{"title":"Binary Vulnerability Similarity Detection Based on Function Parameter Dependency","authors":"Bing Xia, Wenbo Liu, Qudong He, Fudong Liu, Jianmin Pang, Ruinan Yang, Jiabin Yin, Yunxiang Ge","doi":"10.4018/ijswis.322392","DOIUrl":null,"url":null,"abstract":"Many existing works compute the binary vulnerability similarity based on binary procedure, which has coarse detection granularity and cannot locate the vulnerability trigger position accurately, and have a higher false positive rate, so a new binary vulnerability similarity detection method based on function parameter dependency in hazard API is proposed. First, convert the instructions of different architectures into an intermediate language, and use the compiler with a back-end optimizer to optimize and normalize the binary procedure. Then, locate the hazard API that appears in the binary procedure, and perform the function parameters dependency analysis to generate a set of parameter slices on the hazard API. Experiments show that the method has a higher recall rate (up to 14.3% better than the baseline model) in real-world scenarios, and not only locates the triggering position of the vulnerability but also identifies the fixed vulnerability.","PeriodicalId":54934,"journal":{"name":"International Journal on Semantic Web and Information Systems","volume":"4 1","pages":""},"PeriodicalIF":4.1000,"publicationDate":"2023-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal on Semantic Web and Information Systems","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.4018/ijswis.322392","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
引用次数: 2
Abstract
Many existing works compute the binary vulnerability similarity based on binary procedure, which has coarse detection granularity and cannot locate the vulnerability trigger position accurately, and have a higher false positive rate, so a new binary vulnerability similarity detection method based on function parameter dependency in hazard API is proposed. First, convert the instructions of different architectures into an intermediate language, and use the compiler with a back-end optimizer to optimize and normalize the binary procedure. Then, locate the hazard API that appears in the binary procedure, and perform the function parameters dependency analysis to generate a set of parameter slices on the hazard API. Experiments show that the method has a higher recall rate (up to 14.3% better than the baseline model) in real-world scenarios, and not only locates the triggering position of the vulnerability but also identifies the fixed vulnerability.
期刊介绍:
The International Journal on Semantic Web and Information Systems (IJSWIS) promotes a knowledge transfer channel where academics, practitioners, and researchers can discuss, analyze, criticize, synthesize, communicate, elaborate, and simplify the more-than-promising technology of the semantic Web in the context of information systems. The journal aims to establish value-adding knowledge transfer and personal development channels in three distinctive areas: academia, industry, and government.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
