• Home
• Library
• DRO home

Clonewise - detecting package-level clones using machine learning Cesare, Silvio, Xiang, Yang and Zhang, Jun 2013, Clonewise - detecting package-level clones using machine learning, in Security and privacy in communication networks, Springer International Publishing, Berlin, Germany, pp.197-215. Attached Files Name Description MIMEType Size Downloads Title Clonewise - detecting package-level clones using machine learning Author(s) Cesare, Silvio Xiang, Yang Zhang, Jun Title of book Security and privacy in communication networks Editor(s) Zia, Tanveer Zomaya, Albert Varadharajan, Vijay Mao, Morley Publication date 2013 Series Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering ; v.127 Chapter number 13 Total chapters 26 Start page 197 End page 215 Total pages 19 Publisher Springer International Publishing Place of Publication Berlin, Germany Keyword(s) vulnerability detection code clone Linux Summary Developers sometimes maintain an internal copy of another software or fork development of an existing project. This practice can lead to software vulnerabilities when the embedded code is not kept up to date with upstream sources. We propose an automated solution to identify clones of packages without any prior knowledge of these relationships. We then correlate clones with vulnerability information to identify outstanding security problems. This approach motivates software maintainers to avoid using cloned packages and link against system wide libraries. We propose over 30 novel features that enable us to use to use pattern classification to accurately identify package-level clones. To our knowledge, we are the first to consider clone detection as a classification problem. Our results show our system, Clonewise, compares well to manually tracked databases. Based on our work, over 30 unknown package clones and vulnerabilities have been identified and patched. Notes This paper was presented at the International Conference on Security and Privacy in Communication Networks (9th : 2013 : Sydney, NSW) ISBN 3319042831 9783319042831 Language eng Field of Research 109999 Technology not elsewhere classified Socio Economic Objective 970110 Expanding Knowledge in Technology HERDC Research category B1 Book chapter ERA Research output type B Book chapter HERDC collection year 2013 Copyright notice ©2013, Springer Persistent URL http://hdl.handle.net/10536/DRO/DU:30060720 Document type: Book Chapter Collection: School of Information Technology Related Links Link Description Connect to published version (restricted access) Go to link with your DU access privileges     Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved. Versions Version Filter Type Thu, 20 Feb 2014, 11:08:06 EST Thu, 20 Feb 2014, 11:31:02 EST Tue, 18 Mar 2014, 10:26:55 EST Thu, 10 Apr 2014, 16:26:09 EST Fri, 11 Apr 2014, 08:21:53 EST Fri, 11 Apr 2014, 14:30:41 EST Tue, 15 Jul 2014, 11:48:57 EST Thu, 28 Aug 2014, 07:33:57 EST Filtered Full Access Statistics: 48 Abstract Views, 3 File Downloads  -  Detailed Statistics Created: Thu, 20 Feb 2014, 11:08:06 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.