Semantic learning is a common method for binary vulnerability detection, which can analyze the assembly structure of the binary code. The existing methods such as control flow graphs and labeled semantic flow graphs perform single semantic analysis to determine whether a known vulnerability is hidden in the binary function. However, challenge arises when they perform vulnerability detection cross-platforms. In this paper, we propose a multigranularity semantic-based vulnerability search method to deal with the challenge of cross-platform vulnerability detection, and implement its prototype Taurus. Given the binary function to be searched and vulnerability function, Taurus first extracts their inter-basic-block, inter-function, and inter-module semantic features respectively, and then calculates the similarity distance between them at three levels. Finally, three similarity scores are combined to rank in descending order to obtain the vulnerability detection report. The performance comparison indicates that Taurus outperforms the state-of-the-art approaches in terms of accuracy.

中文翻译：

---

基于多粒度语义的跨平台二进制漏洞搜索方法

语义学习是二进制漏洞检测的常用方法，可以分析二进制代码的汇编结构。控制流图和标记语义流图等现有方法执行单个语义分析以确定二进制函数中是否隐藏了已知漏洞。然而，当他们跨平台执行漏洞检测时，挑战就出现了。在本文中，我们提出了一种基于多粒度语义的漏洞搜索方法来应对跨平台漏洞检测的挑战，并实现了其原型Taurus。给定待搜索的二元函数和漏洞函数，Taurus首先分别提取它们的基本块间、功能间和模块间的语义特征，然后计算它们在三个层次上的相似度距离。最后将三个相似度分数相结合，降序排列，得到漏洞检测报告。性能比较表明Taurus在准确性方面优于最先进的方法。