Comparing Unidirectional, Bidirectional, and Word2vec Models for Discovering Vulnerabilities in Compiled Lifted Code

• URL: http://arxiv.org/abs/2409.17513v2
• Date: Tue, 18 Feb 2025 15:49:04 GMT
• Title: Comparing Unidirectional, Bidirectional, and Word2vec Models for Discovering Vulnerabilities in Compiled Lifted Code
• Authors: Gary A. McCully, John D. Hastings, Shengjie Xu, Adam Fortier,
• Abstract summary: This research investigates the application of unidirectional transformer-based embeddings, specifically GPT-2. Our study reveals that embeddings from GPT-2 model significantly outperform those from bidirectional models of BERT and RoBERTa.
• Score: 4.956066467858057
• License:
• Abstract: Ransomware and other forms of malware cause significant financial and operational damage to organizations by exploiting long-standing and often difficult-to-detect software vulnerabilities. To detect vulnerabilities such as buffer overflows in compiled code, this research investigates the application of unidirectional transformer-based embeddings, specifically GPT-2. Using a dataset of LLVM functions, we trained a GPT-2 model to generate embeddings, which were subsequently used to build LSTM neural networks to differentiate between vulnerable and non-vulnerable code. Our study reveals that embeddings from the GPT-2 model significantly outperform those from bidirectional models of BERT and RoBERTa, achieving an accuracy of 92.5% and an F1-score of 89.7%. LSTM neural networks were developed with both frozen and unfrozen embedding model layers. The model with the highest performance was achieved when the embedding layers were unfrozen. Further, the research finds that, in exploring the impact of different optimizers within this domain, the SGD optimizer demonstrates superior performance over Adam. Overall, these findings reveal important insights into the potential of unidirectional transformer-based approaches in enhancing cybersecurity defenses.

Related papers

• Enhanced Intrusion Detection in IIoT Networks: A Lightweight Approach with Autoencoder-Based Feature Learning [0.0]
  Intrusion Detection Systems (IDS) are essential for identifying and preventing abnormal network behaviors and malicious activities. This research implements six innovative approaches to enhance IDS performance, including leveraging an autoencoder for dimensional reduction. We are the first to deploy our model on a Jetson Nano, achieving inference times of 0.185 ms for binary classification and 0.187 ms for multiclass classification.
  arXiv  Detail & Related papers  (2025-01-25T16:24:18Z)
• Adaptive Cyber-Attack Detection in IIoT Using Attention-Based LSTM-CNN Models [0.23408308015481666]
  This study presents the development and evaluation of an advanced Intrusion detection (IDS) based on a hybrid LSTM-convolution neural network (CNN)-Attention architecture. The research focuses on two key classification tasks: binary and multi-class classification. In binary classification, the model achieved near-perfect accuracy, while in multi-class classification, it maintained a high accuracy level (99.04%), effectively categorizing different attack types with a loss value of 0.0220%.
  arXiv  Detail & Related papers  (2025-01-21T20:52:23Z)
• Impact of Data Snooping on Deep Learning Models for Locating Vulnerabilities in Lifted Code [5.4141465747474475]
  The research specifically focuses on how model performance is affected when embedding models are trained with datasets. The results show that introducing data snooping did not significantly alter model performance. In addition, the findings reinforce the conclusions of previous research, which found that models trained with GPT-2 embeddings consistently outperformed neural networks trained with other embeddings.
  arXiv  Detail & Related papers  (2024-12-03T00:08:01Z)
• SecureBERT and LLAMA 2 Empowered Control Area Network Intrusion Detection and Classification [2.824211356106516]
  We develop two distinct models for CAN intrusion detection: CAN-SecureBERT and CAN-LLAMA2. Can-LLAMA2 model surpasses the state-of-the-art models by achieving an exceptional performance 0.999993 in terms of balanced accuracy, precision detection rate, F1 score, and a remarkably low false alarm rate of 3.10e-6.
  arXiv  Detail & Related papers  (2023-11-19T23:49:08Z)
• LogShield: A Transformer-based APT Detection System Leveraging Self-Attention [2.1256044139613772]
  This paper proposes LogShield, a framework designed to detect APT attack patterns leveraging the power of self-attention in transformers. We incorporate customized embedding layers to effectively capture the context of event sequences derived from provenance graphs. Our framework achieved superior F1 scores of 98% and 95% on the two datasets respectively, surpassing the F1 scores of 96% and 94% obtained by LSTM models.
  arXiv  Detail & Related papers  (2023-11-09T20:43:15Z)
• Safety-compliant Generative Adversarial Networks for Human Trajectory Forecasting [95.82600221180415]
  Human forecasting in crowds presents the challenges of modelling social interactions and outputting collision-free multimodal distribution. We introduce SGANv2, an improved safety-compliant SGAN architecture equipped with motion-temporal interaction modelling and a transformer-based discriminator design.
  arXiv  Detail & Related papers  (2022-09-25T15:18:56Z)
• Evaluating the Adversarial Robustness for Fourier Neural Operators [78.36413169647408]
  Fourier Neural Operator (FNO) was the first to simulate turbulent flow with zero-shot super-resolution. We generate adversarial examples for FNO based on norm-bounded data input perturbations. Our results show that the model's robustness degrades rapidly with increasing perturbation levels.
  arXiv  Detail & Related papers  (2022-04-08T19:19:42Z)
• Anomaly Detection in Cybersecurity: Unsupervised, Graph-Based and Supervised Learning Methods in Adversarial Environments [63.942632088208505]
  Inherent to today's operating environment is the practice of adversarial machine learning. In this work, we examine the feasibility of unsupervised learning and graph-based methods for anomaly detection. We incorporate a realistic adversarial training mechanism when training our supervised models to enable strong classification performance in adversarial environments.
  arXiv  Detail & Related papers  (2021-05-14T10:05:10Z)
• Uncertainty-Aware Deep Calibrated Salient Object Detection [74.58153220370527]
  Existing deep neural network based salient object detection (SOD) methods mainly focus on pursuing high network accuracy. These methods overlook the gap between network accuracy and prediction confidence, known as the confidence uncalibration problem. We introduce an uncertaintyaware deep SOD network, and propose two strategies to prevent deep SOD networks from being overconfident.
  arXiv  Detail & Related papers  (2020-12-10T23:28:36Z)
• MetaDistiller: Network Self-Boosting via Meta-Learned Top-Down Distillation [153.56211546576978]
  In this work, we propose that better soft targets with higher compatibil-ity can be generated by using a label generator. We can employ the meta-learning technique to optimize this label generator. The experiments are conducted on two standard classificationbenchmarks, namely CIFAR-100 and ILSVRC2012.
  arXiv  Detail & Related papers  (2020-08-27T13:04:27Z)
• Graph Backdoor [53.70971502299977]
  We present GTA, the first backdoor attack on graph neural networks (GNNs) GTA departs in significant ways: it defines triggers as specific subgraphs, including both topological structures and descriptive features. It can be instantiated for both transductive (e.g., node classification) and inductive (e.g., graph classification) tasks.
  arXiv  Detail & Related papers  (2020-06-21T19:45:30Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.