Kernekoncepter
FoC framework efficiently analyzes cryptographic functions in stripped binaries.
Resumé
The paper introduces the FoC framework for analyzing cryptographic functions in stripped binaries. It proposes a novel approach using FoC-BinLLM and FoC-Sim models to summarize semantics and detect similarities in binary code. The framework outperforms existing methods in summarizing and identifying cryptographic functions, showcasing practical abilities in virus analysis and vulnerability detection.
Structure:
- Introduction to Cryptographic Function Analysis
- Importance of analyzing cryptographic functions in stripped binaries.
- FoC Framework Overview
- Introduction to FoC-BinLLM and FoC-Sim models.
- Dataset Construction
- Collection of cryptographic binary dataset for training and evaluation.
- Binary Large Language Model
- Training setup and performance evaluation for summarizing binary code.
- Binary Code Similarity Model
- Training setup and performance evaluation for detecting similarities in binary code.
- Practical Ability
- Evaluation of FoC framework's practical abilities in real-world scenarios.
Statistik
Evaluation results demonstrate that FoC-BinLLM outperforms ChatGPT by 14.61% on the ROUGE-L score.
FoC-Sim outperforms the previous best methods with a 52% higher Recall@1.
Citater
"In this paper, we propose a novel framework called FoC to Figure out the Cryptographic functions in stripped binaries."
"Our contributions can be summarized as follows: We construct a cryptographic binary dataset cross-compiled from popular open-source repositories written in C language."