[연구] 구형준 교수 연구실(SecAI) 논문이 ACM ASIACCS 2023 (18th ACM ASIA Conference on Computer and Communications Security)에 게재 승인
- 소프트웨어융합대학
- 조회수1097
- 2022-12-19
SecAI 연구실 (지도교수: 구형준)과 HLI 연구실 (지도교수: 박진영)에서 공동으로 연구한 논문이 컴퓨터 보안 분야에서 우수 학술대회인 ACM ASIACCS 2023 (18th ACM ASIA Conference on Computer and Communications Security)에 게재 승인되었습니다!
컴파일 후 생성된 실행 바이너리는 소스코드에 존재하는 변수명, 함수명, 함수 파라미터, 구조체 등 다양한 정보가 유실된 상태입니다. 이는 바이너리 역공학을 통해 행위 분석을 하기 매우 어렵습니다. 본 논문에서는 역공학에 유용한 Transformer 기반의 함수명 예측 모델을 제안합니다. 요지는 어셈블리어를 프로그래머가 생성한 함수명으로 translation한다는 점이며, 기존의 SOTA 모델에 비해 4배 가까이 우수한 성능을 얻었습니다.
Abstract.
Reverse engineering of a stripped binary has a wide range of applications, yet it is challenging mainly due to the lack of contextually useful information within. Once debugging symbols (e.g., variable names, types, function names) are discarded, recovering such information is not technically viable with traditional approaches like static or dynamic binary analysis. We focus on a function symbol name recovery, which allows a reverse engineer to gain a quick overview of an unseen binary. The key insight is that a well-developed program labels a meaningful function name that describes its underlying semantics well. In this paper, we present AsmDepictor, the Transformer-based framework that generates a function symbol name from a set of assembly codes (i.e., machine instructions), which consists of three major components: binary code refinement, model training, and inference. To this end, we conduct systematic experiments on the effectiveness of code refinement that can enhance an overall performance. We introduce the per-layerpositional embedding and Unique-softmax for AsmDepictor so that both can aid to capture a better relationship between tokens.Lastly, we devise a novel evaluation metric tailored for a short description length, the Jaccard* score. Our empirical evaluation shows that the performance of AsmDepictor by far surpasses that of the state-of-the-art models up to around 400%. The best AsmDepictormodel achieves an F1 of 71.5 and Jaccard* of 75.4.
홈페이지: https://asiaccs2023.org/