Maximal divergence sequential auto-encoder for binary software vulnerability detection*

Tue Le; Tuan Vu Nguyen; Trung Le; Dinh Phung; Paul Montague; Olivier De Vel; Lizhen Qu

Maximal divergence sequential auto-encoder for binary software vulnerability detection*

Tue Le, Tuan Vu Nguyen, Trung Le, Dinh Phung, Paul Montague, Olivier De Vel, Lizhen Qu

Department of Data Science & AI

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

21 Citations (Scopus)

Abstract

Due to the sharp increase in the severity of the threat imposed by software vulnerabilities, the detection of vulnerabilities in binary code has become an important concern in the software industry, such as the embedded systems industry, and in the field of computer security. However, most of the works in binary code vulnerability detection has relied on handcrafted features which are manually chosen by a select few domain experts. In this paper, we attempt to alleviate this severe binary vulnerability detection bottleneck by leveraging recent advances in deep learning representations and propose the Maximal Divergence Sequential Auto-Encoder. In particular, latent codes representing vulnerable and non-vulnerable binaries are encouraged to be maximally divergent, while still being able to maintain crucial information from the original binaries. We conducted extensive experiments to compare and contrast our proposed methods with the baselines, and the results indicate that our proposed methods outperform the baselines in all performance measures of interest.

Original language	English
Title of host publication	International Conference on Learning Representations 2019
Editors	Alexander Rush
Place of Publication	La Jolla CA USA
Publisher	International Conference on Learning Representations (ICLR)
Number of pages	15
ISBN (Print)	9783800743629
Publication status	Published - 2019
Event	International Conference on Learning Representations 2019 - Ernest N. Morial Convention Center, New Orleans, United States of America Duration: 6 May 2019 → 9 May 2019 Conference number: 7th https://iclr.cc/Conferences/2019 https://openreview.net/group?id=ICLR.cc/2019/Conference (Proceedings)

Conference

Conference	International Conference on Learning Representations 2019
Abbreviated title	ICLR 2019
Country/Territory	United States of America
City	New Orleans
Period	6/05/19 → 9/05/19
Other	The International Conference on Learning Representations (ICLR) is the premier gathering of professionals dedicated to the advancement of the branch of artificial intelligence called representation learning, but generally referred to as deep learning. ICLR is globally renowned for presenting and publishing cutting-edge research on all aspects of deep learning used in the fields of artificial intelligence, statistics and data science, as well as important application areas such as machine vision, computational biology, speech recognition, text understanding, gaming, and robotics.
Internet address	https://iclr.cc/Conferences/2019 https://openreview.net/group?id=ICLR.cc/2019/Conference (Proceedings)

Keywords

Vulnerabilities Detection
Sequential Auto-Encoder
Separable Representation

Access to Document

285712504-oaFinal published version, 2.27 MB

https://openreview.net/pdf?id=ByloIiCqYQ

Cite this

@inproceedings{96914478198f4d6ebbbf2dd4da326955,

title = "Maximal divergence sequential auto-encoder for binary software vulnerability detection*",

abstract = "Due to the sharp increase in the severity of the threat imposed by software vulnerabilities, the detection of vulnerabilities in binary code has become an important concern in the software industry, such as the embedded systems industry, and in the field of computer security. However, most of the works in binary code vulnerability detection has relied on handcrafted features which are manually chosen by a select few domain experts. In this paper, we attempt to alleviate this severe binary vulnerability detection bottleneck by leveraging recent advances in deep learning representations and propose the Maximal Divergence Sequential Auto-Encoder. In particular, latent codes representing vulnerable and non-vulnerable binaries are encouraged to be maximally divergent, while still being able to maintain crucial information from the original binaries. We conducted extensive experiments to compare and contrast our proposed methods with the baselines, and the results indicate that our proposed methods outperform the baselines in all performance measures of interest.",

keywords = "Vulnerabilities Detection, Sequential Auto-Encoder, Separable Representation",

author = "Tue Le and Nguyen, {Tuan Vu} and Trung Le and Dinh Phung and Paul Montague and {De Vel}, Olivier and Lizhen Qu",

year = "2019",

language = "English",

isbn = "9783800743629",

editor = "Alexander Rush",

booktitle = "International Conference on Learning Representations 2019",

publisher = "International Conference on Learning Representations (ICLR)",

address = "United States of America",

note = "International Conference on Learning Representations 2019, ICLR 2019 ; Conference date: 06-05-2019 Through 09-05-2019",

url = "https://iclr.cc/Conferences/2019, https://openreview.net/group?id=ICLR.cc/2019/Conference",

