Litcius/Paper detail

TRACER

Wooseok Kang, Byoung-Ho Son, Kihong Heo

2022Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security24 citationsDOI

Abstract

Similar software vulnerabilities recur because developers reuse existing vulnerable code, or make similar mistakes when implementing the same logic. Recently, various analysis techniques have been proposed to find syntactically recurring vulnerabilities via code reuse. However, limited attention has been devoted to semantically recurring ones that share the same vulnerable behavior in different code structures. In this paper, we present a general analysis framework, called TRACER, for detecting such recurring vulnerabilities. TRACER is based on a taint analysis that can detect various types of vulnerabilities. For a given set of known vulnerabilities, the taint analysis extracts vulnerable traces and establishes a signature database of them. When a new unseen program is analyzed, TRACER compares all potentially vulnerable traces reported by the analysis with the known vulnerability signatures. Then, TRACER reports a list of potential vulnerabilities ranked by the similarity score. We evaluate TRACER on 273 Debian packages in C/C++. Our experiment results demonstrate that TRACER is able to find 281 previously unknown vulnerabilities with 6 CVE identifiers assigned.

Topics & Concepts

Computer scienceReuseTRACERIdentifierCode (set theory)Set (abstract data type)SoftwareStatic analysisProgramming languageEngineeringNuclear physicsWaste managementPhysicsSoftware Engineering ResearchAdvanced Malware Detection TechniquesSoftware Reliability and Analysis Research
TRACER | Litcius