{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,22]],"date-time":"2026-03-22T08:24:07Z","timestamp":1774167847463,"version":"3.50.1"},"reference-count":74,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2023,11,24]],"date-time":"2023-11-24T00:00:00Z","timestamp":1700784000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100012166","name":"National Key R&D Program of China","doi-asserted-by":"crossref","award":["2022YFB3103904"],"award-info":[{"award-number":["2022YFB3103904"]}],"id":[{"id":"10.13039\/501100012166","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Strategic Priority Research Program of Chinese Academy of Sciences","award":["XDC02020100"],"award-info":[{"award-number":["XDC02020100"]}]},{"name":"Joint Fund Cultivation Project of National Natural Science Foundation of China","award":["U1636120"],"award-info":[{"award-number":["U1636120"]}]},{"name":"Science and Technology Project of State Grid Corporation of China","award":["5700-202258499A-3-0-ZZ"],"award-info":[{"award-number":["5700-202258499A-3-0-ZZ"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"crossref","award":["U1766215"],"award-info":[{"award-number":["U1766215"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100001809","name":"Chinese National Natural Science Foundation","doi-asserted-by":"crossref","award":["62202462"],"award-info":[{"award-number":["62202462"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Softw. Eng. Methodol."],"published-print":{"date-parts":[[2024,1,31]]},"abstract":"<jats:p>\n            Widespread code reuse allows vulnerabilities to proliferate among a vast variety of firmware. There is an urgent need to detect these vulnerable codes effectively and efficiently. By measuring code similarities,\n            <jats:italic>AI-based binary code similarity detection<\/jats:italic>\n            is applied to detecting vulnerable code at scale. Existing studies have proposed various function features to capture the commonality for similarity detection. Nevertheless, the significant code syntactic variability induced by the diversity of IoT hardware architectures diminishes the accuracy of binary code similarity detection. In our earlier study and the tool\n            <jats:italic>Asteria<\/jats:italic>\n            , we adopted a Tree-LSTM network to summarize function semantics as function commonality, and the evaluation result indicates an advanced performance. However, it still has utility concerns due to excessive time costs and inadequate precision while searching for large-scale firmware bugs.\n          <\/jats:p>\n          <jats:p>\n            To this end, we propose a novel deep learning-enhancement architecture by incorporating domain knowledge-based pre-filtration and re-ranking modules, and we develop a prototype named\n            <jats:sc>Asteria-Pro<\/jats:sc>\n            based on\n            <jats:italic>Asteria<\/jats:italic>\n            . The pre-filtration module eliminates dissimilar functions, thus reducing the subsequent deep learning-model calculations. The re-ranking module boosts the rankings of vulnerable functions among candidates generated by the deep learning model. Our evaluation indicates that the pre-filtration module cuts the calculation time by 96.9%, and the re-ranking module improves MRR and Recall by 23.71% and 36.4%, respectively. By incorporating these modules,\n            <jats:sc>Asteria-Pro<\/jats:sc>\n            outperforms existing state-of-the-art approaches in the bug search task by a significant margin. Furthermore, our evaluation shows that embedding baseline methods with pre-filtration and re-ranking modules significantly improves their precision. We conduct a large-scale real-world firmware bug search, and\n            <jats:sc>Asteria-Pro<\/jats:sc>\n            manages to detect 1,482 vulnerable functions with a high precision 91.65%.