{MVP}: Detecting vulnerabilities using {Patch-Enhanced} vulnerability signatures
Recurring vulnerabilities widely exist and remain undetected in real-world systems, which
are often resulted from reused code base or shared code logic. However, the potentially …
are often resulted from reused code base or shared code logic. However, the potentially …
GraphSPD: Graph-based security patch detection with enriched code semantics
With the increasing popularity of open-source software, embedded vulnerabilities have been
widely propagating to downstream software. Due to different maintenance policies, software …
widely propagating to downstream software. Due to different maintenance policies, software …
Patchdb: A large-scale security patch dataset
Security patches, embedding both vulnerable code and the corresponding fixes, are of great
significance to vulnerability detection and software maintenance. However, the existing …
significance to vulnerability detection and software maintenance. However, the existing …
{RapidPatch}: firmware hotpatching for {Real-Time} embedded devices
Nowadays real-time embedded devices are becoming one main target of cyber attacks. A
huge number of embedded devices equipped with outdated firmware are subject to various …
huge number of embedded devices equipped with outdated firmware are subject to various …
{PET}: Prevent discovered errors from being triggered in the linux kernel
The Linux kernel is the backbone of modern society. When a kernel error is discovered, a
quick remediation is needed. Whereas sanitizers greatly facilitate root cause diagnosis …
quick remediation is needed. Whereas sanitizers greatly facilitate root cause diagnosis …
Just-in-Time Security Patch Detection--LLM At the Rescue for Data Augmentation
In the face of growing vulnerabilities found in open-source software, the need to identify
{discreet} security patches has become paramount. The lack of consistency in how software …
{discreet} security patches has become paramount. The lack of consistency in how software …
BinGo: Identifying Security Patches in Binary Code with Graph Representation Learning
A timely software update is vital to combat the increasing security vulnerabilities. However,
some software vendors may secretly patch their vulnerabilities without creating CVE entries …
some software vendors may secretly patch their vulnerabilities without creating CVE entries …
{ICSPatch}: Automated Vulnerability Localization and {Non-Intrusive} Hotpatching in Industrial Control Systems using Data Dependence Graphs
The paradigm shift of enabling extensive intercommunication between the Operational
Technology (OT) and Information Technology (IT) devices allows vulnerabilities typical to the …
Technology (OT) and Information Technology (IT) devices allows vulnerabilities typical to the …
Runtime software patching: Taxonomy, survey and future directions
Runtime software patching aims to minimize or eliminate service downtime, user
interruptions and potential data losses while deploying a patch. Due to modern software …
interruptions and potential data losses while deploying a patch. Due to modern software …
Backporting security patches of web applications: A prototype design and implementation on injection vulnerability patches
Web vulnerabilities, especially injection-related ones, are popular among web application
frameworks (such as Word-Press and Piwigo), which can lead to severe consequences like …
frameworks (such as Word-Press and Piwigo), which can lead to severe consequences like …