VUDDY - A Scalable Approach for Vulnerable Code Clone Discovery

Explore a scalable approach for detecting vulnerable code clones in this IEEE conference talk presented at the 2017 IEEE Symposium on Security & Privacy. Dive into the principles of VUDDY, a technique designed to efficiently and accurately identify security vulnerabilities in large software programs. Learn how function-level granularity and length-filtering techniques enable VUDDY to preprocess billions of lines of code in hours, followed by rapid clone detection. Discover the security-aware abstraction technique that allows VUDDY to identify variants of known vulnerabilities with high accuracy. Compare VUDDY's performance against state-of-the-art code clone detection techniques and examine its effectiveness in detecting zero-day vulnerabilities in widely used software systems like Apache HTTPD and Ubuntu OS Distribution. Gain insights into the growing ecosystem of open source software, the proliferation of code clones, and their impact on software security.

Intro
Question
Motivation
Scalable & Accurate Vulnerable Code Clone discovery
Demonstration of VUDDY
Proposed method: VUDDY
Collecting vulnerable code
Fingerprinting a program
Abstraction
Normalization
Vulnerable code clone detection
Performance
Case study
Summary