Research On Vulnerability Feature Analysis Technology Based Graph Embedding Model

Most traditional static analysis methods use a pattern-based approach to detect vulnerabilities.These patterns are manually defined by security personnel,which is tedious and time-consuming.While there are many open source vulnerability detection tools such as ITS4 and commercial tools such as Checkmarx,these tools typically have high false positives or false positives.Furthermore,these tools are not suitable for binary detection.This topic is based on the graph neural network model,using its advantages,analyzes the characteristics of binary vulnerabilities,and predicts the location of vulnerabilities in binary programs.This model can be used to cooperate with fuzzing system to find more hidden security vulnerabilities,and has high transferability.The vulnerability prediction model based on the graph embedding model can improve the vulnerability mining ability of the fuzzing system to a certain extent.At the same time,it can also be used as a tool for manual analysis to efficiently perform manual vulnerability mining.This paper mainly studies the following contents:A binary vulnerability feature extraction technology based on instruction feature vectorization is proposed.This paper mainly summarizes the features of 255-dimensional instruction level,and vectorizes its instructions.Taking basic blocks as the unit,extracts the program control flow chart CFG based on the quantized feature basic blocks,and designs and implements its extraction experiments.It is proved that this method can efficiently extract the program control flow graph CFG of binary programs.A binary vulnerability prediction model based on graph embedding is designed and implemented.A total of 111,540 labeled function samples are collected in this paper,including 78,511 samples without vulnerabilities and 33,029 samples with vulnerabilities.Use these samples for training,and keep experimenting to optimize the model.Finally,an experiment is designed to evaluate the model we have trained.The experiment proves that we can more accurately predict whether the unknown binary function has loopholes.In addition,in the actual testing process,the author also discovered the high-risk vulnerability CVE-2021-32024 of BlackBerry’s products,which has been confirmed and fixed.