VulSlicer: Vulnerability detection through code slicing

Solmaz Salimi,Mehdi Kharrazi
DOI: https://doi.org/10.1016/j.jss.2022.111450
IF: 3.5
2022-11-01
Journal of Systems and Software
Abstract:There has been a multitude of techniques proposed for identifying vulnerabilities in software. Forcing a program into a vulnerable state has become increasingly unscalable, given the size of the programs and the number of possible execution states. At the same time, techniques that are looking for vulnerability signatures are marred with weak and incomplete signatures. This is not to say that such techniques have failed to identify previously unknown vulnerabilities in the code. However, they have inherent weaknesses, which result in identifying vulnerabilities that are limited in type and complexity.We propose a novel technique to extract succinct vulnerability-relevant statements representing the self-contained nature of vulnerabilities and reproduce the vulnerable behavior independently of the rest of the program. We also introduce an innovative technique to slice target programs and search for similar vulnerability-relevant statements in them. We developed VulSlicer, a prototype system capable of extracting vulnerability-relevant statements from vulnerable programs and searching for them on target programs at scale. Furthermore, we have examined four candidate open-source projects and have been able to identify 118 potential vulnerabilities, out of which 94 were found to be silently patched, and from the remaining reported cases, three were confirmed by obtaining a CVE designation.
computer science, theory & methods, software engineering
What problem does this paper attempt to address?