DRAGON: Predicting Decompiled Variable Data Types with Learned Confidence Estimates

Caleb Stewart, Rhonda Gaede, Jeffrey Kulick (University of Alabama in Huntsville)

We present DRAGON, a graph neural network (GNN) that predicts data types for decompiled variables along with a confidence estimate for each prediction. While we only train DRAGON on x64 binaries compiled without optimization, we show that DRAGON generalizes well to all combinations of the x64, x86, ARM64, and ARM architectures compiled across optimization levels O0-O3. We compare DRAGON with two state-of-the-art approaches for binary type inference and demonstrate that DRAGON exhibits a competitive or superior level of accuracy for simple type prediction while also providing useful confidence estimates. We show that the learned confidence estimates produced by DRAGON strongly correlate with accuracy, such that higher confidence predictions generally correspond with a higher level of accuracy than lower confidence predictions.

Paper

View More Papers

Towards LLM-Resistant Software Protection: Agent Failure Patterns in CTF...

Ryutaro Nishizaka, Yudai Fujiwara, Takuya Shimizu, Kazushi Kato, Yuichi Sugiyama (Ricerca Security, Inc.)

YuraScanner: Leveraging LLMs for Task-driven Web App Scanning

Aleksei Stafeev (CISPA Helmholtz Center for Information Security), Tim Recktenwald (CISPA Helmholtz Center for Information Security), Gianluca De Stefano (CISPA Helmholtz Center for Information Security), Soheil Khodayari (CISPA Helmholtz Center for Information Security), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security)

Ctrl+Alt+Deceive: Quantifying User Exposure to Online Scams

Platon Kotzias (Norton Research Group, BforeAI), Michalis Pachilakis (Norton Research Group, Computer Science Department University of Crete), Javier Aldana Iuit (Norton Research Group), Juan Caballero (IMDEA Software Institute), Iskander Sanchez-Rola (Norton Research Group), Leyla Bilge (Norton Research Group)