To address the issue of cross-architecture same-origin vulnerability detection,a cross-plat-form binary code similarity analysis method called CodeMeld is proposed.Bidirectional gated recur-rent units(BGRU)and self-attention mechanism are relied upon by this method to extract instruction sequence information,and a convolutional neural network(CNN)model combining residual convolu-tion attention mechanism is used to extract graph structure information from the adjacency matrix.The two types of information are then fused to achieve function vectorization representation.Evaluation ex-periments are conducted on datasets compiled with various optimization options on different architec-tures.The experimental results demonstrate that the feature information of instruction sequence and control flow graph structure can be effectively captured by CodeMeld,which can accurately measure cross-platform binary code similarity with an accuracy of 94.26%and an AUC as high as 0.980 6.
维普
万方数据
