{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T04:04:12Z","timestamp":1775016252884,"version":"3.50.1"},"reference-count":65,"publisher":"Association for Computing Machinery (ACM)","issue":"6","license":[{"start":{"date-parts":[[2023,9,30]],"date-time":"2023-09-30T00:00:00Z","timestamp":1696032000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100012166","name":"National Key R&D Program of China","doi-asserted-by":"crossref","award":["2022YFB3103904"],"award-info":[{"award-number":["2022YFB3103904"]}],"id":[{"id":"10.13039\/501100012166","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Strategic Priority Research Program of Chinese Academy of Sciences","award":["XDC02020100"],"award-info":[{"award-number":["XDC02020100"]}]},{"name":"Joint Fund Cultivation Project of National Natural Science Foundation of China","award":["U1636120"],"award-info":[{"award-number":["U1636120"]}]},{"name":"Science and Technology Project of State Grid Corporation of China","award":["5700-202258499A-3-0-ZZ"],"award-info":[{"award-number":["5700-202258499A-3-0-ZZ"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"crossref","award":["U1766215"],"award-info":[{"award-number":["U1766215"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100020771","name":"Young Scientists Fund of the National Natural Science Foundation of China","doi-asserted-by":"crossref","award":["62002342"],"award-info":[{"award-number":["62002342"]}],"id":[{"id":"10.13039\/501100020771","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100001809","name":"Chinese National Natural Science Foundation","doi-asserted-by":"crossref","award":["62202462"],"award-info":[{"award-number":["62202462"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Softw. Eng. Methodol."],"published-print":{"date-parts":[[2023,11,30]]},"abstract":"Vulnerability is a major threat to software security. It has been proven that binary code similarity detection approaches are efficient to search for recurring vulnerabilities introduced by code sharing in binary software. However, these approaches suffer from high false-positive rates (FPRs) since they usually take the patched functions as vulnerable, and they usually do not work well when binaries are compiled with different compilation settings.<\/jats:p>\n \n To this end, we propose an approach, named\n Robin<\/jats:sc>\n , to confirm recurring vulnerabilities by filtering out patched functions.\n Robin<\/jats:sc>\n is powered by a lightweight symbolic execution to solve the set of function inputs that can lead to the vulnerability-related code. It then executes the target functions with the same inputs to capture the vulnerable or patched behaviors for patched function filtration. Experimental results show that\n Robin<\/jats:sc>\n achieves high accuracy for patch detection across different compilers and compiler optimization levels respectively on 287 real-world vulnerabilities of 10 different software. Based on accurate patch detection,\n Robin<\/jats:sc>\n significantly reduces the false-positive rate of state-of-the-art vulnerability detection tools (by 94.3% on average), making them more practical.\n Robin<\/jats:sc>\n additionally detects 12 new potentially vulnerable functions.\n <\/jats:p>","DOI":"10.1145\/3604608","type":"journal-article","created":{"date-parts":[[2023,6,17]],"date-time":"2023-06-17T08:41:40Z","timestamp":1686991300000},"page":"1-29","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":29,"title":["Towards Practical Binary Code Similarity Detection: Vulnerability Verification via Patch Semantic Analysis"],"prefix":"10.1145","volume":"32","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4385-8261","authenticated-orcid":false,"given":"Shouguo","family":"Yang","sequence":"first","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8390-7518","authenticated-orcid":false,"given":"Zhengzi","family":"Xu","sequence":"additional","affiliation":[{"name":"School of Computer Science and Engineering, Nanyang Technological University, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-8009-2252","authenticated-orcid":false,"given":"Yang","family":"Xiao","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9915-8312","authenticated-orcid":false,"given":"Zhe","family":"Lang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8866-7074","authenticated-orcid":false,"given":"Wei","family":"Tang","sequence":"additional","affiliation":[{"name":"School of Software, Tsinghua University, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7300-9215","authenticated-orcid":false,"given":"Yang","family":"Liu","sequence":"additional","affiliation":[{"name":"School of Computer Science and Engineering, Nanyang Technological University, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6168-8003","authenticated-orcid":false,"given":"Zhiqiang","family":"Shi","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1353-7838","authenticated-orcid":false,"given":"Hong","family":"Li","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2745-7521","authenticated-orcid":false,"given":"Limin","family":"Sun","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]}],"member":"320","published-online":{"date-parts":[[2023,9,30]]},"reference":[{"key":"e_1_3_1_2_2","unstructured":"2010. angr. Retrieved February 15 2021 from https:\/\/angr.io\/"},{"key":"e_1_3_1_3_2","unstructured":"2015. CVE - CVE-2015-0288. Retrieved February 21 2021 from https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=cve-2015-0288"},{"key":"e_1_3_1_4_2","unstructured":"2018. the-overlooked-problem-of-n-day-vulnerabilities. Retrieved February 08 2021 from https:\/\/www.darkreading.com\/vulnerabilities-threats\/the-overlooked-problem-of-n-day-vulnerabilities"},{"key":"e_1_3_1_5_2","article-title":"CVE - CVE-2015-0209","year":"2021","unstructured":"2021. CVE - CVE-2015-0209 Retrieved February 23, 2021 from https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-0209","journal-title":"R"},{"key":"e_1_3_1_6_2","article-title":"CVE - CVE-2015-0289","year":"2021","unstructured":"2021. CVE - CVE-2015-0289 Retrieved February 16, 2021 from https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-0289","journal-title":"R"},{"key":"e_1_3_1_7_2","article-title":"CVE - CVE-2016-2181","year":"2021","unstructured":"2021. CVE - CVE-2016-2181 Retrieved February 23, 2021 from https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-2181","journal-title":"R"},{"key":"e_1_3_1_8_2","unstructured":"2021. GitHub - Z3Prover\/z3: The Z3 Theorem Prover. Retrieved February 15 2021 from https:\/\/github.com\/Z3Prover\/z3"},{"key":"e_1_3_1_9_2","unstructured":"2021. IDA Pro \u2013 Hex Rays. Retrieved February 15 2021 from https:\/\/www.hex-rays.com\/products\/ida\/"},{"key":"e_1_3_1_10_2","unstructured":"2021. NVD - Home. Retrieved February 16 2021 from https:\/\/nvd.nist.gov\/"},{"key":"e_1_3_1_11_2","unstructured":"2021. Source Code of Robin. Retrieved December 10 2021 from https:\/\/github.com\/shouguoyang\/Robin"},{"key":"e_1_3_1_12_2","unstructured":"2021. Vulnerability information. Retrieved December 10 2021 from https:\/\/github.com\/shouguoyang\/Robin\/blob\/master\/vulnerability_note.md"},{"key":"e_1_3_1_13_2","unstructured":"2021. x86 Function Attributes. Retrieved February 08 2021 from https:\/\/gcc.gnu.org\/onlinedocs\/gcc\/x86-Function-Attributes.html"},{"key":"e_1_3_1_14_2","unstructured":"2022. cve-2015-3196. Retrieved December 29 2022 from https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=cve-2015-3196"},{"key":"e_1_3_1_15_2","unstructured":"2022. fix commit for CVE-2017-13051. Retrieved December 29 2022 from https:\/\/github.com\/the-tcpdump-group\/tcpdump\/commit\/289c672020280529fd382f3502efab7100d638ec"},{"key":"e_1_3_1_16_2","doi-asserted-by":"publisher","DOI":"10.1145\/3564625.3567975"},{"key":"e_1_3_1_17_2","doi-asserted-by":"publisher","DOI":"10.1145\/2560217.2560219"},{"key":"e_1_3_1_18_2","doi-asserted-by":"publisher","DOI":"10.1007\/BFb0055009"},{"key":"e_1_3_1_19_2","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP48549.2020.00012"},{"key":"e_1_3_1_20_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.31"},{"key":"e_1_3_1_21_2","doi-asserted-by":"publisher","DOI":"10.1145\/2950290.2950350"},{"key":"e_1_3_1_22_2","first-page":"1147","volume-title":"Proceedings of the 29th \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 20)","author":"Dai Jiarun","year":"2020","unstructured":"Jiarun Dai, Yuan Zhang, Zheyue Jiang, Yingtian Zhou, Junyan Chen, Xinyu Xing, Xiaohan Zhang, Xin Tan, Min Yang, and Zhemin Yang. 2020. BScout: Direct whole patch presence test for java executables. In Proceedings of the 29th \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 20). 1147\u20131164."