{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,21]],"date-time":"2025-11-21T03:38:50Z","timestamp":1763696330668,"version":"3.45.0"},"reference-count":36,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2025,11,21]],"date-time":"2025-11-21T00:00:00Z","timestamp":1763683200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2025,11,21]],"date-time":"2025-11-21T00:00:00Z","timestamp":1763683200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"Abstract<\/jats:title>\n Binary vulnerability detection plays an important role in the field of program security. In order to deal with large-scale vulnerability detection tasks, more and more neural network technologies are applied to cross-architectures vulnerability detection. These technologies have significantly improved the accuracy of vulnerability detection. However, existing methods still face problems such as single extracted information, poor robustness against compilation optimization, and inability to perform cross-architectures vulnerability detection. Therefore, this paper proposes a cross-architectures vulnerability detection method based on attention mechanism and multi-feature fusion. This method can simultaneously obtain information such as assembly code, attribute control flow graph and function-level features for cross-architecture, cross-compilers and cross-optimization options vulnerability detection. Adding attention mechanism to GRU and GoogleNet improves the model to obtain semantic information and attribute information after the fusion of basic block-level and function-level features, and searches for Top-K suspected vulnerability functions and graph matching through deep neural network model to perform phased vulnerability detection. The experimental results show that this method achieves an accuracy of 95.79% and a Recall of 97.06%, which is better than the existing methods and performs well in vulnerability detection in real environments.<\/jats:p>","DOI":"10.1186\/s42400-025-00383-4","type":"journal-article","created":{"date-parts":[[2025,11,21]],"date-time":"2025-11-21T02:02:13Z","timestamp":1763690533000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["AMMF: cross-architectures vulnerability detection based on attention mechanism and multi-feature fusion"],"prefix":"10.1186","volume":"8","author":[{"given":"Yingmei","family":"Han","sequence":"first","affiliation":[]},{"given":"Bin","family":"Li","sequence":"additional","affiliation":[]},{"given":"Kun","family":"Li","sequence":"additional","affiliation":[]},{"given":"Qinglei","family":"Zhou","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,11,21]]},"reference":[{"key":"383_CR1","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-0716-0826-5_3","author":"D Chicco","year":"2021","unstructured":"Chicco D (2021) Siamese neural networks: an overview. Artif Neural Netw. https:\/\/doi.org\/10.1007\/978-1-0716-0826-5_3","journal-title":"Artif Neural Netw"},{"key":"383_CR2","unstructured":"Collyer J, Watson T, Phillips I (2023) Faser: binary code similarity search through the use of intermediate representations. arXiv preprint arXiv:2310.03605"},{"key":"383_CR3","unstructured":"Dai H, Dai B, Song L (2016) Discriminative embeddings of latent variable models for structured data. In: International conference on machine learning, pp. 2702\u20132711. PMLR"},{"key":"383_CR4","doi-asserted-by":"crossref","unstructured":"Devlin J, Chang M-W, Lee K, Toutanova K (2019) Bert: pre-training of deep bidirectional transformers for language understanding. In: Proceedings of the 2019 conference of the north american chapter of the association for computational linguistics: human language technologies, Volume 1 (Long and Short Papers), pp. 4171\u20134186","DOI":"10.18653\/v1\/N19-1423"},{"key":"383_CR5","doi-asserted-by":"crossref","unstructured":"Dey R, Salem FM (2017) Gate-variants of gated recurrent unit (GRU) neural networks. In: 2017 IEEE 60th international midwest symposium on circuits and systems (MWSCAS), pp. 1597\u20131600. IEEE","DOI":"10.1109\/MWSCAS.2017.8053243"},{"key":"383_CR6","doi-asserted-by":"crossref","unstructured":"Duan Y, Li X, Wang J, Yin H, et al. (2020) Deepbindiff: learning program-wide code representations for binary diffing. Proceedings of the Network and Distributed Security Symposium (NDSS), 1\u20139","DOI":"10.14722\/ndss.2020.24311"},{"issue":"10","key":"383_CR7","first-page":"286","volume":"48","author":"L Fang","year":"2021","unstructured":"Fang L, Wei Q, Wu Z-H (2021) Neural network-based binary function similarity detection. Comput Sci 48(10):286\u2013293","journal-title":"Comput Sci"},{"key":"383_CR8","doi-asserted-by":"crossref","unstructured":"Feng Q, Wang M, Zhang M, Zhou R, Henderson A, Yin H (2017) Extracting conditional formulas for cross-platform bug search. In: proceedings of the 2017 ACM on asia conference on computer and communications security, pp. 346\u2013359","DOI":"10.1145\/3052973.3052995"},{"key":"383_CR9","doi-asserted-by":"crossref","unstructured":"Grohe M (2020) word2vec, node2vec, graph2vec, x2vec: Towards a theory of vector embeddings of structured data. In: Proceedings of the 39th ACM SIGMOD-SIGACT-SIGAI symposium on principles of database systems, pp. 1\u201316","DOI":"10.1145\/3375395.3387641"},{"key":"383_CR10","doi-asserted-by":"crossref","unstructured":"He K, Zhang X, Ren S, Sun J (2015) Delving deep into rectifiers: Surpassing human-level performance on imagenet classification. In: Proceedings of the IEEE international conference on computer vision, pp. 1026\u20131034","DOI":"10.1109\/ICCV.2015.123"},{"issue":"8","key":"383_CR11","doi-asserted-by":"publisher","first-page":"1735","DOI":"10.1162\/neco.1997.9.8.1735","volume":"9","author":"S Hochreiter","year":"1997","unstructured":"Hochreiter S, Schmidhuber J (1997) Long short-term memory. Neural Comput 9(8):1735\u20131780","journal-title":"Neural Comput"},{"key":"383_CR12","doi-asserted-by":"crossref","unstructured":"Hou Q, Zhou D, Feng J (2021) Coordinate attention for efficient mobile network design. In: Proceedings of the IEEE\/CVF conference on computer vision and pattern recognition, pp. 13713\u201313722","DOI":"10.1109\/CVPR46437.2021.01350"},{"key":"383_CR13","doi-asserted-by":"publisher","first-page":"102804","DOI":"10.1016\/j.cose.2022.102804","volume":"120","author":"S Jiang","year":"2022","unstructured":"Jiang S, Fu C, Qian Y, He S, Lv J, Han L (2022) IFAttn: binary code similarity analysis based on interpretable features with attention. Comput Secur 120:102804","journal-title":"Comput Secur"},{"key":"383_CR14","doi-asserted-by":"publisher","first-page":"104029","DOI":"10.1016\/j.cose.2024.104029","volume":"145","author":"X Jiang","year":"2024","unstructured":"Jiang X, Wang S, Gong Y, Yu T, Liu L, Yu X (2024) Haformer: semantic fusion of hex machine code and assembly code for cross-architecture binary vulnerability detection. Comput Secur 145:104029","journal-title":"Comput Secur"},{"issue":"4","key":"383_CR15","doi-asserted-by":"publisher","first-page":"1661","DOI":"10.1109\/TSE.2022.3187689","volume":"49","author":"D Kim","year":"2022","unstructured":"Kim D, Kim E, Cha SK, Son S, Kim Y (2022) Revisiting binary code similarity analysis using interpretable feature engineering and lessons learned. IEEE Trans Softw Eng 49(4):1661\u20131682","journal-title":"IEEE Trans Softw Eng"},{"key":"383_CR16","doi-asserted-by":"crossref","unstructured":"Kim G, Hong S, Franz M, Song D (2022) Improving cross-platform binary analysis using representation learning via graph alignment. In: Proceedings of the 31st ACM SIGSOFT international symposium on software testing and analysis, pp. 151\u2013163","DOI":"10.1145\/3533767.3534383"},{"issue":"7","key":"383_CR17","first-page":"2040","volume":"31","author":"Y Li","year":"2020","unstructured":"Li Y, Huang C, Wang Z, Yuan L, Wang X (2020) Survey of software vulnerability mining methods based on machine learning. J Softw 31(7):2040\u20132061","journal-title":"J Softw"},{"key":"383_CR18","doi-asserted-by":"crossref","unstructured":"Li X, Qu Y, Yin H (2021) Palmtree: Learning an assembly language model for instruction embedding. In: Proceedings of the 2021 ACM SIGSAC conference on computer and communications security, pp. 3236\u20133251","DOI":"10.1145\/3460120.3484587"},{"key":"383_CR19","unstructured":"Liu Y, Ott M, Goyal N, Du J, Joshi M, Chen D, Levy O, Lewis M, Zettlemoyer L, Stoyanov V (2019) Roberta: a robustly optimized bert pretraining approach. arXiv preprint arXiv:1907.11692"},{"issue":"16","key":"383_CR20","doi-asserted-by":"publisher","first-page":"3283","DOI":"10.3390\/app9163283","volume":"9","author":"Z Luo","year":"2019","unstructured":"Luo Z, Wang B, Tang Y, Xie W (2019) Semantic-based representation binary clone detection for cross-architectures in the internet of things. Appl Sci 9(16):3283","journal-title":"Appl Sci"},{"key":"383_CR21","doi-asserted-by":"crossref","unstructured":"Luo Z, Wang P, Wang B, Tang Y, Xie W, Zhou X, Liu D, Lu K (2023) Vulhawk: cross-architecture vulnerability detection with entropy-based binary code search. In: NDSS","DOI":"10.14722\/ndss.2023.24415"},{"key":"383_CR22","doi-asserted-by":"crossref","unstructured":"Massarelli L, Di\u00a0Luna