\n          <\/jats:p>","DOI":"10.1145\/3604611","type":"journal-article","created":{"date-parts":[[2023,6,17]],"date-time":"2023-06-17T09:14:56Z","timestamp":1686993296000},"page":"1-40","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":40,"title":["Asteria-Pro: Enhancing Deep Learning-based Binary Code Similarity Detection by Incorporating Domain Knowledge"],"prefix":"10.1145","volume":"33","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4385-8261","authenticated-orcid":false,"given":"Shouguo","family":"Yang","sequence":"first","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-4729-7778","authenticated-orcid":false,"given":"Chaopeng","family":"Dong","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-8009-2252","authenticated-orcid":false,"given":"Yang","family":"Xiao","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-9333-356X","authenticated-orcid":false,"given":"Yiran","family":"Cheng","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6168-8003","authenticated-orcid":false,"given":"Zhiqiang","family":"Shi","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7071-2976","authenticated-orcid":false,"given":"Zhi","family":"Li","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2745-7521","authenticated-orcid":false,"given":"Limin","family":"Sun","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}]}],"member":"320","published-online":{"date-parts":[[2023,11,24]]},"reference":[{"key":"e_1_3_1_2_2","unstructured":"Asteria-BCSD. 2022. Asteria-Pro Code Repository. Retrieved from https:\/\/github.com\/Asteria-BCSD\/Asteria-Pro"},{"key":"e_1_3_1_3_2","unstructured":"Microsoft Security. 2022. Binwalk. Retrieved from https:\/\/www.refirmlabs.com\/binwalk\/"},{"key":"e_1_3_1_4_2","unstructured":"Buildroot. 2022. Buildroot Making Embedded Linux Easy. Retrieved from https:\/\/buildroot.org"},{"key":"e_1_3_1_5_2","unstructured":"Cisco. 2022. Cisco website. Retrieved from https:\/\/www.cisco.com\/c\/en_hk\/index.html"},{"key":"e_1_3_1_6_2","unstructured":"cxxfilt. 2022. cxxfilt. Retrieved from https:\/\/pypi.org\/project\/cxxfilt\/"},{"key":"e_1_3_1_7_2","unstructured":"Dajiang. 2022. Dajiang Website. Retrieved from https:\/\/www.dji.com\/"},{"key":"e_1_3_1_8_2","unstructured":"Diaphora. 2022. Diaphora. Retrieved from https:\/\/github.com\/joxeankoret\/diaphora"},{"key":"e_1_3_1_9_2","unstructured":"Wikibooks. 2022. Function decoration. Retrieved from https:\/\/en.wikibooks.org\/wiki\/X86_Disassembly\/Calling_Conventions#Note_on_Name_Decorations"},{"key":"e_1_3_1_10_2","unstructured":"Hikvision. 2022. hikvision website. Retrieved from https:\/\/www.hikvision.com\/sg\/"},{"key":"e_1_3_1_11_2","unstructured":"Hex rays. 2022. IDA Pro. Retrieved from https:\/\/www.hex-rays.com\/products\/ida\/index.shtml"},{"key":"e_1_3_1_12_2","unstructured":"NVD. 2022. National Vulnerability Database. Retrieved from https:\/\/nvd.nist.gov\/"},{"key":"e_1_3_1_13_2","unstructured":"NetGear. 2022. NetGear Download. Retrieved from http:\/\/support.netgear.cn\/download.asp"},{"key":"e_1_3_1_14_2","unstructured":"OpenSSH. 2022. OpenSSH 1.0.1h Vulnerability Statistics. Retrieved from https:\/\/www.cvedetails.com\/version\/524410\/Openssl-Openssl-1.0.1h.html"},{"key":"e_1_3_1_15_2","unstructured":"Schneider. 2022. Schneider website. Retrieved from https:\/\/www.se.com\/ww\/en\/"},{"key":"e_1_3_1_16_2","unstructured":"TP-Link. 2022. TP-Link website. Retrieved from https:\/\/www.tp-link.com\/sg\/"},{"key":"e_1_3_1_17_2","doi-asserted-by":"publisher","DOI":"10.1145\/1095430.1081733"},{"key":"e_1_3_1_18_2","doi-asserted-by":"publisher","DOI":"10.5555\/850947.853341"},{"key":"e_1_3_1_19_2","doi-asserted-by":"publisher","DOI":"10.1145\/3447245"},{"key":"e_1_3_1_20_2","first-page":"678","volume-title":"Proceedings of the 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","author":"Chandramohan Mahinthan","year":"2016","unstructured":"Mahinthan Chandramohan, Yinxing Xue, Zhengzi Xu, Yang Liu, Chia Yuan Cho, and Hee Beng Kuan Tan. 2016. Bingo: Cross-architecture cross-os binary search. In Proceedings of the 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering. ACM, 678\u2013689."},{"key":"e_1_3_1_21_2","unstructured":"Daming D. Chen Maverick Woo David Brumley and Manuel Egele. 2016. Towards automated dynamic analysis for linux-based embedded firmware. In Proceedings of the Annual Network and Distributed System Security Symposium (NDSS\u201916)."},{"key":"e_1_3_1_22_2","doi-asserted-by":"publisher","DOI":"10.1002\/spe.4380250706"},{"key":"e_1_3_1_23_2","unstructured":"Ang Cui Michael Costello and Salvatore Stolfo. 2013. When firmware modifications attack: A case study of embedded exploitation. In Proceedings of the Annual Network and Distributed System Security Symposium (NDSS\u201913)."},{"issue":"2","key":"e_1_3_1_24_2","doi-asserted-by":"crossref","first-page":"392","DOI":"10.1145\/3296957.3177157","article-title":"FirmUp: Precise static detection of common vulnerabilities in firmware","volume":"53","author":"David Yaniv","year":"2018","unstructured":"Yaniv David, Nimrod Partush, and Eran Yahav. 2018. FirmUp: Precise static detection of common vulnerabilities in firmware. ACM SIGPLAN Not. 53, 2 (2018), 392\u2013404.","journal-title":"ACM SIGPLAN Not."},{"key":"e_1_3_1_25_2","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594343"},{"key":"e_1_3_1_26_2","doi-asserted-by":"publisher","DOI":"10.1002\/(SICI)1097-4571(199009)41:6<391::AID-ASI1>3.0.CO;2-9"},{"key":"e_1_3_1_27_2","first-page":"73","volume-title":"Proceedings of the IEEE Security and Privacy Workshops","author":"D\u2019Silva Vijay","year":"2015","unstructured":"Vijay D\u2019Silva, Mathias Payer, and Dawn Song. 2015. The correctness-security gap in compiler optimization. In Proceedings of the IEEE Security and Privacy Workshops. IEEE, 73\u201387."},{"key":"e_1_3_1_28_2","first-page":"2169","volume-title":"Proceedings of the ACM SIGSAC Conference on Computer and Communications Security","author":"Duan Ruian","year":"2017","unstructured":"Ruian Duan, Ashish Bijlani, Meng Xu, Taesoo Kim, and Wenke Lee. 2017. Identifying open-source license violation and 1-day security risk at large scale. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 2169\u20132185."},{"issue":"1","key":"e_1_3_1_29_2","first-page":"3","article-title":"Graph-based comparison of executable objects (English version)","volume":"5","author":"Dullien Thomas","year":"2005","unstructured":"Thomas Dullien and Rolf Rolles. 2005. Graph-based comparison of executable objects (English version). SSTIC 5, 1 (2005), 3.","journal-title":"SSTIC"},{"key":"e_1_3_1_30_2","first-page":"303","volume-title":"Proceedings of the 23rd USENIX Security Symposium (USENIX Security\u201914)","author":"Egele Manuel","year":"2014","unstructured":"Manuel Egele, Maverick Woo, Peter Chapman, and David Brumley. 2014. Blanket execution: Dynamic similarity testing for program binaries and components. In Proceedings of the 23rd USENIX Security Symposium (USENIX Security\u201914). 303\u2013317."},{"key":"e_1_3_1_31_2","first-page":"303","volume-title":"Proceedings of the 23rd USENIX Security Symposium (USENIX Security\u201914)","author":"Egele Manuel","year":"2014","unstructured":"Manuel Egele, Maverick Woo, Peter Chapman, and David Brumley. 2014. Blanket execution: Dynamic similarity testing for program binaries and components. In Proceedings of the 23rd USENIX Security Symposium (USENIX Security\u201914). USENIX Association, San Diego, CA, 303\u2013317.Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity14\/technical-sessions\/presentation\/egele"},{"key":"e_1_3_1_32_2","volume-title":"Proceedings of the 23rd Annual Network and Distributed System Security Symposium (NDSS\u201916)","author":"Eschweiler Sebastian","year":"2016","unstructured":"Sebastian Eschweiler, Khaled Yakdan, and Elmar Gerhards-Padilla. 2016. discovRE: Efficient cross-architecture identification of bugs in binary code. In Proceedings of the 23rd Annual Network and Distributed System Security Symposium (NDSS\u201916)."},{"key":"e_1_3_1_33_2","first-page":"346","volume-title":"Proceedings of the ACM on Asia Conference on Computer and Communications Security","author":"Feng Qian","year":"2017","unstructured":"Qian Feng, Minghua Wang, Mu Zhang, Rundong Zhou, Andrew Henderson, and Heng Yin. 2017. Extracting conditional formulas for cross-platform bug search. In Proceedings of the ACM on Asia Conference on Computer and Communications Security. 