Clonewise - Automated Package Clone Detection
Offered By: Black Hat via YouTube
Course Description
Overview
Explore an innovative approach to automated package clone detection presented at Black Hat USA 2012. Discover how the Clonewise system identifies embedded code and potential vulnerabilities in software projects. Learn about the challenges of statically linked libraries, internal code copies, and forked developments. Understand the machine learning techniques used to classify package relationships based on file similarities. Examine the system's impressive 68% true positive rate and less than 1% false positive rate when evaluated against Debian's manual database. Gain insights into how major Linux vendors like Debian and Red Hat are implementing these findings to enhance their security procedures. See how this groundbreaking work has already led to the identification and patching of over 30 previously unknown package clone vulnerabilities.
Syllabus
Black Hat USA 2012 - Clonewise: Automated Package Clone Detection
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube