Recurrent Semantic Learning-Driven Fast Binary Vulnerability Detection in Healthcare Cyber Physical Systems

Abstract

Healthcare cyber physical systems (HCPS) always pursuing high availability allow software providers to adopt multiple kinds of development languages to reuse third-party program codes, while leading to the wide propagation of hidden software vulnerabilities. However, it is impossible to accurately trace execution paths and locate the key elements during the software execution process, which makes semantic features of vulnerabilities in the binary code can not bed extracted. This is the key support in automated vulnerability detection practices. To address these problems, a novel fast vulnerability detection mechanism based on recurrent semantic learning is proposed, which does not require high-level permissions to access the compiling process and traverse all execution paths. Firstly, a programframe is constructed to integrate software run-time logic and executing environment, detecting vulnerabilities from multi-programming language binary codes. Secondly, to achieve the powerful software execution context-awareness ability, a cascaded-LSTM recurrent neural network is designated to extract semantic features from binary files with vulnerabilities. Besides, we establish an experimental toolkit named an intelligent vulnerability detector (IntVD) to demonstrate the effectiveness of the proposed methods. Extensive and practical experiments validate that the vulnerability recognition accuracy on the HCPS software including VLC and LibTIFF can reach more than 95%.