Locating Vulnerability in Binaries Using Deep Neural Networks

Binary fault localization is important for vulnerability analysis, but many current techniques face problems in locating vulnerability accurately and effectively, especially for real-world programs. In this paper, we propose a novel gradient-guided vulnerability locating method named DeepVL, which l...

Full description

Saved in:
Bibliographic Details
Published in:IEEE access 2019, Vol.7, p.134660-134676
Main Authors: Li, Runhao, Zhang, Chen, Feng, Chao, Zhang, Xing, Tang, Chaojing
Format: Article
Language:English
Subjects:
Artificial neural networks
Binary program crash
Computer crashes
Datasets
Debugging
Deep learning
Enumeration
execution trace
fault localization
Fault location
Manuals
Neural networks
Software
software security
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Binary fault localization is important for vulnerability analysis, but many current techniques face problems in locating vulnerability accurately and effectively, especially for real-world programs. In this paper, we propose a novel gradient-guided vulnerability locating method named DeepVL, which leverages deep neural networks to diagnose the root cause of weakness in binaries and provide guidance information for further analysis. DeepVL collects sufficient amounts of crashed execution traces and normal execution traces as input of the constructed neural networks. Based on trained neural network, DeepVL calculates the gradient information for each basic block in traces and filter out the vulnerable basic blocks according to corresponding gradients. To demonstrate the applicability of DeepVL, we perform plenty of experiments on different datasets. According to the experimental results on Common Weakness Enumeration (CWE) dataset, DeepVL could locate different types of vulnerabilities accurately and effectively, with recall\text{@}10 reaching 96.9% and precision\text{@}10 reaching 70.1%. Additionally, the results on Cyber Grand Challenge (CGC) program and LibTIFF 4.0.10 show that DeepVL is capable of locating vulnerable basic blocks in large-scale programs. As a fault localization tool, DeepVL could greatly reduce the manual effort of finding vulnerabilities in binaries.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2019.2942043