Abstract
Automatic static vulnerability analysis for IoT devices is always an important and challenging research problem. Traditional vulnerability finding methods are primarily based on manually built structures, which have limitations in accuracy and lack consideration of environmental information. In this paper, we propose a new approach that generates an ACFG (attributed control flow graph) that combines ambient information with binary code information, which aims to discover vulnerabilities from binaries deeply and accurately. The graph is then transformed by a graph-embedding algorithm and analyzed by a deep neural network. This approach has scalability on IoT devices when cross-architecture and cross-system binaries are considered. Ambient information makes this model able to detect environment-aware vulnerabilities. Experiment shows that this method has outperformed the state-of-the-art methods in terms of accuracy, efficiency, and scalability, with an average accuracy of over 80% on real-world vulnerability datasets.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
