Locating the Security Patches for Disclosed OSS Vulnerabilities with Vulnerability-Commit Correlation Ranking
Xin Tan, Yuan Zhang, Chenyuan Mi, Jiajun Cao, Kun Sun, Yifan Lin, Min Yang
Abstract
Security patches play an important role in defending against the security threats brought by the increasing OSS vulnerabilities. However, the collection of security patches still remains a challenging problem. Existing works mainly adopt a matching-based design that uses auxiliary information in CVE/NVD to reduce the search scope of patch commits. However, our preliminary study shows that these approaches can only cover a small part of disclosed OSS vulnerabilities (about 12%-53%) even with manual assistance.
Topics & Concepts
CommitVulnerability (computing)Computer scienceScope (computer science)Computer securityCover (algebra)PrioritizationRanking (information retrieval)ExploitMatching (statistics)Information securityInformation retrievalBusinessEngineeringDatabaseProcess managementMathematicsProgramming languageMechanical engineeringStatisticsAdvanced Malware Detection TechniquesSoftware Engineering ResearchWeb Application Security Vulnerabilities