Conducting binary function naming helps reverse engineers understand the internal workings of the code and perform malicious code analysis without accessing the source code. However, the loss of debugging information ...
详细信息
Open source code reuse and code cross-platform deployment accelerate the spread of software vulnerabilities, and pose challenges for accurate detection of cross-platform vulnerabilities. The binary vulnerability simil...
详细信息
Conducting binary function naming helps reverse engineers understand the internal workings of the code and perform malicious code analysis without accessing the source code. However, the loss of debugging information ...
Conducting binary function naming helps reverse engineers understand the internal workings of the code and perform malicious code analysis without accessing the source code. However, the loss of debugging information poses the challenge of insufficient high-level semantic information description for stripping binary code function naming. Meanwhile, the existing binary function naming scheme has one function label for only one sample. The long-tail effect of function labels for a single sample makes the machine learning-based prediction models face the challenge. To obtain a function correlation label and improve the propensity score of uncommon tail labels, we propose a multi-label learning-based binary function naming model BContext2Name. This model automatically generates relevant labels for binary function naming by function context information with the help of PfastreXML model. The experimental results show that BContext2Name can enrich function labels and alleviate the long-tail effect that exists for a single sample class. To obtain high-level semantics of binary functions, we align pseudocode and basic blocks based on disassembly and decompilation, identify concrete or abstract values of API parameters by variable tracking, and construct API-enhanced control flow graphs. Finally, a seq2seq neural network translation model with attention mechanism is constructed between function multi-label learning and enhanced control flow graphs. Experiments on the dataset reveal that the F1 values of the BContext2Name model improve by 3.55% and 15.23% over the state-of-the-art XFL and Nero, respectively. This indicates that function multi-label learning can provide accurate labels for binary functions and can help reverse analysts understand the inner working mechanism of binary code. Code and data for this evaluation are available at https://***/CSecurityZhongYuan/BContext2Name.
作者:
Bing XiaChongjun TangWenbo LiuShihao ChuYu Dongdept
Key Laboratory of Mathematical Engineering and Advanced Computing ZhongYuan University of Technology Zhengzhou China dept
Henan Key Laboratory on Public Opinion Intelligent Analysis ZhongYuan University of Technology Zhengzhou China dept
ZhongYuan University of Technology Zhengzhou China
Open source code reuse and code cross-platform deployment accelerate the spread of software vulnerabilities, and pose challenges for accurate detection of cross-platform vulnerabilities. The binary vulnerability simil...
Open source code reuse and code cross-platform deployment accelerate the spread of software vulnerabilities, and pose challenges for accurate detection of cross-platform vulnerabilities. The binary vulnerability similarity detection method based on machine learning lacks a fine-grained vulnerability similarity feature filtering mechanism, and cannot solve cross-function vulnerabilities triggered by data dependencies, resulting in a high vulnerability false positive rate in existing solutions, which limits practical applications. Software code vulnerabilities are usually caused by function key statements. Therefore, based on binary function decompilation, we identify the key statement that causes the vulnerability, analyze the cross-function data dependency of the key statements, extract the code similarity features and code vulnerability features of the key statements, and propose a feature filtering-based Binary vulnerability detection method SimFilter. SimFilter calculates the similarity of key statements by comparing the characteristics of function key statements, and infers the similarity of binary function vulnerabilities based on the similarity of key statements. The experimental results show that the vulnerability semantic features extracted by SimFilter are highly interpretable, and the accuracy rate is increased by 10.8% compared with other models. At the same time, we analyzed and evaluated the impact of different similarity features on the accuracy of SimFilter, and gave the best empirical value of the SimFilter model in firmware vulnerability detection.
With the advancement of information technology, the rapid increase in software systems has led to a growing demand for research on vulnerability detection. In recent years, the fast-paced development of deep learning ...