346\u2013359."},{"key":"e_1_3_1_34_2","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978370"},{"key":"e_1_3_1_35_2","first-page":"238","volume-title":"Proceedings of the International Conference on Information and Communications Security","author":"Gao Debin","year":"2008","unstructured":"Debin Gao, Michael K. Reiter, and Dawn Song. 2008. Binhunt: Automatically finding semantic differences in binary programs. In Proceedings of the International Conference on Information and Communications Security. Springer, 238\u2013255."},{"key":"e_1_3_1_36_2","unstructured":"Eric Gustafson Marius Muench Chad Spensky Nilo Redini Aravind Machiry Yanick Fratantonio Davide Balzarotti Aurelien Francillon Yung Ryn Choe Christopher Kruegel et\u00a0al. 2019. Toward the analysis of embedded firmware through automated re-hosting. In Proceedings of the 22nd International Symposium on Research in Attacks Intrusions and Defenses (RAID\u201919) . 135\u2013150."},{"key":"e_1_3_1_37_2","doi-asserted-by":"publisher","DOI":"10.1145\/1127577.1127590"},{"key":"e_1_3_1_38_2","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2018.00508"},{"key":"e_1_3_1_39_2","volume-title":"Computer architecture: A Quantitative Approach","author":"Hennessy John L.","year":"2011","unstructured":"John L. Hennessy and David A. Patterson. 2011. Computer architecture: A Quantitative Approach. Elsevier."},{"issue":"8","key":"e_1_3_1_40_2","doi-asserted-by":"crossref","first-page":"1735","DOI":"10.1162\/neco.1997.9.8.1735","article-title":"Long short-term memory","volume":"9","author":"Hochreiter Sepp","unstructured":"Sepp Hochreiter and J\u00fcrgen Schmidhuber. [n.d.]. Long short-term memory. Neural Comput. 9, 8 ([n.d.]), 1735\u20131780.","journal-title":"Neural Comput."},{"key":"e_1_3_1_41_2","first-page":"87","volume-title":"Proceedings of the Symposium on Applied Math","volume":"40","author":"Horn Roger A.","year":"1990","unstructured":"Roger A. Horn. 1990. The Hadamard product. In Proceedings of the Symposium on Applied Math, Vol. 40. 87\u2013169."},{"key":"e_1_3_1_42_2","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653736"},{"key":"e_1_3_1_43_2","first-page":"187","volume-title":"Presented as Part of the USENIX Annual Technical Conference (USENIX ATC\u201913)","author":"Hu Xin","year":"2013","unstructured":"Xin Hu, Kang G. Shin, Sandeep Bhatkar, and Kent Griffin. 2013. Mutantx-s: Scalable malware clustering based on static features. In Presented as Part of the USENIX Annual Technical Conference (USENIX ATC\u201913). 187\u2013198."},{"key":"e_1_3_1_44_2","doi-asserted-by":"publisher","DOI":"10.5555\/2487085.2487147"},{"key":"e_1_3_1_45_2","first-page":"18","volume-title":"Proceedings of the SouthEast Conference","author":"Lee Amanda","year":"2017","unstructured":"Amanda Lee and Travis Atkison. 2017. A comparison of fuzzy hashes: Evaluation, guidelines, and future suggestions. In Proceedings of the SouthEast Conference. 18\u201325."},{"key":"e_1_3_1_46_2","first-page":"3236","volume-title":"Proceedings of the ACM SIGSAC Conference on Computer and Communications Security","author":"Li Xuezixiang","year":"2021","unstructured":"Xuezixiang Li, Yu Qu, and Heng Yin. 2021. Palmtree: Learning an assembly language model for instruction embedding. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 3236\u20133251."},{"key":"e_1_3_1_47_2","doi-asserted-by":"publisher","DOI":"10.1145\/3238147.3238199"},{"key":"e_1_3_1_48_2","doi-asserted-by":"publisher","DOI":"10.1145\/3395363.3397370"},{"key":"e_1_3_1_49_2","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635900"},{"key":"e_1_3_1_50_2","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635900"},{"key":"e_1_3_1_51_2","first-page":"2099","volume-title":"Proceedings of the 31st USENIX Security Symposium (USENIX Security 22)","author":"Marcelli Andrea","year":"2022","unstructured":"Andrea Marcelli, Mariano Graziano, Xabier Ugarte-Pedrero, Yanick Fratantonio, Mohamad Mansouri, and Davide Balzarotti. 