Abstract
Generative adversarial networks (GAN) is one of the most promising methods of unsupervised learning in complex distribution in recent years. Gan is widely used to generate data sets for data enhancement. However, the existing binary vulnerability mining methods can be divided into three ways: static analysis, dynamic analysis and dynamic static analysis. The research on the method of fundamentally expanding the data set to achieve vulnerability mining also has strong application value. Therefore, aiming at the problem of too few binary code vulnerability data sets, this paper proposes a binary code vulnerability mining model based on generation countermeasure network. In particular, the proposed system also combines automatic code generation technology, fuzzy testing and symbol execution technology to further optimize and train the generator and discriminator in the generation countermeasure network model to generate high-quality data sets. The experimental results show that, The binary code vulnerability mining model based on generative countermeasure network proposed in this paper can effectively solve the problem of too few data sets.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Tang, B., Yang, M.: Research on security protection countermeasures of internet of things. J. Phys: Conf. Ser. 1650(3), 32098 (2020)
Chen, Y.: Advancement of the study on fuzzy testing. Comput. Applicat. Softw. 11(7), 32098 (2011)
Park, J.J.H., Barolli, L., Xhafa, F., Jeong, H.Y. (eds.): Information Technology Convergence. LNEE, vol. 253. Springer, Dordrecht (2013). https://doi.org/10.1007/978-94-007-6996-0
Clause, J., Li, W., Orso, A.: Dytan: a generic dynamic taint analysis framework. In: International Symposium on Information Technology Convergence, vol. 11, pp. 196–206 (2017)
Hou, J.B., Li, T., Chang, C.: Research for vulnerability detection of embedded system firmware. Proc. Comput. Sci. 107(181), 814–818 (2013)
Yan, S., Wang, R., Salls, C.: SOK: (state of) the art of war: offensive techniques in binary analysis. In: Proceedings IEEE Symposium on Security and Privacy (SP), pp. 138–157 (2016)
Zhuge, J., Chen, L., Tian, F., Bao, Y., Lu, X.: Type-based dynamic taint analysis technology. J. Tsinghua Univ. 52(10), 1320–1334 (2012)
Bai, H., Hu, C.Z., Zhang, G., Jing, X.C., Li, N.: Binary oriented vulnerability analyzer based on hidden markov model. IEICE Trans. Inf. Syst 93(12), 3410–3413 (2010)
Feng, Z., Wang, Z., Dong, W.: Bintaint: a static taint analysis method for binary vulnerability mining. In: Proceedings ICCBB, pp. 1–8 (2018)
Baldoni, R., Coppa, E., D’elia, D.C., Demetrescu, C., Finocchi, I.: A survey of symbolic execution techniques. ACM Comput. Surv. 51(3), 1–39 (2018)
Russell, R., Kim, L., Hamlton, L.: Automated vulnerability detection in source code using deep representation learning. In: The 17th IEEE Int’l Conference on Machine Learning and Applications (ICMLA), pp. 757–762 (2018)
Xie, Z., Cui, Z., Zhang, J.: CSEFuzz: fuzz testing based on symbolic execution. IEEE Access 8(8), 187564–187574 (2020)
Grieco, G., Grinblat, G.L., Uzal, L.: Toward large-scale vulnerability discovery using machine learning. In: The Sixth ACM Conference on Data and Application Security and Privacy, pp. 85–96 (2016)
Du, C., Liu, S., Guo, Y., Si, L., Jin, T.: Detection and information extraction of similar basic blocks used for directed Greybox fuzzing. In: International Conference on Artificial Intelligence and Security, vol. 12240, no. 21, pp. 353–364 (2020)
Li, J., Zhao, B., Zhang, C.: Fuzzing: a survey. Cybersecurity 1(1), 1–13 (2018). https://doi.org/10.1186/s42400-018-0002-y
Huang, C., Huang, C.: Cvae-gan emotional ai music system for car driving safety. Intell. Automat. Soft Comput. 32(3), 1939–1953 (2022)
Luo, Z.: Review of gan-based person re-identification. J. New Media 3(1), 11–17 (2021)
Fang, K., Ouyang, J.Q.: Classification algorithm optimization based on Triple-GAN. J. Artif. Intell. 2(1), 1–15 (2020)
Liu, X., Chen, X.: A survey of gan-generated fake faces detection method based on deep learning. J. Inf. Hiding Priv. Protect. 2(2), 87–94 (2020)
Acknowledgement
This paper is supported by the project of Lightweight security reinforcement and threat perception technologies for energy Internet-oriented smart terminal equipment (52018E20008K).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Lai, J., Li, S., Yao, Q. (2022). A Binary Code Vulnerability Mining Method Based on Generative Adversarial Networks. In: Sun, X., Zhang, X., Xia, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2022. Lecture Notes in Computer Science, vol 13340. Springer, Cham. https://doi.org/10.1007/978-3-031-06791-4_50
Download citation
DOI: https://doi.org/10.1007/978-3-031-06791-4_50
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-06790-7
Online ISBN: 978-3-031-06791-4
eBook Packages: Computer ScienceComputer Science (R0)