ROMEO: Exploring Juliet through the Lens of Assembly Language

12/13/2021
by   Clemens-Alexander Brust, et al.
0

Automatic vulnerability detection on C/C++ source code has benefitted from the introduction of machine learning to the field, with many recent publications considering this combination. In contrast, assembly language or machine code artifacts receive little attention, although there are compelling reasons to study them. They are more representative of what is executed, more easily incorporated in dynamic analysis and in the case of closed-source code, there is no alternative. We propose ROMEO, a publicly available, reproducible and reusable binary vulnerability detection benchmark dataset derived from the Juliet test suite. Alongside, we introduce a simple text-based assembly language representation that includes context for function-spanning vulnerability detection and semantics to detect high-level vulnerabilities. Finally, we show that this representation, combined with an off-the-shelf classifier, compares favorably to state-of-the-art methods, including those operating on the full C/C++ code.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
07/11/2018

Automated Vulnerability Detection in Source Code Using Deep Representation Learning

Increasing numbers of software vulnerabilities are discovered every year...
research
04/23/2021

Literature review on vulnerability detection using NLP technology

Vulnerability detection has always been the most important task in the f...
research
02/05/2023

VuLASTE: Long Sequence Model with Abstract Syntax Tree Embedding for vulnerability Detection

In this paper, we build a model named VuLASTE, which regards vulnerabili...
research
05/25/2022

VulBERTa: Simplified Source Code Pre-Training for Vulnerability Detection

This paper presents VulBERTa, a deep learning approach to detect securit...
research
04/12/2023

Evaluation of ChatGPT Model for Vulnerability Detection

In this technical report, we evaluated the performance of the ChatGPT an...
research
05/07/2021

Code2Image: Intelligent Code Analysis by Computer Vision Techniques and Application to Vulnerability Prediction

Intelligent code analysis has received increasing attention in parallel ...
research
06/25/2023

FastBCSD: Fast and Efficient Neural Network for Binary Code Similarity Detection

Binary code similarity detection (BCSD) has various applications, includ...

Please sign up or login with your details

Forgot password? Click here to reset