Posted 12:00:00 AM

Cyber Readings 004

Cyber Reading Group

The next meeting is 12th July. The paper is Modeling and Discovering Vulnerabilities with Code Property Graphs

Reading: Modeling and Discovering Vulnerabilities with Code Property Graphs

Date: 12th July 2017

Time: 11:00 AM

Location: Turing Room

Contact: Shane Magrath shane.magrath@anu.edu.au

Download Paper Here

Abstract: The vast majority of security breaches encountered today are a direct result of insecure code. Consequently, the protection of computer systems critically depends on the rigorous identification of vulnerabilities in software, a tedious and error- prone process requiring significant expertise. Unfortunately, a single flaw suffices to undermine the security of a system and thus the sheer amount of code to audit plays into the attacker’s cards. In this paper, we present a method to effectively mine large amounts of source code for vulnerabilities. To this end, we introduce a novel representation of source code called a code property graph that merges concepts of classic program analysis, namely abstract syntax trees, control flow graphs and program dependence graphs, into a joint data structure. This comprehensive representation enables us to elegantly model tem- plates for common vulnerabilities with graph traversals that, for instance, can identify buffer overflows, integer overflows, format string vulnerabilities, or memory disclosures. We implement our approach using a popular graph database and demonstrate its efficacy by identifying 18 previously unknown vulnerabilities in the source code of the Linux kernel.

Updated:  11 Jul 2017/ Responsible Officer:  Director, Research School of Computer Science/ Page Contact:  Antony Hosking