SaTC: CORE: Small: Semantics-Oriented Binary Code Analysis Learning from Recent Advances in Deep Learning

SaTC：核心：小型：面向语义的二进制代码分析从深度学习的最新进展中学习

• 批准号: 2304720
• 负责人: Lannan Luo
• 金额: $ 41.69万
• 依托单位: George Mason University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-10-01 至 2024-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2304720&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Semantics; Oriented

Given a closed-source program, such as most of proprietary software and viruses, binary code analysis is indispensable for various tasks, such as vulnerability discovery and malware analysis. Some analysis techniques scale well but cannot accurately capture the program semantics, while others are more accurate but limited in scalability. How to improve both the accuracy and scalability of binary code analysis is an intriguing unresolved problem. The objective of this research is to build novel binary code analysis approaches and techniques based on recent advances in deep learning to achieve both high accuracy and scalability. This project will not only advance cross-architecture binary code analysis, but also propel its applications in vulnerability discovery, plagiarism detection, and malware understanding, especially in the context of heterogeneous IoT devices. Educational resources from this project will be disseminated through a dedicated web site. This research will foster new research and education opportunities at University of South Carolina. The outreach and educational activities that engage students from Benedict College (HBCU) in the research will broaden the participation of underrepresented groups in computer security research.This research emphasizes code semantics-oriented learning by building deep learning based code analysis in a bottom-up approach, aiming to extract semantic information from binary code layer by layer. The technical aims of the project are divided into three thrusts. First, inspired by Neural Machine Translation, instructions and basic blocks are represented as embeddings (i.e., high-dimensional vectors), just like NMT represents words and sentences as points in high-dimensional spaces to facilitate further handling. Second, the captured code semantics at the instruction and basic-block layers are used for analysis at the control flow graph level. The layered learning process fits the hierarchy of semantics inherent in code from instructions, basic blocks, to control flow graphs. Thus, it minimizes the loss of semantic information and keeps scalable. Third, whether and how the proposed techniques can be extended to handle certain obfuscations will be investigated.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

给定一个闭源程序，如大多数专有软件和病毒，二进制代码分析是必不可少的各种任务，如漏洞发现和恶意软件分析。一些分析技术可扩展性很好，但不能准确地捕捉程序语义，而另一些分析技术更准确，但可扩展性有限。如何提高二进制代码分析的准确性和可扩展性是一个有趣的尚未解决的问题。本研究的目标是基于深度学习的最新进展构建新的二进制代码分析方法和技术，以实现高准确性和可扩展性。该项目不仅将推进跨架构二进制代码分析，还将推动其在漏洞发现、剽窃检测和恶意软件理解方面的应用，特别是在异构物联网设备的背景下。该项目的教育资源将通过一个专门的网站传播。这项研究将促进南卡罗来纳州大学新的研究和教育机会。本尼迪克特学院（HBCU）的学生参与的推广和教育活动将扩大代表性不足的群体在计算机安全研究中的参与。这项研究强调以代码语义为导向的学习，通过自下而上的方法构建基于深度学习的代码分析，旨在从二进制代码中逐层提取语义信息。该项目的技术目标分为三个方面。首先，受神经机器翻译的启发，指令和基本块被表示为嵌入（即，高维向量），就像NMT将单词和句子表示为高维空间中的点以便于进一步处理一样。其次，在指令和基本块层捕获的代码语义用于在控制流图级别进行分析。分层学习过程适合从指令、基本块到控制流图的代码中固有的语义层次。因此，它最大限度地减少了语义信息的丢失，并保持可扩展性。第三，是否以及如何提出的技术可以扩展到处理某些混淆将被调查。这个奖项反映了NSF的法定使命，并已被认为是值得通过使用基金会的智力价值和更广泛的影响审查标准进行评估的支持。

项目成果

Can a Deep Learning Model for One Architecture Be Used for Others? Retargeted-Architecture Binary Code Analysis

• 发表时间: 2023
• 期刊: 2018 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)
• 作者: Junzhe Wang;Matthew Sharp;Chuxiong Wu;Qiang Zeng;Lannan Luo

No More Companion Apps Hacking but One Dongle: Hub-Based Blackbox Fuzzing of IoT Firmware

• DOI: 10.1145/3581791.3596857
• 发表时间: 2023-06
• 期刊: Proceedings of the 21st Annual International Conference on Mobile Systems, Applications and Services
• 作者: Xiaoyue Ma;Qiang Zeng;Haotian Chi;Lannan Luo