Go to IJCNN 2021 homepageFUNC-ESIM: A Dual Pairwise Attention Network for Cross-version Binary Function Matching
Abstract: Binary function matching compares two pieces of binary functions to identify their similarities, which has wide applications in the field of malware origin tracing, vulnerability searching, binary level plagiarism detection, etc. Up-to-date methods commonly independently map each function to an embedding and rarely consider fine-grained pairwise semantic similarity, which influences the accuracy of matching. Moreover, few methods are available to detect similarities between versions spanning a long period for cross-version vulnerability detection or patch positioning. To solve these issues, we propose a novel binary function matching method, which takes a pair of binary functions as input, and then computes a similarity score jointly on the pair through a specifical dual pairwise cross-attention network. Specially, we apply our method to detecting similarities between cross-version binaries. The experimental analysis demonstrates that FUNC-ESIM achieves promising results on the cross-version binary matching task, where the average recall@1 reaches 85.98%.
0 Replies
Loading