A wide range of binary analysis applications, such as bug discovery, malware
analysis and code clone detection, require recovery of contextual meanings on a
binary code. Recently, binary analysis techniques based on machine learning
have been proposed to automatically reconstruct the code representation of a
binary instead of manually crafting specifics of the analysis algorithm.
However, the existing approaches utilizing machine learning are still
specialized to solve one domain of problems, rendering recreation of models for
different types of binary analysis. In this paper, we propose DeepSemantic
utilizing BERT in producing the semantic-aware code representation of a binary
code.

To this end, we introduce well-balanced instruction normalization that holds
rich information for each of instructions yet minimizing an out-of-vocabulary
(OOV) problem. DeepSemantic has been carefully designed based on our study with
large swaths of binaries. Besides, DeepSemantic leverages the essence of the
BERT architecture into re-purposing a pre-trained generic model that is readily
available as a one-time processing, followed by quickly applying specific
downstream tasks with a fine-tuning process. We demonstrate DeepSemantic with
two downstream tasks, namely, binary similarity comparison and compiler
provenance (i.e., compiler and optimization level) prediction. Our experimental
results show that the binary similarity model outperforms two state-of-the-art
binary similarity tools, DeepBinDiff and SAFE, 49.84% and 15.83% on average,
respectively.

Go to Source of this post
Author Of this post: <a href="http://arxiv.org/find/cs/1/au:+Koo_H/0/1/0/all/0/1">Hyungjoon Koo</a>, <a href="http://arxiv.org/find/cs/1/au:+Park_S/0/1/0/all/0/1">Soyeon Park</a>, <a href="http://arxiv.org/find/cs/1/au:+Choi_D/0/1/0/all/0/1">Daejin Choi</a>, <a href="http://arxiv.org/find/cs/1/au:+Kim_T/0/1/0/all/0/1">Taesoo Kim</a>

By admin