详细信息
ISBN:
(数字)9798331506209
ISBN:
(纸本)9798331506216
With the advancement of information technology, the rapid increase in software systems has led to a growing demand for research on vulnerability detection. In recent years, the fast-paced development of deep learning has introduced new approaches and directions for this field. Existing source code vulnerability detection methods often fail to explicitly preserve the semantic information related to vulnerabilities in the source code, leading to difficulties in extracting vulnerable code features and high false-positive rates in detection. To address these issues, this study proposes a vulnerability detection method for intermediate code based on a relational dependency graph (RDG). After converting the source code into an intermediate representation, it is mapped to an RDG, which accurately expresses the data and control flow dependencies within the program. This approach retains critical node features and refines the types of control flow and data flow edges. By leveraging this method, it becomes possible to trace program data and control dependencies, understand data flow directions, and analyze interactions between different parts of the program, enabling the precise identification and interpretation of potential security vulnerabilities. Drawing on concepts from code property graphs (CPG), this method enhances the understanding and capture of complex relationships between nodes in graph-structured data. By performing vulnerability detection on intermediate code, this approach avoids false positives and negatives caused by language or platform-specific differences, thereby enabling deeper identification and interpretation of complex vulnerability patterns in source code. Experimental results on the SARD dataset demonstrate that the proposed method achieves a high precision rate of 98.7% for detecting command injection vulnerabilities (CWE78), significantly outperforming traditional methods.
Emerging heterogeneous interconnects have shown lower latency and higher throughput, which can improve the efficiency of communication and create new opportunities for memory system designs. In this paper, transmissio...
详细信息
ISBN:
(纸本)9781450333962
Emerging heterogeneous interconnects have shown lower latency and higher throughput, which can improve the efficiency of communication and create new opportunities for memory system designs. In this paper, transmission lines are employed as a latency-optimized network and combined with a packet-switched network to create heterogeneous interconnects improving the efficiencies of on-chip communication and cache coherence. We take advantage of this heterogeneous interconnect design, and keep cache coherence adaptively based on data locality. Different type of messages are adaptively directed through selected medium of the heterogeneous interconnects to enhance cache coherence effectiveness. Compared with a state-of-the-art coherence mechanism, the proposed technique can reduce the coherence overhead by 24%, reduce the network energy consumption by 35%, and improve the system performance by 25% on a 64-core system. Copyright is held by the owner/author(s).
A1 Functional advantages of cell-type heterogeneity in neural circuits Tatyana O. Sharpee A2 Mesoscopic modeling of propagating waves in visual cortex Alain Destexhe A3 Dynamics and biomarkers of mental disorders Mits...
A1 Functional advantages of cell-type heterogeneity in neural circuits Tatyana O. Sharpee A2 Mesoscopic modeling of propagating waves in visual cortex Alain Destexhe A3 Dynamics and biomarkers of mental disorders Mitsuo Kawato F1 Precise recruitment of spiking output at theta frequencies requires dendritic h-channels in multi-compartment models of oriens-lacunosum/moleculare hippocampal interneurons Vladislav Sekulić, Frances K. Skinner F2 Kernel methods in reconstruction of current sources from extracellular potentials for single cells and the whole brains Daniel K. Wójcik, Chaitanya Chintaluri, Dorottya Cserpán, Zoltán Somogyvári F3 The synchronized periods depend on intracellular transcriptional repression mechanisms in circadian clocks. Jae Kyoung Kim, Zachary P. Kilpatrick, Matthew R. Bennett, Kresimir Josić O1 Assessing irregularity and coordination of spiking-bursting rhythms in central pattern generators Irene Elices, David Arroyo, Rafael Levi, Francisco B. Rodriguez, Pablo Varona O2 Regulation of top-down processing by cortically-projecting parvalbumin positive neurons in basal forebrain Eunjin Hwang, Bowon Kim, Hio-Been Han, Tae Kim, James T. McKenna, Ritchie E. Brown, Robert W. McCarley, Jee Hyun Choi O3 Modeling auditory stream segregation, build-up and bistability James Rankin, Pamela Osborn Popp, John Rinzel O4 Strong competition between tonotopic neural ensembles explains pitch-related dynamics of auditory cortex evoked fields Alejandro Tabas, André Rupp, Emili Balaguer-Ballester O5 A simple model of retinal response to multi-electrode stimulation Matias I. Maturana, David B. Grayden, Shaun L. Cloherty, Tatiana Kameneva, Michael R. Ibbotson, Hamish Meffin O6 Noise correlations in V4 area correlate with behavioral performance in visual discrimination task Veronika Koren, Timm Lochmann, Valentin Dragoi, Klaus Obermayer O7 Input-location dependent gain modulation in cerebellar nucleus neurons Maria Psarrou, Maria Schilstra, Neil Davey, Benjamin Torben-Ni
暂无评论