Learning-based Vulnerability Detection in Binary Code

Abstract

Cyberattacks typically exploit software vulnerabilities to compromise computers and smart devices. To address vulnerabilities, many approaches have been developed to detect vulnerabilities using deep learning. However, most learning-based approaches detect vulnerabilities in source code instead of binary code. In this paper, we present our approach on detecting vulnerabilities in binary code. Our approach uses binary code compiled from the SARD dataset to build deep learning models to detect vulnerabilities. It extracts features on the syntax information of the assembly instructions in binary code, and trains two deep learning models on the features for vulnerability detection. From our evaluation, we find that the BLSTM model has the best performance, which achieves an accuracy rate of 81% in detecting vulnerabilities. Particularly the F1-score, recall, and specificity of the BLSTM model are 75%, 95% and 75% respectively. This indicates that the model is balanced in detecting both vulnerable code and non-vulnerable code.