}

Le, T, Nguyen, TV, Le, T , Phung, D, Montague, P, De Vel, O & Qu, L 2019, Maximal divergence sequential auto-encoder for binary software vulnerability detection*. in A Rush (ed.), International Conference on Learning Representations 2019. International Conference on Learning Representations (ICLR), La Jolla CA USA, International Conference on Learning Representations 2019, New Orleans, Louisiana, United States of America, 6/05/19. <https://openreview.net/pdf?id=ByloIiCqYQ>

Maximal divergence sequential auto-encoder for binary software vulnerability detection*. / Le, Tue; Nguyen, Tuan Vu; Le, Trung et al.
International Conference on Learning Representations 2019. ed. / Alexander Rush. La Jolla CA USA: International Conference on Learning Representations (ICLR), 2019.

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Maximal divergence sequential auto-encoder for binary software vulnerability detection*

AU - Le, Tue

AU - Nguyen, Tuan Vu

AU - Le, Trung

AU - Phung, Dinh

AU - Montague, Paul

AU - De Vel, Olivier

AU - Qu, Lizhen

N1 - Conference code: 7th

PY - 2019

Y1 - 2019

N2 - Due to the sharp increase in the severity of the threat imposed by software vulnerabilities, the detection of vulnerabilities in binary code has become an important concern in the software industry, such as the embedded systems industry, and in the field of computer security. However, most of the works in binary code vulnerability detection has relied on handcrafted features which are manually chosen by a select few domain experts. In this paper, we attempt to alleviate this severe binary vulnerability detection bottleneck by leveraging recent advances in deep learning representations and propose the Maximal Divergence Sequential Auto-Encoder. In particular, latent codes representing vulnerable and non-vulnerable binaries are encouraged to be maximally divergent, while still being able to maintain crucial information from the original binaries. We conducted extensive experiments to compare and contrast our proposed methods with the baselines, and the results indicate that our proposed methods outperform the baselines in all performance measures of interest.

AB - Due to the sharp increase in the severity of the threat imposed by software vulnerabilities, the detection of vulnerabilities in binary code has become an important concern in the software industry, such as the embedded systems industry, and in the field of computer security. However, most of the works in binary code vulnerability detection has relied on handcrafted features which are manually chosen by a select few domain experts. In this paper, we attempt to alleviate this severe binary vulnerability detection bottleneck by leveraging recent advances in deep learning representations and propose the Maximal Divergence Sequential Auto-Encoder. In particular, latent codes representing vulnerable and non-vulnerable binaries are encouraged to be maximally divergent, while still being able to maintain crucial information from the original binaries. We conducted extensive experiments to compare and contrast our proposed methods with the baselines, and the results indicate that our proposed methods outperform the baselines in all performance measures of interest.

KW - Vulnerabilities Detection

KW - Sequential Auto-Encoder

KW - Separable Representation

UR - http://www.scopus.com/inward/record.url?scp=85083952462&partnerID=8YFLogxK

M3 - Conference Paper

SN - 9783800743629

BT - International Conference on Learning Representations 2019

A2 - Rush, Alexander

PB - International Conference on Learning Representations (ICLR)

CY - La Jolla CA USA

T2 - International Conference on Learning Representations 2019

Y2 - 6 May 2019 through 9 May 2019

ER -

Maximal divergence sequential auto-encoder for binary software vulnerability detection*

Abstract

Conference

Keywords

Access to Document

Other files and links

Cite this