HGE-BVHD: Heterogeneous Graph Embedding Scheme of Complex Structure Functions for Binary Vulnerability Homology Discrimination

Homologous vulnerability detection is an important aspect of computer security. It has several key problems, including discriminating structurally complex functions, supporting cross-architecture programs, distinguishing false positives, etc. Non-homologous functions with similar control flow graph structures are easily misjudged, which decreases discrimination accuracy. The vectors generated by instruction-embedding models contain architectural features, which increases the distance between homologous function vectors and leads to misclassification. In this paper, we propose a novel heterogeneous graph embedding (HGE) binary vulnerability homology discrimination (BVHD) method. HGE is used to aggregate basic block features to generate function representations, perform different transformations according to control flow and data flow, and improve the discrimination of non-homologous functions to increase discrimination accuracy. A novel multi-architecture instruction-embedding model is proposed for abstracting common semantic features and weakening the interference of architectural features to avoid misclassification. The experimental results show that the proposed method achieves state-of-the-art results in homologous function discrimination, and the upgrade is significant for complex structure functions.