Overview
Explore an innovative approach to automated package clone detection presented at Black Hat USA 2012. Discover how the Clonewise system identifies embedded code and potential vulnerabilities in software projects. Learn about the challenges of statically linked libraries, internal code copies, and forked developments. Understand the machine learning techniques used to classify package relationships based on file similarities. Examine the system's impressive 68% true positive rate and less than 1% false positive rate when evaluated against Debian's manual database. Gain insights into how major Linux vendors like Debian and Red Hat are implementing these findings to enhance their security procedures. See how this groundbreaking work has already led to the identification and patching of over 30 previously unknown package clone vulnerabilities.
Syllabus
Black Hat USA 2012 - Clonewise: Automated Package Clone Detection
Taught by
Black Hat