},{"key":"e_1_3_1_23_2","doi-asserted-by":"publisher","DOI":"10.1145\/2666356.2594343"},{"key":"e_1_3_1_24_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00003"},{"key":"e_1_3_1_25_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24311"},{"key":"e_1_3_1_26_2","doi-asserted-by":"crossref","unstructured":"Zakir Durumeric Frank Li James Kasten Johanna Amann Jethro Beekman Mathias Payer Nicolas Weaver David Adrian Vern Paxson Michael Bailey and J. Alex Halderman. 2014. The matter of heartbleed. In Proceedings of the 2014 Conference on Internet Measurement Conference . 475\u2013488.","DOI":"10.1145\/2663716.2663755"},{"key":"e_1_3_1_27_2","first-page":"303","volume-title":"Proceedings of the 23rd \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 14)","author":"Egele Manuel","year":"2014","unstructured":"Manuel Egele, Maverick Woo, Peter Chapman, and David Brumley. 2014. Blanket execution: Dynamic similarity testing for program binaries and components. In Proceedings of the 23rd \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 14). 303\u2013317."},{"key":"e_1_3_1_28_2","doi-asserted-by":"publisher","DOI":"10.1145\/1273463.1273464"},{"key":"e_1_3_1_29_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23185"},{"key":"e_1_3_1_30_2","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3052995"},{"key":"e_1_3_1_31_2","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978370"},{"key":"e_1_3_1_32_2","doi-asserted-by":"publisher","DOI":"10.1145\/3236024.3275524"},{"key":"e_1_3_1_33_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.13"},{"key":"e_1_3_1_34_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2007.30"},{"key":"e_1_3_1_35_2","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417240"},{"key":"e_1_3_1_36_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.62"},{"key":"e_1_3_1_37_2","doi-asserted-by":"publisher","DOI":"10.5555\/25591.25595"},{"key":"e_1_3_1_38_2","doi-asserted-by":"publisher","DOI":"10.1109\/IPCCC51483.2021.9679443"},{"key":"e_1_3_1_39_2","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991102"},{"key":"e_1_3_1_40_2","doi-asserted-by":"publisher","DOI":"10.1145\/3238147.3238199"},{"key":"e_1_3_1_41_2","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom\/BigDataSE.2018.00114"},{"key":"e_1_3_1_42_2","first-page":"1769","volume-title":"Proceedings of the 28th \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 19)","author":"Lu Kangjie","year":"2019","unstructured":"Kangjie Lu, Aditya Pakki, and Qiushi Wu. 2019. Detecting missing-check bugs via semantic-and context-aware criticalness and constraints inferences. In Proceedings of the 28th \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 19). 1769\u20131786."},{"key":"e_1_3_1_43_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22038-9_15"},{"key":"e_1_3_1_44_2","doi-asserted-by":"crossref","unstructured":"Kexin Pei Zhou Xuan Junfeng Yang Suman Jana and Baishakhi Ray. 2022. Learning approximate execution semantics from traces for binary function similarity. IEEE Transactions on Software Engineering 49 4 (2022) 2776\u20132790.","DOI":"10.1109\/TSE.2022.3231621"},{"key":"e_1_3_1_45_2","first-page":"49","volume-title":"Proceedings of the 24th \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 15)","author":"Ramos David A.","year":"2015","unstructured":"David A. Ramos and Dawson Engler. 2015. Under-constrained symbolic execution: Correctness checking for real code. In Proceedings of the 24th \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 15). 49\u201364."},{"key":"e_1_3_1_46_2","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884877"},{"key":"e_1_3_1_47_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSR.2010.5463293"},{"key":"e_1_3_1_48_2","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9781107298019"},{"key":"e_1_3_1_49_2","doi-asserted-by":"crossref","unstructured":"Peiyuan Sun Qiben Yan Haoyi Zhou and Jianxin Li. 2021. Osprey: A fast and accurate patch presence test framework for binaries. Computer Communications 173 (2021) 95\u2013106.","DOI":"10.1016\/j.comcom.2021.03.011"},{"key":"e_1_3_1_50_2","volume-title":"Fuzzing: Brute Force Vulnerability Discovery","author":"Sutton Michael","year":"2007","unstructured":"Michael Sutton, Adam Greene, and Pedram Amini. 2007. Fuzzing: Brute Force Vulnerability Discovery. Pearson Education."