2022. How machine learning is solving the binary function similarity problem. In Proceedings of the 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA, 2099\u20132116. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/marcelli"},{"key":"e_1_3_1_52_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22038-9_15"},{"key":"e_1_3_1_53_2","first-page":"92","volume-title":"Proceedings of the International Conference on Information Security and Cryptology","author":"Ming Jiang","year":"2012","unstructured":"Jiang Ming, Meng Pan, and Debin Gao. 2012. iBinHunt: Binary hunting with inter-procedural control flow. In Proceedings of the International Conference on Information Security and Cryptology. Springer, 92\u2013109."},{"key":"e_1_3_1_54_2","unstructured":"Kexin Pei Zhou Xuan Junfeng Yang Suman Jana and Baishakhi Ray. 2020. Trex: Learning execution semantics from micro-traces for binary similarity. Retrieved from https:\/\/arxiv.org\/abs\/2012.08680"},{"key":"e_1_3_1_55_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.49"},{"key":"e_1_3_1_56_2","doi-asserted-by":"publisher","DOI":"10.1145\/1572272.1572287"},{"issue":"9","key":"e_1_3_1_57_2","first-page":"64","article-title":"Finding binary clones with opstrings function digests: Part III","volume":"30","author":"Schulman Andrew","year":"2005","unstructured":"Andrew Schulman. 2005. Finding binary clones with opstrings function digests: Part III. Dr. Dobb\u2019s J. 30, 9 (2005), 64.","journal-title":"Dr. Dobb\u2019s J."},{"key":"e_1_3_1_58_2","first-page":"1","volume-title":"Proceedings of the International Joint Conference on Neural Networks (IJCNN\u201919)","author":"Shido Yusuke","year":"2019","unstructured":"Yusuke Shido, Yasuaki Kobayashi, Akihiro Yamamoto, Atsushi Miyamoto, and Tadayuki Matsumura. 2019. Automatic source code summarization with extended tree-LSTM. In Proceedings of the International Joint Conference on Neural Networks (IJCNN\u201919). IEEE, 1\u20138."},{"key":"e_1_3_1_59_2","unstructured":"Kai Sheng Tai Richard Socher and Christopher D. Manning. 2015. Improved semantic representations from tree-structured long short-term memory networks. Retrieved from https:\/\/arXiv:1503.00075"},{"key":"e_1_3_1_60_2","unstructured":"Kai Sheng Tai Richard Socher and Christopher D. Manning. 2015. Improved semantic representations from tree-structured long short-term memory networks. Retrieved from http:\/\/arxiv.org\/abs\/1503.00075"},{"key":"e_1_3_1_61_2","doi-asserted-by":"crossref","first-page":"423","DOI":"10.1145\/3524842.3528442","volume-title":"Proceedings of the 19th International Conference on Mining Software Repositories","author":"Tang Wei","year":"2022","unstructured":"Wei Tang, Yanlin Wang, Hongyu Zhang, Shi Han, Ping Luo, and Dongmei Zhang. 2022. LibDB: An effective and efficient framework for detecting third-party libraries in binaries. In Proceedings of the 19th International Conference on Mining Software Repositories. 423\u2013434."},{"key":"e_1_3_1_62_2","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534367"},{"key":"e_1_3_1_63_2","first-page":"1","article-title":"Bmat-A binary matching tool for stale profile propagation","volume":"2","author":"Wang Zheng","year":"2000","unstructured":"Zheng Wang, Ken Pierce, and Scott McFarling. 2000. Bmat-A binary matching tool for stale profile propagation. J. Instruct.-Level Parallel. 2 (2000), 1\u201320.","journal-title":"J. Instruct.-Level Parallel."},{"key":"e_1_3_1_64_2","first-page":"3041","volume-title":"Proceedings of the 30th USENIX Security Symposium (USENIX Security \u201921)","author":"Woo Seunghoon","year":"2021","unstructured":"Seunghoon Woo, Dongwook Lee, Sunghan Park, Heejo Lee, and Sven Dietrich. 2021. V0Finder: Discovering the correct origin of publicly reported software vulnerabilities. In Proceedings of the 30th USENIX Security Symposium (USENIX Security \u201921). 3041\u20133058."},{"key":"e_1_3_1_65_2","first-page":"519","volume-title":"Proceedings of the 21st Asia and South Pacific Design Automation Conference (ASP-DAC\u201916)","author":"Wurm J.","year":"2016","unstructured":"J. Wurm, K. Hoang, O. Arias, A. Sadeghi, and Y. Jin. 2016. Security analysis on consumer and industrial IoT devices. In Proceedings of the 21st Asia and South Pacific Design Automation Conference (ASP-DAC\u201916). 