PS3: Precise Patch Presence Test based on Semantic Symbolic Signature (ICSE 2024 - Research Track)

Who

Qi Zhan, Xing Hu, Zhiyang Li, Xin Xia, David Lo, Shanping Li

Track

ICSE 2024 Research Track

Time Zone

The program is currently displayed in (GMT+01:00) Lisbon.

Use conference time zone: (GMT+01:00) LisbonSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Fri 19 Apr 2024 15:00 - 15:15 at Eugénio de Andrade - Vulnerability Detection Chair(s): Caroline Lemieux

Abstract

During software development, vulnerabilities have posed a significant threat to users. Applying patches is the most effective way to combat vulnerabilities. In a large scale software system, testing the presence of a security patch in every affected binary is crucial to ensure system security. Identifying whether a binary has been patched for a known vulnerability is challenging, as there may only be small differences between patched and vulnerable versions. Existing approaches mainly focus on detecting patches that are compiled in the same compiler options. However, it is common for developers to compile programs with very different compiler options in different situations, which causes inaccuracy for existing methods. In this paper, we propose a new approach named PS3, referring to precise patch presence test based on semantic-level symbolic signature. PS3 exploits symbolic emulation to extract signatures that are stable under different compiler options. Then, PS3 can test the presence of the patch precisely by comparing the signatures between the reference and the target at a semantic level.

To evaluate the effectiveness of our approach, we constructed a dataset consisting of 3,631 (CVE, binary) pairs of 62 recent CVEs in four C/C++ projects. The experimental results show that PS3 achieves scores of 0.82, 0.97, and 0.89 in terms of precision, recall, and F1 score, respectively. PS3 outperforms the state-of-the-art baselines by improving 33% in terms of F1 score and remains stable in different compiler options.

Qi Zhan

Zhejiang University

Xing Hu

Zhejiang University

China

Zhiyang Li

Zhejiang University

Xin Xia

Huawei Technologies

China

David Lo

Singapore Management University

Singapore

Shanping Li

Zhejiang University

Time Zone

The program is currently displayed in (GMT+01:00) Lisbon.

Use conference time zone: (GMT+01:00) LisbonSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Fri 19 Apr
Displayed time zone: Lisbon change

14:00 - 15:30	Vulnerability DetectionResearch Track at Eugénio de Andrade Chair(s): Caroline Lemieux University of British Columbia

14:00 15m Talk		GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis Research Track Yuqiang Sun Nanyang Technological University, Daoyuan Wu Nanyang Technological University, Yue Xue MetaTrust Labs, Han Liu East China Normal University, Haijun Wang Xi'an Jiaotong University, Zhengzi Xu Nanyang Technological University, Xiaofei Xie Singapore Management University, Yang Liu Nanyang Technological University DOI Pre-print
14:15 15m Talk		PrettySmart: Detecting Permission Re-delegation Vulnerability for Token Behaviors in Smart Contracts Research Track Zhijie Zhong School of Software Engineering, Sun Yat-sen University, Hong-Ning Dai Hong Kong Baptist University, Zibin Zheng Sun Yat-sen University, Qing Xue Sun Yat-sen University, Junjia Chen Sun Yat-sen University, Yuhong Nan Sun Yat-sen University
14:30 15m Talk		Combining Structured Static Code Information and Dynamic Symbolic Traces for Software Vulnerability Prediction Research Track Huanting Wang University of Leeds, UK, Zhanyong Tang Northwest University, Shin Hwei Tan Concordia University, Jie Wang NorthWest University, Yuzhe Liu NorthWest University, Hejun Fang NorthWest University, Chunwei Xia University of Leeds, Zheng Wang University of Leeds
14:45 15m Talk		SCVHunter: Smart Contract Vulnerability Detection Based on Heterogeneous Graph Attention Network Research Track Feng Luo University of Electronic Science and Technology of China, Ruijie Luo University of Electronic Science and Technology of China, Ting Chen University of Electronic Science and Technology of China, Ao Qiao University of Electronic Science and Technology of China, Zheyuan He University of Electronic Science and Technology of China, Shuwei Song University of Electronic Science and Technology of China, Yu Jiang Tsinghua university, Sixing Li University of Electronic Science and Technology of China
15:00 15m Talk		PS3: Precise Patch Presence Test based on Semantic Symbolic Signature Research Track Qi Zhan Zhejiang University, Xing Hu Zhejiang University, Zhiyang Li Zhejiang University, Xin Xia Huawei Technologies, David Lo Singapore Management University, Shanping Li Zhejiang University
15:15 15m Talk		Safeguarding DeFi Smart Contracts against Oracle Deviations Research Track Xun Deng University of Toronto, Sidi Mohamed Beillahi University of Toronto, Cyrus Minwalla Bank of Canada, Han Du Bank of Canada, Andreas Veneris University of Toronto, Fan Long University of Toronto