【摘 要】
:
Tackling binary program analysis problems has traditionally implied manually defining rules and heuristics,a tedious and time consuming task for human analysts.In order to improve automation and scalability,we propose an alternative direction based on dis
【机 构】
:
Information Sciences Institute,4676 Admiralty Way,Marina Del Rey,CA,USA
论文部分内容阅读
Tackling binary program analysis problems has traditionally implied manually defining rules and heuristics,a tedious and time consuming task for human analysts.In order to improve automation and scalability,we propose an alternative direction based on distributed representations of binary programs with applicability to a number of downstream tasks.We introduce Bin2vec,a new approach leveraging Graph Convolutional Networks(GCN)along with computational program graphs in order to learn a high dimensional representation of binary executable programs.We demonstrate the versatility of this approach by using our representations to solve two semantically different binary analysis tasks-functional algorithm classification and vulnerability discovery.We compare the proposed approach to our own strong baseline as well as published results,and demonstrate improvement over state-of-the-art methods for both tasks.We evaluated Bin2vec on 49191 binaries for the functional algorithm classification task,and on 30 different CWE-IDs including at least 100 CVE entries each for the vulnerability discovery task.We set a new state-of-the-art result by reducing the classification error by 40%compared to the source-code based inst2vec approach,while working on binary code.For almost every vulnerability class in our dataset,our prediction accuracy is over 80%(and over 90%in multiple classes).
其他文献
Gradual increase in the number of successful attacks against Industrial Control Systems(ICS)has led to an urgent need to create defense mechanisms for accurate and timely detection of the resulting process anomalies.Towards this end,a class of anomaly det
Due to its provable security and remarkable device-independence,masking has been widely accepted as a noteworthy algorithmic-level countermeasure against side-channel attacks.However,relatively high cost of masking severely limits its applicability.Consid
近年来,近红外二区荧光显影技术已在临床应用获得进展。与近红外一区荧光显影技术比较,其在显现肝脏肿瘤和胆道系统中具有更高成像质量、肿瘤敏感性和深层显像能力。近红外二区荧光显影技术作为一种能够提供高信背比和更深组织穿透等特性的术中实时影像技术,能够在提高手术安全性和治疗效果的同时缩短手术时间,具有良好发展前景和拓展潜力。随着新型染料的开发,这项技术能够在肝癌靶向成像、胆管灌注评估和远端胆总管显像等方面发挥更大作用。笔者就近红外二区荧光显影技术应用于肝胆外科的研究进展进行综述。“,”Near infrared
In recent years,the widespread applications of open-source software(OSS)have brought great convenience for software developers.However,it is always facing unavoidable security risks,such as open-source code defects and security vulnerabilities.To find out
Malware analysis is a task of utmost importance in cyber-security.Two approaches exist for malware analysis:static and dynamic.Modern malware uses an abundance of techniques to evade both dynamic and static analysis tools.Current dynamic analysis solution
腹腔感染常继发于腹腔中各类器官的损伤或病变,或者发生于腹部手术后。随着营养支持理念和技术的不断发展,营养支持逐渐成为腹腔感染病人治疗的重要手段之一。腹腔感染的综合治疗包括感染源控制、合理抗感染治疗、器官功能支持、营养治疗、免疫调理等。笔者回溯国内外相关研究成果,结合团队临床经验,对腹腔感染的营养支持策略进行分析和阐述。“,”Intra-abdominal infection is often secondary to the injury or lesion of various organs in th
Social engineering has posed a serious threat to cyberspace security.To protect against social engineering attacks,a fundamental work is to know what constitutes social engineering.This paper first develops a domain ontology of social engineering in cyber
SOHO(small office/home office)routers provide services for end devices to connect to the Internet,playing an important role in cyberspace.Unfortunately,security vulnerabilities pervasively exist in these routers,especially in the web server modules,greatl
With the ever-growing data and the need for developing powerful machine learning models,data owners increasingly depend on various untrusted platforms(e.g.,public clouds,edges,and machine learning service providers)for scalable processing or collaborative
Long-term prediction is still a difficult problem in data mining.People usually use various kinds of methods of Recurrent Neural Network to predict.However,with the increase of the prediction step,the accuracy of prediction decreases rapidly.In order to i