poster

POSTER: PatchGen: Towards Automated Patch Detection and Generation for 1-Day Vulnerabilities

Authors:

Chen Ni,

Yanjun WuAuthors Info & Claims

CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

Pages 1656 - 1658

https://doi.org/10.1145/2810103.2810122

Published: 12 October 2015 Publication History

Get Access

Abstract

A large fraction of source code in open-source systems such as Linux contain 1-day vulnerabilities. The command "patch" is used to apply the patches to source codes, and returns feedback information automatically. Unfortunately, this operation is not always successful when patching directly, and two typical error scenarios may occur as follows. 1. The patch may be applied in wrong place, meaning the fix location should be adjusted in patch. 2. The patch may be applied repeatedly, meaning a verification should be executed before applying. To resolve the above scenarios, we propose PatchGen, a new system to quickly detect and generate patches for 1-day vulnerabilities in OS distributions. Comparing with the previous works on 1-day vulnerabilities detection, PatchGen is able to solve the above two error scenarios and use a quick, syntax-based approach that scales to OS distribution-sized code base no matter the code written in what types of language. We implement the PatchGen prototype, and evaluate it by checking all codes from packages in Ubuntu Maverick/Oneiric, all SourceForge C and C++ projects, and the Linux kernel source. Specifically, it takes less than 10 minutes for PatcheGen to detect 175 1-day vulnerabilities and generate 140 patches for Linux Kernel. All of the results have been manually confirmed and tested in the real systems.

References

[1]

Jang, J., Agrawal, A., and Brumley, D. Redebug: Finding unpatched code clones in entire OS distributions. In IEEE Symposium on Security and Privacy, SP 2012, 21--23 May 2012, San Francisco, California, USA (2012), pp. 48--62.

Digital Library

Google Scholar

[2]

Jürgens, E., Deissenboeck, F., Hummel, B., and Wagner, S. Do code clones matter? In 31st International Conference on Software Engineering, ICSE 2009, May 16--24, 2009, Vancouver, Canada, Proceedings (2009), pp. 485--495.

Digital Library

Google Scholar

[3]

Li, Z., Lu, S., Myagmar, S., and Zhou, Y. Cp-miner: Finding copy-paste and related bugs in large-scale software code. IEEE Trans. Software Eng. 32, 3 (2006), 176--192.

Digital Library

Google Scholar

[4]

Ohta, T., Murakami, H., Igaki, H., Higo, Y., and Kusumoto, S. Source code reuse evaluation by using real/potential copy and paste. In 9th IEEE International Workshop on Software Clones, IWSC 2015, Montreal, QC, Canada, March 6, 2015 (2015), pp. 33--39.

Crossref

Google Scholar

[5]

Yin, Z., Caesar, M., and Zhou, Y. Towards understanding bugs in open source router software. Computer Communication Review 40, 3 (2010), 34--40.

Digital Library

Google Scholar

Cited By

View all

Xie ZWen MWei ZJin HFilkov VRay BZhou M(2024)Unveiling the Characteristics and Impact of Security Patch EvolutionProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695488(1094-1106)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695488
He YWang YZhu SWang WZhang YLi QYu A(2024)Automatically Identifying CVE Affected Versions With Patches and Developer LogsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.326456721:2(905-919)Online publication date: Mar-2024
https://doi.org/10.1109/TDSC.2023.3264567
Yang MWu JJi SLuo TWu Y(2018)Pre-Patch: Find Hidden Threats in Open Software Based on Machine Learning MethodServices – SERVICES 201810.1007/978-3-319-94472-2_4(48-65)Online publication date: 23-Jun-2018
https://doi.org/10.1007/978-3-319-94472-2_4
Show More Cited By

Index Terms

POSTER: PatchGen: Towards Automated Patch Detection and Generation for 1-Day Vulnerabilities
1. Security and privacy
  1. Systems security
    1. Operating systems security

Recommendations

1dFuzz: Reproduce 1-Day Vulnerabilities with Directed Differential Fuzzing
ISSTA 2023: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis

1-day vulnerabilities are common in practice and have posed severe threats to end users, as adversaries could learn from released patches to find them and exploit them. Reproducing 1-day vulnerabilities is also crucial for defenders, e.g., to block ...
Impact of tool support in patch construction
ISSTA 2017: Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis

In this work, we investigate the practice of patch construction in the Linux kernel development, focusing on the differences between three patching processes: (1) patches crafted entirely manually to fix bugs, (2) those that are derived from warnings ...
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications
SP '08: Proceedings of the 2008 IEEE Symposium on Security and Privacy

The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P, automatically generate an exploit for the potentially unknown vulnerability present in P but fixed in P. In this paper, we propose ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

October 2015

1750 pages

ISBN:9781450338325

DOI:10.1145/2810103

General Chair:
Indrajit Ray
Colorado State University, USA
,
Program Chairs:
Ninghui Li
Purdue University, USA
,
Christopher Kruegel
University of California, Santa Barbara, USA

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2015

Check for updates

Author Tags

Qualifiers

Poster

Funding Sources

National Science and Technology Major Projects
Natural Science Foundation of China

Conference

CCS'15

Sponsor:

SIGSAC

CCS'15: The 22nd ACM Conference on Computer and Communications Security

October 12 - 16, 2015

Colorado, Denver, USA

Acceptance Rates

CCS '15 Paper Acceptance Rate 128 of 660 submissions, 19%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
298
Total Downloads

Downloads (Last 12 months)11
Downloads (Last 6 weeks)1

Reflects downloads up to 13 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Xie ZWen MWei ZJin HFilkov VRay BZhou M(2024)Unveiling the Characteristics and Impact of Security Patch EvolutionProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695488(1094-1106)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695488
He YWang YZhu SWang WZhang YLi QYu A(2024)Automatically Identifying CVE Affected Versions With Patches and Developer LogsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.326456721:2(905-919)Online publication date: Mar-2024
https://doi.org/10.1109/TDSC.2023.3264567
Yang MWu JJi SLuo TWu Y(2018)Pre-Patch: Find Hidden Threats in Open Software Based on Machine Learning MethodServices – SERVICES 201810.1007/978-3-319-94472-2_4(48-65)Online publication date: 23-Jun-2018
https://doi.org/10.1007/978-3-319-94472-2_4
Wu JYang MBodden ESchäfer WDeursen AZisman A(2017)LaChouTi: kernel vulnerability responding framework for the fragmented Android devicesProceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering10.1145/3106237.3117768(920-925)Online publication date: 21-Aug-2017
https://dl.acm.org/doi/10.1145/3106237.3117768

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

1dFuzz: Reproduce 1-Day Vulnerabilities with Directed Differential Fuzzing

Impact of tool support in patch construction

Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications

Comments

Information

Published In

Sponsors

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations