Detect Treble, GSI, Mainline, APEX, system-as-root(SAR), A/B, etc.

The official repository of "GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics". The paper will appear in the IEEE Symposium on Security and Privacy (S&P), San Francisco, CA, May 22-26, 2023.

The public dataset in the paper "PatchDB: A Large-Scale Security Patch Dataset". This paper appears in the 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Online, June 21-24, 2021.

PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software (ISSTA 2024)

QualvoSec is a minimalistic security patch management tool for unattended upgrades on Linux and BSD based systems that are obtaining their packages from a distribution based repository.

A demo program of security patch identification using the RNN model, which is demonstrated in the paper "PatchRNN: A Deep Learning-Based System for Security Patch Identification". This paper appears in the 2021 IEEE/AFCEA Military Communications Conference (MILCOM 2021), San Diego, USA, November 29–December 2, 2021.

Hackathor 2020 Contest Project

A Demo Program of Security Patch Identification with Graph Neural Networks.

Oversampling operations on security/non-security patches. This method is described in the paper "PatchDB: A Large-Scale Security Patch Dataset", which appears in 2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Taipei, June 21-24, 2021, pp. 149-160.

Security Patch Identification with Classical Machine Learning Algorithms.

Patch oversampling (synthesis) with direct patch analysis. This is an alternative solution to the PatchOversampling repository, providing a simpler and more direct way to synthesize patches. The original oversampling method is described in the DSN'21 paper "PatchDB: A Large-Scale Security Patch Dataset".

RNN-based security patch identification with oversampling samples. This is an extension code in the MILCOM'21 paper "PatchRNN: A Deep Learning-Based System for Security Patch Identification".

Data clearance for security patches and non-security patches. This method is described as Nearest Link Search in the paper "PatchDB: A Large-Scale Security Patch Dataset", which appears in 2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Taipei, June 21-24, 2021, pp. 149-160.

The source code in the paper "PatchRNN: A Deep Learning-Based System for Security Patch Identification". This paper appears in the 2021 IEEE/AFCEA Military Communications Conference (MILCOM 2021), San Diego, USA, November 29–December 2, 2021.

Paimon: Patch Identification Monster (extended version of GraphSPD)

This is A CLI based simple credit card manager based on Beginner to intermediate OOP fundamentals. This code is written in python and is under rigorous development and new features will be updated regularly.

Source Code for 'Pro Spring Security, 2nd Edition' by Carlo Scarioni and Massimo Nardone

A security patch for eggdrop based on the eggdrop1.1.6 hybrid(core) patch.