Unleashing the power of pseudo-code for binary code similarity analysis.
Uloženo v:
| Název: | Unleashing the power of pseudo-code for binary code similarity analysis. |
|---|---|
| Autoři: | Zhang, Weiwei, Xu, Zhengzi, Xiao, Yang, Xue, Yinxing |
| Zdroj: | Cybersecurity (2523-3246); 12/1/2022, Vol. 5 Issue 1, p1-18, 18p |
| Témata: | BINARY codes, CONVOLUTIONAL neural networks, FLOWGRAPHS, SIMILARITY (Psychology), SOURCE code |
| Abstrakt: | Code similarity analysis has become more popular due to its significant applicantions, including vulnerability detection, malware detection, and patch analysis. Since the source code of the software is difficult to obtain under most circumstances, binary-level code similarity analysis (BCSA) has been paid much attention to. In recent years, many BCSA studies incorporating AI techniques focus on deriving semantic information from binary functions with code representations such as assembly code, intermediate representations, and control flow graphs to measure the similarity. However, due to the impacts of different compilers, architectures, and obfuscations, binaries compiled from the same source code may vary considerably, which becomes the major obstacle for these works to obtain robust features. In this paper, we propose a solution, named UPPC (Unleashing the Power of Pseudo-code), which leverages the pseudo-code of binary function as input, to address the binary code similarity analysis challenge, since pseudo-code has higher abstraction and is platform-independent compared to binary instructions. UPPC selectively inlines the functions to capture the full function semantics across different compiler optimization levels and uses a deep pyramidal convolutional neural network to obtain the semantic embedding of the function. We evaluated UPPC on a data set containing vulnerabilities and a data set including different architectures (X86, ARM), different optimization options (O0-O3), different compilers (GCC, Clang), and four obfuscation strategies. The experimental results show that the accuracy of UPPC in function search is 33.2% higher than that of existing methods. [ABSTRACT FROM AUTHOR] |
| Copyright of Cybersecurity (2523-3246) is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Databáze: | Complementary Index |
Full Text Finder 
Nájsť tento článok vo Web of Science Buďte první, kdo okomentuje tento záznam!