• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Deduplication and Exploitability Determination of UAF Vulnerability Samples by Fast Clustering


Abstract

Use-After-Free (UAF) is a common lethal form of software vulnerability. By using tools such as Web Browser Fuzzing, a large amount of samples containing UAF vulnerabilities can be generated. To evaluate the threat level of vulnerability or to patch the vulnerabilities, automatic deduplication and exploitability determination should be carried out for these samples. There are some problems existing in current methods, including inadequate pertinence, lack of depth and precision of analysis, high time cost, and low accuracy. In this paper, in terms of key dangling pointer and crash context, we analyze four properties of similar samples of UAF vulnerability, explore the method of extracting and calculate clustering eigenvalues from these samples, perform clustering by fast search and find of density peaks on a large number of vulnerability samples. Samples were divided into different UAF vulnerability categories according to the clustering results, and the exploitability of these UAF vulnerabilities was determined by observing the shape of class cluster. Experimental results showed that the approach was applicable to the deduplication and exploitability determination of a large amount of UAF vulnerability samples, with high accuracy and low performance cost.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
Jianshan Peng, Mi Zhang and Qingxian Wang, "Deduplication and Exploitability Determination of UAF Vulnerability Samples by Fast Clustering," KSII Transactions on Internet and Information Systems, vol. 10, no. 10, pp. 4933-4956, 2016. DOI: 10.3837/tiis.2016.10.016

[ACM Style]
Peng, J., Zhang, M., and Wang, Q. 2016. Deduplication and Exploitability Determination of UAF Vulnerability Samples by Fast Clustering. KSII Transactions on Internet and Information Systems, 10, 10, (2016), 4933-4956. DOI: 10.3837/tiis.2016.10.016