519\u2013524."},{"key":"e_1_3_1_66_2","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134018"},{"key":"e_1_3_1_67_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2827379"},{"key":"e_1_3_1_68_2","first-page":"13","volume-title":"Proceedings of the 5th USENIX Conference on Offensive Technologies","author":"Yamaguchi Fabian","year":"2011","unstructured":"Fabian Yamaguchi, Felix Lindner, and Konrad Rieck. 2011. Vulnerability extrapolation: Assisted discovery of vulnerabilities using machine learning. In Proceedings of the 5th USENIX Conference on Offensive Technologies. 13\u201313."},{"key":"e_1_3_1_69_2","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2421003"},{"key":"e_1_3_1_70_2","doi-asserted-by":"crossref","first-page":"1393","DOI":"10.1145\/3510003.3510627","volume-title":"Proceedings of the 44th International Conference on Software Engineering","author":"Yang Can","year":"2022","unstructured":"Can Yang, Zhengzi Xu, Hongxu Chen, Yang Liu, Xiaorui Gong, and Baoxu Liu. 2022. ModX: Binary level partially imported third-party library detection via program modularization and semantic matching. In Proceedings of the 44th International Conference on Software Engineering. 1393\u20131405."},{"key":"e_1_3_1_71_2","first-page":"224","volume-title":"Proceedings of the 51st Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN)","author":"Yang Shouguo","year":"2021","unstructured":"Shouguo Yang, Long Cheng, Yicheng Zeng, Zhe Lang, Hongsong Zhu, and Zhiqiang Shi. 2021. Asteria: Deep learning-based AST-encoding for cross-platform binary code similarity detection. In Proceedings of the 51st Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 224\u2013236."},{"key":"e_1_3_1_72_2","unstructured":"Wenpeng Yin Katharina Kann Mo Yu and Hinrich Sch\u00fctze. 2017. Comparative study of CNN and RNN for natural language processing. Retrieved from https:\/\/arXiv:1702.01923"},{"key":"e_1_3_1_73_2","first-page":"1","volume-title":"Proceedings of the Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS\u201914)","author":"Zaddach Jonas","year":"2014","unstructured":"Jonas Zaddach, Luca Bruno, Aurelien Francillon, Davide Balzarotti, et\u00a0al. 2014. AVATAR: A framework to support dynamic security analysis of embedded systems\u2019 firmwares. In Proceedings of the Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS\u201914). 1\u201316."},{"key":"e_1_3_1_74_2","article-title":"Neural machine translation inspired binary code similarity comparison beyond function pairs","author":"Zuo Fei","year":"2018","unstructured":"Fei Zuo, Xiaopeng Li, Patrick Young, Lannan Luo, Qiang Zeng, and Zhexin Zhang. 2018. Neural machine translation inspired binary code similarity comparison beyond function pairs. Retrieved from arXiv:1808.04706.","journal-title":"Retrieved from arXiv:1808.04706"},{"key":"e_1_3_1_75_2","doi-asserted-by":"publisher","DOI":"10.1093\/clinchem\/39.4.561"}],"container-title":["ACM Transactions on Software Engineering and Methodology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3604611","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3604611","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:46:04Z","timestamp":1750178764000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3604611"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,24]]},"references-count":74,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2024,1,31]]}},"alternative-id":["10.1145\/3604611"],"URL":"https:\/\/doi.org\/10.1145\/3604611","relation":{},"ISSN":["1049-331X","1557-7392"],"issn-type":[{"value":"1049-331X","type":"print"},{"value":"1557-7392","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,11,24]]},"assertion":[{"value":"2022-12-16","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-05-02","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-11-24","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}