BETAC: Bidirectional Encoder Transformer for Assembly Code Function Name Recovery

Guillaume Breyton; Mohd Saqib; Benjamin C.M. Fung; Philippe Charland

doi:10.1109/DRCN60692.2024.10539155

BETAC: Bidirectional Encoder Transformer for Assembly Code Function Name Recovery

Guillaume Breyton
, Mohd Saqib
, Benjamin C.M. Fung
, Philippe Charland

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Recovering function names from stripped binaries is a crucial and time-consuming task for software reverse engineering' particularly in enhancing network reliability, resilience, and security. This paper tackles the challenge of recovering function names in stripped binaries, a fundamental step in reverse engineering. The absence of syntactic information and the possibility of different code producing identical behavior complicate this task. To overcome these challenges, we introduce a novel model, the Bidirectional Encoder Transformer for Assembly Code (BETAC), leveraging a transformer-based architecture known for effectively processing sequential data. BETAC utilizes self-Attention mechanisms and feed-forward networks to discern complex relationships within assembly code for precise function name prediction. We evaluated BETAC against various existing encoder and decoder models in diverse binary datasets, including benign and malicious codes in multiple formats. Our model demonstrated superior performance over previous techniques in certain metrics and showed resilience against code obfuscation.

Original language	English
Title of host publication	20th International Conference on the Design of Reliable Communication Networks, DRCN 2024
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9798350348972
DOIs	https://doi.org/10.1109/DRCN60692.2024.10539155
State	Published - 2024
Externally published	Yes
Event	20th International Conference on the Design of Reliable Communication Networks, DRCN 2024 - Montreal, Canada Duration: 6 May 2024 → 9 May 2024

Publication series

Name	20th International Conference on the Design of Reliable Communication Networks, DRCN 2024

Conference

Conference	20th International Conference on the Design of Reliable Communication Networks, DRCN 2024
Country/Territory	Canada
City	Montreal
Period	6/05/24 → 9/05/24

Bibliographical note

Publisher Copyright:
© 2024 IEEE.

Keywords

assembly code
binaries
CodeBERT
Reverse engineering automation
summarization
Transformers

ASJC Scopus subject areas

Artificial Intelligence
Computer Networks and Communications
Computer Science Applications
Hardware and Architecture
Information Systems and Management
Safety, Risk, Reliability and Quality
Health Informatics

Access to Document

10.1109/DRCN60692.2024.10539155

Cite this

Breyton, G., Saqib, M., Fung, B. C. M., & Charland, P. (2024). BETAC: Bidirectional Encoder Transformer for Assembly Code Function Name Recovery. In 20th International Conference on the Design of Reliable Communication Networks, DRCN 2024 (20th International Conference on the Design of Reliable Communication Networks, DRCN 2024). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DRCN60692.2024.10539155

Breyton, Guillaume ; Saqib, Mohd ; Fung, Benjamin C.M. et al. / BETAC : Bidirectional Encoder Transformer for Assembly Code Function Name Recovery. 20th International Conference on the Design of Reliable Communication Networks, DRCN 2024. Institute of Electrical and Electronics Engineers Inc., 2024. (20th International Conference on the Design of Reliable Communication Networks, DRCN 2024).

@inproceedings{7634c07d3f9f4dc98c0e534835732cff,

title = "BETAC: Bidirectional Encoder Transformer for Assembly Code Function Name Recovery",

abstract = "Recovering function names from stripped binaries is a crucial and time-consuming task for software reverse engineering' particularly in enhancing network reliability, resilience, and security. This paper tackles the challenge of recovering function names in stripped binaries, a fundamental step in reverse engineering. The absence of syntactic information and the possibility of different code producing identical behavior complicate this task. To overcome these challenges, we introduce a novel model, the Bidirectional Encoder Transformer for Assembly Code (BETAC), leveraging a transformer-based architecture known for effectively processing sequential data. BETAC utilizes self-Attention mechanisms and feed-forward networks to discern complex relationships within assembly code for precise function name prediction. We evaluated BETAC against various existing encoder and decoder models in diverse binary datasets, including benign and malicious codes in multiple formats. Our model demonstrated superior performance over previous techniques in certain metrics and showed resilience against code obfuscation.",

keywords = "assembly code, binaries, CodeBERT, Reverse engineering automation, summarization, Transformers",

author = "Guillaume Breyton and Mohd Saqib and Fung, \{Benjamin C.M.\} and Philippe Charland",

