본문 바로가기
  • Home

Extraction Scheme of Function Information in Stripped Binaries using LSTM

  • Journal of Software Assessment and Valuation
  • Abbr : JSAV
  • 2021, 17(2), pp.39-46
  • DOI : 10.29056/jsav.2021.12.05
  • Publisher : Korea Software Assessment and Valuation Society
  • Research Area : Engineering > Computer Science
  • Received : October 21, 2021
  • Accepted : December 20, 2021
  • Published : December 31, 2021

Duhyeuk Chang 1 Seon-Min Kim 1 Junyoung Heo 1

1한성대학교

Accredited

ABSTRACT

To analyze and defend malware codes, reverse engineering is used as identify function location information. However, the stripped binary is not easy to find information such as function location because function symbol information is removed. To solve this problem, there are various binary analysis tools such as BAP and BitBlaze IDA Pro, but they are based on heuristics method, so they do not perform well in general. In this paper, we propose a technique to extract function information using LSTM-based models by applying algorithms of N-byte method that is extracted binaries corresponding to reverse assembling instruments in a recursive descent method. Through experiments, the proposed techniques were superior to the existing techniques in terms of time and accuracy.

Citation status

* References for papers published after 2022 are currently being built.