A Binary Vulnerability Similarity Detection Model Based on Deep Graph Matching

Yangzhi Zhang

doi:10.26689/jera.v9i5.12398

Yangzhi Zhang School of Artificial Intelligence, Zhejiang Dongfang Polytechnic, Wenzhou 325000, Zhejiang, China

DOI: https://doi.org/10.26689/jera.v9i5.12398

Keywords: Network security, Word vectors, Graph vector matrix, Deep graph matching, Vulnerability similarity

Abstract

To enhance network security, this study employs a deep graph matching model for vulnerability similarity detection. The model utilizes a Word Embedding layer to vectorize data words, an Image Embedding layer to vectorize data graphs, and an LSTM layer to extract the associations between word and graph vectors. A Dropout layer is applied to randomly deactivate neurons in the LSTM layer, while a Softmax layer maps the LSTM analysis results. Finally, a fully connected layer outputs the detection results with a dimension of 1. Experimental results demonstrate that the AUC of the deep graph matching vulnerability similarity detection model is 0.9721, indicating good stability. The similarity scores for vulnerabilities such as memory leaks, buffer overflows, and targeted attacks are close to 1, showing significant similarity. In contrast, the similarity scores for vulnerabilities like out-of-bounds memory access and logical design flaws are less than 0.4, indicating good similarity detection performance. The model’s evaluation metrics are all above 97%, with high detection accuracy, which is beneficial for improving network security.

References

Yang S, Xu Z, Xiao Y, et al., 2023, Towards Practical Binary Code Similarity Detection: Vulnerability Verification via Patch Semantic Analysis. ACM Transactions on Software Engineering and Methodology, 32(6): 1–29.

Li L, Ding S H H, Tian Y, et al., 2023, VulANalyzeR: Explainable Binary Vulnerability Detection with Multi-Task Learning and Attentional Graph Convolution. ACM Transactions on Privacy and Security, 26(3): 1–25.

Zhu Y, Lin G, Song L, et al., 2023, The Application of Neural Network for Software Vulnerability Detection: A Review. Neural Computing and Applications, 35(2): 1279–1301.

Wen X C, Gao C, Ye J, et al., 2023, Meta-Path Based Attentional Graph Learning Model for Vulnerability Detection. IEEE Transactions on Software Engineering, 50(3): 360–375.

Tang M, Tang W, Gui Q, et al., 2024, A Vulnerability Detection Algorithm Based on Residual Graph Attention Networks for Source Code Imbalance (RGAN). Expert Systems with Applications, 238: 122216.

Yan X, Sun M, Han Y, et al., 2023, Camouflaged Object Segmentation Based on Matching–Recognition–Refinement Network. IEEE Transactions on Neural Networks and Learning Systems, 35(11): 15993–16007.