note = "Publisher Copyright: {\textcopyright} 2024 IEEE.; 20th International Conference on the Design of Reliable Communication Networks, DRCN 2024 ; Conference date: 06-05-2024 Through 09-05-2024",

year = "2024",

doi = "10.1109/DRCN60692.2024.10539155",

language = "English",

series = "20th International Conference on the Design of Reliable Communication Networks, DRCN 2024",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "20th International Conference on the Design of Reliable Communication Networks, DRCN 2024",

address = "United States",

}

Breyton, G, Saqib, M, Fung, BCM & Charland, P 2024, BETAC: Bidirectional Encoder Transformer for Assembly Code Function Name Recovery. in 20th International Conference on the Design of Reliable Communication Networks, DRCN 2024. 20th International Conference on the Design of Reliable Communication Networks, DRCN 2024, Institute of Electrical and Electronics Engineers Inc., 20th International Conference on the Design of Reliable Communication Networks, DRCN 2024, Montreal, Canada, 6/05/24. https://doi.org/10.1109/DRCN60692.2024.10539155

BETAC: Bidirectional Encoder Transformer for Assembly Code Function Name Recovery. / Breyton, Guillaume; Saqib, Mohd; Fung, Benjamin C.M. et al.
20th International Conference on the Design of Reliable Communication Networks, DRCN 2024. Institute of Electrical and Electronics Engineers Inc., 2024. (20th International Conference on the Design of Reliable Communication Networks, DRCN 2024).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - BETAC

T2 - 20th International Conference on the Design of Reliable Communication Networks, DRCN 2024

AU - Breyton, Guillaume

AU - Saqib, Mohd

AU - Fung, Benjamin C.M.

AU - Charland, Philippe

PY - 2024

Y1 - 2024

N2 - Recovering function names from stripped binaries is a crucial and time-consuming task for software reverse engineering' particularly in enhancing network reliability, resilience, and security. This paper tackles the challenge of recovering function names in stripped binaries, a fundamental step in reverse engineering. The absence of syntactic information and the possibility of different code producing identical behavior complicate this task. To overcome these challenges, we introduce a novel model, the Bidirectional Encoder Transformer for Assembly Code (BETAC), leveraging a transformer-based architecture known for effectively processing sequential data. BETAC utilizes self-Attention mechanisms and feed-forward networks to discern complex relationships within assembly code for precise function name prediction. We evaluated BETAC against various existing encoder and decoder models in diverse binary datasets, including benign and malicious codes in multiple formats. Our model demonstrated superior performance over previous techniques in certain metrics and showed resilience against code obfuscation.

AB - Recovering function names from stripped binaries is a crucial and time-consuming task for software reverse engineering' particularly in enhancing network reliability, resilience, and security. This paper tackles the challenge of recovering function names in stripped binaries, a fundamental step in reverse engineering. The absence of syntactic information and the possibility of different code producing identical behavior complicate this task. To overcome these challenges, we introduce a novel model, the Bidirectional Encoder Transformer for Assembly Code (BETAC), leveraging a transformer-based architecture known for effectively processing sequential data. BETAC utilizes self-Attention mechanisms and feed-forward networks to discern complex relationships within assembly code for precise function name prediction. We evaluated BETAC against various existing encoder and decoder models in diverse binary datasets, including benign and malicious codes in multiple formats. Our model demonstrated superior performance over previous techniques in certain metrics and showed resilience against code obfuscation.

KW - assembly code

KW - binaries

KW - CodeBERT

KW - Reverse engineering automation

KW - summarization

KW - Transformers

UR - https://www.scopus.com/pages/publications/85195599514

U2 - 10.1109/DRCN60692.2024.10539155

DO - 10.1109/DRCN60692.2024.10539155

M3 - Conference contribution

AN - SCOPUS:85195599514

T3 - 20th International Conference on the Design of Reliable Communication Networks, DRCN 2024

BT - 20th International Conference on the Design of Reliable Communication Networks, DRCN 2024

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 6 May 2024 through 9 May 2024

ER -

Breyton G, Saqib M, Fung BCM, Charland P. BETAC: Bidirectional Encoder Transformer for Assembly Code Function Name Recovery. In 20th International Conference on the Design of Reliable Communication Networks, DRCN 2024. Institute of Electrical and Electronics Engineers Inc. 2024. (20th International Conference on the Design of Reliable Communication Networks, DRCN 2024). doi: 10.1109/DRCN60692.2024.10539155

BETAC: Bidirectional Encoder Transformer for Assembly Code Function Name Recovery

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this