BINARY CODE VULNERABILITY DETECTION BASED ON RESTEXT CNN AND SELF-ATTENTION

In order to automatically extract complex semantic features and determine the contribution degree of instructions in assembly code segment to the task, an attention residual convolutional network (ISA-ResTextCNN) based on ResTextCNN and self-attention mechanism is proposed. The self-attention mechanism was adopted to give weight to each instruction in the code segment, and pay attention to the influence of the instruction on the binary vulnerability detection task. ResTextCNN was used to fully consider the input information while extracting more deeper semantic features, so as to improve the detection performance of the model. During model training, max-norm regularization was added to solve the problem of overfitting. Experimental results show that the proposed model can improve the performance of binary code vulnerability detection, and the accuracy and F1-score are improved compared with similar benchmark models.