Deep-Learning-Based Vulnerability Detection in Binary Executables
- The identification of vulnerabilities is an important element in the software development life cycle to ensure the security of software. While vulnerability identification based on the source code is a well studied field, the identification of vulnerabilities on basis of a binary executable without the corresponding source code is more challenging. Recent research [1] has shown how such detectionThe identification of vulnerabilities is an important element in the software development life cycle to ensure the security of software. While vulnerability identification based on the source code is a well studied field, the identification of vulnerabilities on basis of a binary executable without the corresponding source code is more challenging. Recent research [1] has shown how such detection can generally be enabled by deep learning methods, but appears to be very limited regarding the overall amount of detected vulnerabilities. We analyse to what extent we could cover the identification of a larger variety of vulnerabilities. Therefore, a supervised deep learning approach using recurrent neural networks for the application of vulnerability detection based on binary executables is used. The underlying basis is a dataset with 50,651 samples of vulnerable code in the form of a standardised LLVM Intermediate Representation. Te vectorised features of a Word2Vec model are used to train different variations of three basic architectures of recurrent neural networks (GRU, LSTM, SRNN). A binary classification was established for detecting the presence of an arbitrary vulnerability, and a multi-class model was trained for the identification of the exact vulnerability, which achieved an out-of-sample accuracy of 88% and 77%, respectively. Differences in the detection of different vulnerabilities were also observed, with non-vulnerable samples being detected with a particularly high precision of over 98%. Thus, our proposed technical approach and methodology enables an accurate detection of 23 (compared to 4 [1]) vulnerabilities.…
| Document Type: | Conference Proceeding |
|---|---|
| Conference Type: | Konferenzartikel |
| Zitierlink: | https://opus.hs-offenburg.de/8391 | Bibliografische Angaben |
| Title (English): | Deep-Learning-Based Vulnerability Detection in Binary Executables |
| Conference: | International Symposium on Foundations & Practice of Security (15. : December 12-14, 2022 : Ottawa, Canada) |
| Author: | Andreas SchaadStaff MemberGND, Dominik BinderStaff MemberGND |
| Edition: | 1. |
| Year of Publication: | 2023 |
| Place of publication: | Cham |
| Publisher: | Springer |
| First Page: | 453 |
| Last Page: | 460 |
| Parent Title (English): | Foundations and Practice of Security : 15th International Symposium, FPS 2022, Ottawa, ON, Canada, December 12–14, 2022, Revised Selected Papers |
| Editor: | Guy-Vincent Jourdan, Laurent Mounier, Carlisle Adams, Florence Sèdes, Joaquin Garcia-Alfaro |
| Volume: | LNCS 13877 |
| ISBN: | 978-3-031-30121-6 (Softcover) |
| ISBN: | 978-3-031-30122-3 (eBook) |
| DOI: | https://doi.org/10.1007/978-3-031-30122-3_28 |
| Language: | English | Inhaltliche Informationen |
| Institutes: | Forschung / ivESK - Institut für verlässliche Embedded Systems und Kommunikationselektronik |
| Fakultät Medien (M) (ab 22.04.2021) | |
| Institutes: | Bibliografie |
| Tag: | Binary Executable; Deep Learning |
| Funded by (selection): | Bundesministerium für Bildung und Forschung |
| Funding number: | 16KIS1403 | Formale Angaben |
| Relevance: | Konferenzbeitrag: h5-Index < 30 |
| Open Access: | Closed |
| Licence (German): |  Urheberrechtlich geschützt |