The binary-level function matching has been widely used to detect whether there are 1-day vulnerabilities in released programs.However, the high false positive is a challenge for current function matching solutions, since the vulnerable function is highly similar to its corresponding patched version.In this paper, the Binary X-Ray (BinXray), a patch based vulnerability matching approach, is proposed to identify the specific 1-day vulnerabilities in target programs accurately and effectively. In the preparing step, a basic block mapping algorithm is designed to extract the signature of a patch, by comparing the given vulnerable and patched programs. The signature is represented as a set of basic block traces. In the detection step, the patching semantics is applied to reduce irrelevant basic block traces to speed up the signature searching. The trace similarity is also designed to identify whether a target program is patched. In experiments, 12 real software projects related to 479 CVEs are collected. BinXray achieves 93.31% accuracy and the analysis speed is only 296.17ms per function, outperforming the state-of-the-art works.
Wed 22 Jul Times are displayed in time zone: (GMT-07:00) Tijuana, Baja California change
|10:50 - 11:10|
Yifei Xu, Zhengzi Xu, Bihuan ChenFudan University, Fu Song, Yang LiuNanyang Technological University, Singapore, Ting LiuXi'an Jiaotong UniversityDOI Media Attached
|11:10 - 11:30|
George FourtounisUniversity of Athens, Leonidas TriantafyllouUniversity of Athens, Yannis SmaragdakisUniversity of Athens, GreeceDOI Media Attached
|11:30 - 11:50|
Muhui Jiang, Yajin ZhouZhejiang University, Xiapu LuoThe Hong Kong Polytechnic University, Ruoyu Wang, Yang LiuNanyang Technological University, Singapore, Kui RenDOI