang University, Mingqiang Wei School of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Fei Wu College of Computer Science and Technology in Zhejiang University
10:45
15m
Talk
STASE: Static Analysis Guided Symbolic Execution for UEFI Vulnerability Signature Generation
Research Papers
Md Shafiuzzaman University of California at Santa Barbara, Achintya Desai University of California Santa Barbara, Laboni Sarker University of California at Santa Barbara, Tevfik Bultan University of California at Santa Barbara
11:00
15m
Talk
Effective Vulnerable Function Identification based on CVE Description Empowered by Large Language Models
Research Papers
Yulun Wu Huazhong University of Science and Technology, Ming Wen Huazhong University of Science and Technology, Zeliang Yu Huazhong University of Science and Technology, Xiaochen Guo Huazhong University of Science and Technology, Hai Jin Huazhong University of Science and Technology
11:15
15m
Talk
COBRA: Interaction-Aware Bytecode-Level Vulnerability Detector for Smart Contracts
Research Papers
Wenkai Li Hainan University, Xiaoqi Li Hainan University, Zongwei Li Hainan University, Yuqing Zhang University of Chinese Academy of Sciences; Zhongguancun Laboratory
Link to publication DOI Pre-print Media Attached
11:30
10m
Talk
MADE-WIC: Multiple Annotated Datasets for Exploring Weaknesses In Code
Tool Demonstrations
Moritz Mock Free University of Bozen-Bolzano, Jorge Melegati Free University of Bozen-Bolzano, Max Kretschmann Hamburg University of Technology, Nicolás E. Díaz Ferreyra Hamburg University of Technology, Barbara Russo Free University of Bozen/Bolzano, Italy
DOI Pre-print
11:40
10m
Talk
The Software Genome Project: Unraveling Software Through Genetic Principles
NIER Track
Yueming Wu Nanyang Technological University, Chengwei Liu Nanyang Technological University, Zhengzi Xu Nanyang Technological University; Imperial Global Singapore, Lyuye Zhang Nanyang Technological University, Yiran Zhang , Zhu Zhiling Zhejiang University of Technology, Yang Liu Nanyang Technological University
11:50
10m
Talk
Mining for Mutation Operators for Reduction of Information Flow Control Violations
NIER Track
Ilya Kosorukov University College London, Daniel Blackwell University College London, David Clark University College London, Myra Cohen Iowa State University, Justyna Petke University College London