PEM: Representing Binary Program Semantics for Similarity Analysis via A Probabilistic Execution Model
Binary similarity analysis determines if two binary executables are from the same source program. Existing techniques leverage static and dynamic program features and may utilize advanced Deep Learning techniques. Although they have demonstrated great potential, the community believes that a more effective representation of program semantics can further improve similarity analysis. In this paper, we propose a new method to represent binary program semantics. It is based on a novel probabilistic execution engine that can effectively sample the input space and the program path space of subject binaries. More importantly, it ensures that the collected samples are comparable across binaries, addressing the substantial variations of input specifications. Our evaluation on 9 real-world projects with 35k functions, and comparison with 6 state-of-the-art techniques show that PEM can achieve a precision of 96% with common settings, outperforming the baselines by 10-20%.
Tue 5 DecDisplayed time zone: Pacific Time (US & Canada) change
16:00 - 18:00 | Code Search and Text to CodeResearch Papers / Industry Papers / Journal First / Demonstrations at Golden Gate A Chair(s): Miryung Kim University of California at Los Angeles, USA | ||
16:00 15mTalk | [Remote] Self-Supervised Query Reformulation for Code Search Research Papers Yuetian Mao Shanghai Jiao Tong University, Chengcheng Wan East China Normal University, Yuze Jiang Shanghai Jiao Tong University, Xiaodong Gu Shanghai Jiao Tong University Media Attached | ||
16:15 15mTalk | [Remote] Natural Language to Code: How Far are We? Research Papers Shangwen Wang National University of Defense Technology, Mingyang Geng National University of Defense Technology, Bo Lin National University of Defense Technology, Zhensu Sun Singapore Management University, Ming Wen Huazhong University of Science and Technology, Yepang Liu Southern University of Science and Technology, Li Li Beihang University, Tegawendé F. Bissyandé University of Luxembourg, Xiaoguang Mao National University of Defense Technology DOI Pre-print Media Attached | ||
16:30 15mTalk | [Remote] xASTNN: Improved Code Representations for Industrial Practice Industry Papers Zhiwei Xu Tsinghua University, Min Zhou Tsinghua University, Xibin Zhao Tsinghua University, Yang Chen Huazhong University of Science and Technology, Xi Cheng VMware, Hongyu Zhang Chongqing University DOI Media Attached | ||
16:45 7mTalk | [Remote] On the Dual Nature of Necessity in Use of Rust Unsafe Code Industry Papers Yuchen Zhang New York University, USA, Ashish Kundu Cisco Research, Georgios Portokalidis Stevens Institute of Technology, Jun Xu The University of Utah DOI Media Attached | ||
16:53 7mTalk | On Using Information Retrieval to Recommend Machine Learning Good Practices for Software Engineers Demonstrations Laura Cabra-Acela Universidad de Los Andes, Anamaria Mojica-Hanke University of Passau, Universidad de Los Andes, Mario Linares-Vásquez Universidad de los Andes, Steffen Herbold University of Passau Media Attached | ||
17:00 15mTalk | MultiPL-E: A Scalable and Polyglot Approach to Benchmarking Neural Code Generation Journal First Federico Cassano Northeastern University, John Gouwar Northeastern University, Daniel Nguyen Hannover High School, Sydney Nguyen Wellesley College, Luna Phipps-Costin Northeastern University, Donald Pinckney Northeastern University, Ming-Ho Yee Northeastern University, Yangtian Zi Northeastern University, Carolyn Jane Anderson Wellesley College, Molly Feldman Oberlin College, Arjun Guha Northeastern University and Roblox, Michael Greenberg Stevens Institute of Technology, Abhinav Jangda Microsoft Research Link to publication Media Attached | ||
17:15 15mTalk | NCQ: Code reuse support for Node.js developers Journal First Brittany Reid The University of Adelaide, Marcelo d'Amorim North Carolina State University, Markus Wagner Monash University, Australia, Christoph Treude University of Melbourne Link to publication DOI Pre-print Media Attached | ||
17:30 15mTalk | Efficient Text-to-Code Retrieval with Cascaded Fast and Slow Transformer Models Research Papers Akhilesh Deepak Gotmare Salesforce Research, Junnan Li Salesforce Research, Shafiq Joty Salesforce Research, Steven C.H. Hoi Salesforce Research Asia Media Attached | ||
17:45 15mTalk | PEM: Representing Binary Program Semantics for Similarity Analysis via A Probabilistic Execution Model Research Papers Xiangzhe Xu Purdue University, Zhou Xuan , Shiwei Feng Purdue University, Siyuan Cheng Purdue University, Yapeng Ye Purdue University, Qingkai Shi The Hong Kong University of Science and Technology, Guanhong Tao Purdue University, Le Yu , Zhuo Zhang Purdue University, Xiangyu Zhang Purdue University Media Attached | ||