TY - GEN
T1 - OCTOPOCS
T2 - 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021
AU - Kwon, Seongkyeong
AU - Woo, Seunghoon
AU - Seong, Gangmo
AU - Lee, Heejo
N1 - Funding Information:
ACKNOWLEDGMENT We appreciate our shepherd and the anonymous reviewers for their valuable comments to improve the quality of the paper. We are also grateful to Seungmok Kim and Geonwoo Lee for helping us analyze the experimental results manually. This work was supported by Institute of Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korea government (MSIT) (No.2019-0-01697 Development of Automated Vulnerability Discovery Technologies for Blockchain Platform Security and No.2021-0-01819 ICT Creative Consilience program).
Publisher Copyright:
© 2021 IEEE.
PY - 2021/6
Y1 - 2021/6
N2 - Addressing vulnerability propagation has become a major issue in software ecosystems. Existing approaches hold the promise of detecting widespread vulnerabilities but cannot be applied to verify effectively whether propagated vulnerable code still poses threats. We present OCTOPOCS, which uses a reformed Proof-of-Concept (PoC), to verify whether a vulnerability is propagated. Using context-aware taint analysis, OCTOPOCS extracts crash primitives (the parts used in the shared code area between the original vulnerable software and propagated software) from the original PoC. OCTOPOCS then utilizes directed symbolic execution to generate guiding inputs that direct the execution of the propagated software from the entry point to the shared code area. Thereafter, OCTOPOCS creates a new PoC by combining crash primitives and guiding inputs. It finally verifies the propagated vulnerability using the created PoC. We evaluated OCTOPOCS with 15 real-world C and C++ vulnerable software pairs, with results showing that OCTOPOCS successfully verified 14 propagated vulnerabilities.
AB - Addressing vulnerability propagation has become a major issue in software ecosystems. Existing approaches hold the promise of detecting widespread vulnerabilities but cannot be applied to verify effectively whether propagated vulnerable code still poses threats. We present OCTOPOCS, which uses a reformed Proof-of-Concept (PoC), to verify whether a vulnerability is propagated. Using context-aware taint analysis, OCTOPOCS extracts crash primitives (the parts used in the shared code area between the original vulnerable software and propagated software) from the original PoC. OCTOPOCS then utilizes directed symbolic execution to generate guiding inputs that direct the execution of the propagated software from the entry point to the shared code area. Thereafter, OCTOPOCS creates a new PoC by combining crash primitives and guiding inputs. It finally verifies the propagated vulnerability using the created PoC. We evaluated OCTOPOCS with 15 real-world C and C++ vulnerable software pairs, with results showing that OCTOPOCS successfully verified 14 propagated vulnerabilities.
KW - Proofs-of-Concept
KW - Vulnerability propagation
KW - symbolic execution
KW - taint analysis
UR - http://www.scopus.com/inward/record.url?scp=85114900027&partnerID=8YFLogxK
U2 - 10.1109/DSN48987.2021.00032
DO - 10.1109/DSN48987.2021.00032
M3 - Conference contribution
AN - SCOPUS:85114900027
T3 - Proceedings - 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021
SP - 174
EP - 185
BT - Proceedings - 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 21 June 2021 through 24 June 2021
ER -