},{"key":"e_1_3_1_51_2","doi-asserted-by":"crossref","unstructured":"Sami Ullah and Heekuck Oh. 2021. BinDiff NN: Learning distributed representation of assembly for robust binary diffing against semantic differences. IEEE Transactions on Software Engineering 48 9 (2021) 3442\u20133466.","DOI":"10.1109\/TSE.2021.3093926"},{"key":"e_1_3_1_52_2","unstructured":"Ilja Van Sprundel. 2005. Fuzzing: Breaking software in an automated fashion. Decmember 8th (2005)."},{"key":"e_1_3_1_53_2","doi-asserted-by":"crossref","unstructured":"Hao Wang Wenjie Qu Gilad Katz Wenyu Zhu Zeyu Gao Han Qiu Jianwei Zhuge and Chao Zhang. 2022. Jtrans: Jump-aware transformer for binary code similarity detection. In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis . 1\u201313.","DOI":"10.1145\/3533767.3534367"},{"key":"e_1_3_1_54_2","unstructured":"Yang Xiao Bihuan Chen Chendong Yu Zhengzi Xu Zimu Yuan Feng Li Binghong Liu Yang Liu Wei Huo Wei Zou and Wenchang Shi. 2020. MVP: Detecting vulnerabilities using patch-enhanced vulnerability signatures. In Proceedings of the 29th USENIX Security Symposium (USENIX Security 20) . 1165\u20131182."},{"key":"e_1_3_1_55_2","doi-asserted-by":"publisher","DOI":"10.1109\/SANER50967.2021.00028"},{"key":"e_1_3_1_56_2","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134018"},{"key":"e_1_3_1_57_2","doi-asserted-by":"publisher","DOI":"10.1145\/3395363.3397361"},{"key":"e_1_3_1_58_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2017.49"},{"key":"e_1_3_1_59_2","first-page":"2397","volume-title":"Proceedings of the 29th \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 20)","author":"Xu Zhengzi","year":"2020","unstructured":"Zhengzi Xu, Yulong Zhang, Longri Zheng, Liangzhao Xia, Chenfu Bao, Zhi Wang, and Yang Liu. 2020. Automatic hot patch generation for android kernels. In Proceedings of the 29th \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 20). 2397\u20132414."},{"key":"e_1_3_1_60_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2827379"},{"key":"e_1_3_1_61_2","first-page":"13","volume-title":"Proceedings of the 5th USENIX Conference on Offensive Technologies","author":"Yamaguchi Fabian","year":"2011","unstructured":"Fabian Yamaguchi, Felix Lindner, and Konrad Rieck. 2011. Vulnerability extrapolation: Assisted discovery of vulnerabilities using machine learning. In Proceedings of the 5th USENIX Conference on Offensive Technologies. 13\u201313."},{"key":"e_1_3_1_62_2","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2421003"},{"key":"e_1_3_1_63_2","doi-asserted-by":"publisher","DOI":"10.1109\/DSN48987.2021.00036"},{"key":"e_1_3_1_64_2","first-page":"887","volume-title":"Proceedings of the 27th \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 18)","author":"Zhang Hang","year":"2018","unstructured":"Hang Zhang and Zhiyun Qian. 2018. Precise and accurate patch presence test for binaries. In Proceedings of the 27th \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security Symposium ( \\(\\lbrace\\) USENIX \\(\\rbrace\\) Security 18). 887\u2013902."},{"key":"e_1_3_1_65_2","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3423342"},{"key":"e_1_3_1_66_2","doi-asserted-by":"crossref","unstructured":"Fei Zuo Xiaopeng Li Patrick Young Lannan Luo Qiang Zeng and Zhexin Zhang. 2018. Neural machine translation inspired binary code similarity comparison beyond function pairs. In Proceedings of 26th Annual Network and Distributed System Security Symposium (NDSS\u201918) .","DOI":"10.14722\/ndss.2019.23492"}],"container-title":["ACM Transactions on Software Engineering and Methodology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3604608","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3604608","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:46:03Z","timestamp":1750178763000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3604608"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,9,30]]},"references-count":65,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2023,11,30]]}},"alternative-id":["10.1145\/3604608"],"URL":"https:\/\/doi.org\/10.1145\/3604608","relation":{},"ISSN":["1049-331X","1557-7392"],"issn-type":[{"value":"1049-331X","type":"print"},{"value":"1557-7392","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,9,30]]},"assertion":[{"value":"2022-07-24","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-05-23","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-09-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}