Experiment on the Automatic Detection of Function Clones in a Software System Using Metrics
ICSM '96 Proceedings of the 1996 International Conference on Software Maintenance
Clone Detection Using Abstract Syntax Trees
ICSM '98 Proceedings of the International Conference on Software Maintenance
On the effectiveness of clone detection by string matching: Research Articles
Journal of Software Maintenance and Evolution: Research and Practice
Retrofitting Legacy Code for Authorization Policy Enforcement
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
CSMR '09 Proceedings of the 2009 European Conference on Software Maintenance and Reengineering
Introduction to Algorithms, Third Edition
Introduction to Algorithms, Third Edition
Extraction of Inter-procedural Simple Role Privilege Models from PHP Code
WCRE '09 Proceedings of the 2009 16th Working Conference on Reverse Engineering
Baaz: a system for detecting access control misconfigurations
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Detecting and resolving policy misconfigurations in access-control systems
ACM Transactions on Information and System Security (TISSEC)
Static detection of access control vulnerabilities in web applications
SEC'11 Proceedings of the 20th USENIX conference on Security
RoleCast: finding missing security checks when you do not know what checks are
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
Discovering access-control misconfigurations: new approaches and evaluation methodologies
Proceedings of the second ACM conference on Data and Application Security and Privacy
SAFERPHP: finding semantic vulnerabilities in PHP applications
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
ReDeBug: Finding Unpatched Code Clones in Entire OS Distributions
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
CBCD: cloned buggy code detector
Proceedings of the 34th International Conference on Software Engineering
Recovering role-based access control security models from dynamic web applications
ICWE'12 Proceedings of the 12th international conference on Web Engineering
WSE '12 Proceedings of the 2012 IEEE 14th International Symposium on Web Systems Evolution (WSE)
Fast Detection of Access Control Vulnerabilities in PHP Applications
WCRE '12 Proceedings of the 2012 19th Working Conference on Reverse Engineering
Generalized vulnerability extrapolation using abstract syntax trees
Proceedings of the 28th Annual Computer Security Applications Conference
XIAO: tuning code clones at hands of engineers in practice
Proceedings of the 28th Annual Computer Security Applications Conference
Alias-Aware Propagation of Simple Pattern-Based Properties in PHP Applications
SCAM '12 Proceedings of the 2012 IEEE 12th International Working Conference on Source Code Analysis and Manipulation
Semantic smells and errors in access control models: a case study in PHP
Proceedings of the 2013 International Conference on Software Engineering
Hi-index | 0.00 |
Software clone detection techniques identify fragments of code that share some level of syntactic similarity. In this study, we investigate security-sensitive clone clusters: clusters of syntactically similar fragments of code that are protected by some privileges. From a security perspective, security-sensitive clone clusters can help reason about the implemented security model: given syntactically similar fragments of code, it is expected that they are protected by similar privileges. We hypothesize that clones that violate this assumption, defined as security-discordant clones, are likely to reveal weaknesses and flaws in access control models. In order to characterize security-discordant clones, we investigated two of the largest and most popular open-source PHP applications: Joomla! and Moodle, with sizes ranging from hundred thousands to more than a million lines of code. Investigation of security-discordant clone clusters in these systems revealed several previously undocumented, recurring, and application-independent security weaknesses. Moreover, security-discordant clones also revealed four, previously unreported, security flaws. Results also show how these flaws were revealed through the investigation of as little as 2% of the code base. Distribution of weaknesses and flaws between the two systems is investigated and discussed. Potential extensions to this exploratory work are also presented.