BVDetector: A program slice-based binary code vulnerability intelligent detection system

摘要

Context: Software vulnerability detection is essential to ensure cybersecurity. Currently, most software is published in binary form, thus researchers can only detect vulnerabilities in these software by analysing binary programs. Although existing research approaches have made a substantial contribution to binary vulnerability detection, there are still many deficiencies, such as high false positive rate, detection with coarse granularly, and dependence on expert experience.Objective: The goal of this study is to perform fine-grained intelligent detection on the vulnerabilities in binary programs. This leads us to propose a fine-grained representation of binary programs and introduce deep learning techniques to intelligently detect the vulnerabilities.Method: We use program slices of library/API function calls to represent binary programs. Additionally, we design and construct a Binary Gated Recurrent Unit (BGRU) network model to intelligently learn vulnerability patterns and automatically detect vulnerabilities in binary programs.Results: This approach yields the design and implementation of a program slice-based binary code vulnerability intelligent detection system called BVDetector. We show that BVDetector can effectively detect vulnerabilities related to library/API function calls in binary programs, which reduces the false positive rate and false negative rate of vulnerability detection.Conclusion: This paper proposes a program slice-based binary code vulnerability intelligent detection system called BVDetector. The experimental results show that BVDetector can effectively reduce the false negative rate and false positive rate of binary vulnerability detection.