Beyond Classification: Inferring Function Names in Stripped Binaries via Domain Adapted LLMs

Linxi Jiang (The Ohio State University), Xin Jin (The Ohio State University), Zhiqiang Lin (The Ohio State University)

Function name inference in stripped binaries is an important yet challenging task for many security applications, such as malware analysis and vulnerability discovery, due to the need to grasp binary code semantics amidst diverse instruction sets, architectures, compiler optimizations, and obfuscations. While machine learning has made significant progress in this field, existing methods often struggle with unseen data, constrained by their reliance on a limited vocabulary-based classification approach. In this paper, we present SymGen, a novel framework employing an autoregressive generation paradigm powered by domain-adapted generative large language models (LLMs) for enhanced binary code interpretation. We have evaluated SymGen on a dataset comprising 2,237,915 binary functions across four architectures (x86-64, x86-32, ARM, MIPS) with four levels of optimizations (O0-O3) where it surpasses the state-of-the-art with up to 409.3%, 553.5%, and 489.4% advancement in precision, recall, and F1 score, respectively, showing superior effectiveness and generalizability. Our ablation and case studies also demonstrate the significant performance boosts achieved by our design, e.g., the domain adaptation approach, alongside showcasing SymGen’s practicality in analyzing real-world binaries, e.g., obfuscated binaries and malware executables.

Paper

Slides

Video

View More Papers

L-HAWK: A Controllable Physical Adversarial Patch Against a Long-Distance...

Taifeng Liu (Xidian University), Yang Liu (Xidian University), Zhuo Ma (Xidian University), Tong Yang (Peking University), Xinjing Liu (Xidian University), Teng Li (Xidian University), Jianfeng Ma (Xidian University)

BumbleBee: Secure Two-party Inference Framework for Large Transformers

Wen-jie Lu (Ant Group), Zhicong Huang (Ant Group), Zhen Gu (Alibaba Group), Jingyu Li (Ant Group & Zhejiang University), Jian Liu (Zhejiang University), Cheng Hong (Ant Group), Kui Ren (Zhejiang University), Tao Wei (Ant Group), WenGuang Chen (Ant Group)

Towards LLM-Assisted Vulnerability Detection and Repair for Open-Source 5G...

Rupam Patir (University at Buffalo), Qiqing Huang (University at Buffalo), Keyan Guo (University at Buffalo), Wanda Guo (Texas A&M University), Guofei Gu (Texas A&M University), Haipeng Cai (University at Buffalo), Hongxin Hu (University at Buffalo)

CCTAG: Configurable and Combinable Tagged Architecture

Zhanpeng Liu (Peking University), Yi Rong (Tsinghua University), Chenyang Li (Peking University), Wende Tan (Tsinghua University), Yuan Li (Zhongguancun Laboratory), Xinhui Han (Peking University), Songtao Yang (Zhongguancun Laboratory), Chao Zhang (Tsinghua University)