Binary program vulnerability detection is an important issue in the field of software security. Most of the existing deep learning vulnerability detection methods for binary programs are based on RNN networks or transformer architectures. Due to the characteristic of short length of assembly instruction but long length of instruction sequence, traditional RNNs may encounter gradient vanishing or exploding problems, making it difficult to capture long-term dependencies when dealing with long sequences. Transformer architecture, although it has excellent performance, has high computational complexity, which leads to inefficient detection. In this work, we propose a new binary program code vulnerability detection method that employs a staged code representation architecture and a novel xLSTM model. The staged code representation architecture combines instruction coding network and program coding network to capture long-term dependencies vulnerable instructions, thus improving binary program vulnerability detection performance. The xLSTM improves the performance of binary program vulnerability detection with low resource overhead. Our method achieves the highest F1-meansure and recall compared with the SOTA methods. Our method can achieve comparable performance of transformers architecture with reduced resource overhead. These results demonstrate the advantages of our approach for binary program vulnerability detection.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Binary Slice-Level Vulnerability Detection with xLSTM-Based Models: Enhancing Long-Term Semantic Capture

  • Peng Yin,
  • Yekun Ke,
  • Qi Wang,
  • Wenxin Tao,
  • Fangyuan Hou,
  • Yiwei Liu,
  • Xiaohong Su

摘要

Binary program vulnerability detection is an important issue in the field of software security. Most of the existing deep learning vulnerability detection methods for binary programs are based on RNN networks or transformer architectures. Due to the characteristic of short length of assembly instruction but long length of instruction sequence, traditional RNNs may encounter gradient vanishing or exploding problems, making it difficult to capture long-term dependencies when dealing with long sequences. Transformer architecture, although it has excellent performance, has high computational complexity, which leads to inefficient detection. In this work, we propose a new binary program code vulnerability detection method that employs a staged code representation architecture and a novel xLSTM model. The staged code representation architecture combines instruction coding network and program coding network to capture long-term dependencies vulnerable instructions, thus improving binary program vulnerability detection performance. The xLSTM improves the performance of binary program vulnerability detection with low resource overhead. Our method achieves the highest F1-meansure and recall compared with the SOTA methods. Our method can achieve comparable performance of transformers architecture with reduced resource overhead. These results demonstrate the advantages of our approach for binary program vulnerability detection.