Semantic Learning and Emulation Based Cross-Platform Binary Vulnerability Seeker

Clone detection is widely exploited for software vulnerability search. The approaches based on source code analysis cannot be applied to binary clone because the same can produce significantly different binaries due operating systems, microprocessor architectures and compilers. In this paper, we present BinSeeker , a cross-platform seeker that integrates semantic learning emulation. With help of labeled flow graph, quickly identify $M$ candidate functions are most similar from target binary. value relatively large so procedure essentially eliminates those very unlikely have vulnerability. Then, emulation conducted these candidates obtain their dynamic signature sequences. By comparing sequences, produces top- notation="LaTeX">$N$ exhibit behavior fast filtering accurate comparison emulation, seeks precisely with little overhead. experiments six used programs fifteen known CVE vulnerabilities demonstrate outperforms three state-of-the-art tools Genius Gemini CACompare . Regarding search accuracy, achieves an MRR 0.65 in programs, whereas values by 0.17, 0.07 0.42, respectively. If consider ranking function targeted top-5 as accurate, accuracy 93.33 percent, while other merely 33.33, 13.33 53.33 Such achieved 0.27s average determine whether contains vulnerability, time 1.57s, 0.15s 0.98s, Compared manually true positive false reported Gemini, overhead negligible. Evidently, proposed better balance between efficiency.