Search Icon
Register

Enhancing Security in Third-Party Library Reuse – Comprehensive Detection of 1-day Vulnerability through Code Patch Analysis

Shangzhi Xu (The University of New South Wales), Jialiang Dong (The University of New South Wales), Weiting Cai (Delft University of Technology), Juanru Li (Feiyu Tech), Arash Shaghaghi (The University of New South Wales), Nan Sun (The University of New South Wales), Siqi Ma (The University of New South Wales)

Nowadays, software development progresses
rapidly to incorporate new features. To facilitate such growth
and provide convenience for developers when creating and
updating software, reusing open-source software (i.e., thirdparty
library reuses) has become one of the most effective
and efficient methods. Unfortunately, the practice of reusing
third-party libraries (TPLs) can also introduce vulnerabilities
(known as 1-day vulnerabilities) because of the low maintenance
of TPLs, resulting in many vulnerable versions remaining in
use. If the software incorporating these TPLs fails to detect the
introduced vulnerabilities and leads to delayed updates, it will
exacerbate the security risks. However, the complicated code
dependencies and flexibility of TPL reuses make the detection of
1-day vulnerability a challenging task. To support developers in
securely reusing TPLs during software development, we design
and implement VULTURE, an effective and efficient detection
tool, aiming at identifying 1-day vulnerabilities that arise from
the reuse of vulnerable TPLs. It first executes a database creation
method, TPLFILTER, which leverages the Large Language
Model (LLM) to automatically build a unique database for the
targeted platform. Instead of relying on code-level similarity
comparison, VULTURE employs hashing-based comparison to
explore the dependencies among the collected TPLs and identify
the similarities between the TPLs and the target projects.
Recognizing that developers have the flexibility to reuse TPLs
exactly or in a custom manner, VULTURE separately conducts
version-based comparison and chunk-based analysis to capture
fine-grained semantic features at the function levels. We applied
VULTURE to 10 real-world projects to assess its effectiveness
and efficiency in detecting 1-day vulnerabilities. VULTURE
successfully identified 175 vulnerabilities from 178 reused TPLs.

Paper
Slides
Video

View More Papers

CCTAG: Configurable and Combinable Tagged Architecture

Zhanpeng Liu (Peking University), Yi Rong (Tsinghua University), Chenyang Li (Peking University), Wende Tan (Tsinghua University), Yuan Li (Zhongguancun Laboratory), Xinhui Han (Peking University), Songtao Yang (Zhongguancun Laboratory), Chao Zhang (Tsinghua University)

Read More

BinEnhance: An Enhancement Framework Based on External Environment Semantics...

Yongpan Wang (Institute of Information Engineering Chinese Academy of Sciences & University of Chinese Academy of Sciences, China), Hong Li (Institute of Information Engineering Chinese Academy of Sciences & University of Chinese Academy of Sciences, China), Xiaojie Zhu (King Abdullah University of Science and Technology, Thuwal, Saudi Arabia), Siyuan Li (Institute of Information Engineering Chinese…

Read More

RACONTEUR: A Knowledgeable, Insightful, and Portable LLM-Powered Shell Command...

Jiangyi Deng (Zhejiang University), Xinfeng Li (Zhejiang University), Yanjiao Chen (Zhejiang University), Yijie Bai (Zhejiang University), Haiqin Weng (Ant Group), Yan Liu (Ant Group), Tao Wei (Ant Group), Wenyuan Xu (Zhejiang University)

Read More

Incorporating Gradients to Rules: Towards Lightweight, Adaptive Provenance-based Intrusion...

Lingzhi Wang (Northwestern University), Xiangmin Shen (Northwestern University), Weijian Li (Northwestern University), Zhenyuan LI (Zhejiang University), R. Sekar (Stony Brook University), Han Liu (Northwestern University), Yan Chen (Northwestern University)

Read More