GA, Petroni F, Baldoni R, Querzoni L (2019) Safe: self-attentive function embeddings for binary similarity. In: detection of intrusions and malware, and vulnerability assessment: 16th international conference, DIMVA 2019, Gothenburg, Sweden, June 19\u201320, 2019, Proceedings 16, pp. 309\u2013329 . Springer","DOI":"10.1007\/978-3-030-22038-9_15"},{"issue":"1","key":"383_CR23","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1137\/0105003","volume":"5","author":"J Munkres","year":"1957","unstructured":"Munkres J (1957) Algorithms for the assignment and transportation problems. J Soc Ind Appl Math 5(1):32\u201338","journal-title":"J Soc Ind Appl Math"},{"key":"383_CR24","unstructured":"Pei K, Xuan Z, Yang J, Jana S, Ray B (2020) Trex: learning execution semantics from micro-traces for binary similarity. arXiv preprint arXiv:2012.08680"},{"key":"383_CR25","doi-asserted-by":"crossref","unstructured":"Szegedy C, Liu W, Jia Y, Sermanet P, Reed S, Anguelov D, Erhan D, Vanhoucke V, Rabinovich A (2015) Going deeper with convolutions. In: proceedings of the IEEE conference on computer vision and pattern recognition, pp. 1\u20139","DOI":"10.1109\/CVPR.2015.7298594"},{"key":"383_CR26","unstructured":"VenkataKeerthy S, Andaluri Y, Dey S, Banerjee S, Upadrasta R (2023) Vexir2vec: an architecture-neutral embedding framework for binary similarity. arXiv preprint arXiv:2312.00507"},{"issue":"1","key":"383_CR27","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1109\/TSE.2022.3149240","volume":"49","author":"H Wang","year":"2022","unstructured":"Wang H, Ma P, Yuan Y, Liu Z, Wang S, Tang Q, Nie S, Wu S (2022) Enhancing DNN-based binary code function search with low-cost equivalence checking. IEEE Trans Softw Eng 49(1):226\u2013250","journal-title":"IEEE Trans Softw Eng"},{"key":"383_CR28","doi-asserted-by":"publisher","first-page":"103023","DOI":"10.1016\/j.cose.2022.103023","volume":"125","author":"Y Wang","year":"2023","unstructured":"Wang Y, Jia P, Peng X, Huang C, Liu J (2023) Binvuldet: detecting vulnerability in binary program via decompiled pseudo code and BiLSTM-attention. Comput Secur 125:103023","journal-title":"Comput Secur"},{"key":"383_CR29","doi-asserted-by":"crossref","unstructured":"Wang H, Gao Z, Zhang C, Sha Z, Sun M, Zhou Y, Zhu W, Sun W, Qiu H, Xiao X (2024) Clap: learning transferable binary code representations with natural language supervision. arXiv preprint arXiv:2402.16928","DOI":"10.1145\/3650212.3652145"},{"key":"383_CR30","doi-asserted-by":"crossref","unstructured":"Wang H, Qu W, Katz G, Zhu W, Gao Z, Qiu H, Zhuge J, Zhang C (2022) Jtrans: Jump-aware transformer for binary code similarity detection. In: Proceedings of the 31st ACM SIGSOFT international symposium on software testing and analysis, pp. 1\u201313","DOI":"10.1145\/3533767.3534367"},{"key":"383_CR31","doi-asserted-by":"crossref","unstructured":"Xu X, Liu C, Feng Q, Yin H, Song L, Song D (2017) Neural network-based graph embedding for cross-platform binary code similarity detection. In: proceedings of the 2017 ACM SIGSAC conference on computer and communications security, pp. 363\u2013376","DOI":"10.1145\/3133956.3134018"},{"key":"383_CR32","doi-asserted-by":"crossref","unstructured":"Yang S, Cheng L, Zeng Y, Lang Z, Zhu H, Shi Z (2021) Asteria: Deep learning-based ast-encoding for cross-platform binary code similarity detection. In: 2021 51st annual IEEE\/IFIP international conference on dependable systems and networks (DSN), pp. 224\u2013236. IEEE","DOI":"10.1109\/DSN48987.2021.00036"},{"key":"383_CR33","doi-asserted-by":"crossref","unstructured":"Yang S, Yu X, Zhou Y (2020) Lstm and gru neural network performance comparison study: taking yelp review dataset as an example. In: 2020 international workshop on electronic communication and artificial intelligence (IWECAI), pp. 98\u2013101. IEEE","DOI":"10.1109\/IWECAI50956.2020.00027"},{"key":"383_CR34","doi-asserted-by":"crossref","unstructured":"Yuan S, Liu C, Shi J, Zhang K, Pu W, Liu X, Yang L (2024) Research on vulnerability detection techniques based on static analysis and program slice. In: 2024 6th international conference on electronic engineering and informatics (EEI), pp. 965\u2013969. IEEE","DOI":"10.1109\/EEI63073.2024.10696068"},{"issue":"1","key":"383_CR35","first-page":"19","volume":"35","author":"Q Zhan","year":"2023","unstructured":"Zhan Q, Pan S, Hu X, Bao L, Xia X (2023) Survey on vulnerability awareness of open source software. J Softw 35(1):19\u201337","journal-title":"J Softw"},{"key":"383_CR36","unstructured":"Zhu W, Wang H, Zhou Y, Wang J, Sha Z, Gao Z, Zhang C (2023) kTrans: knowledge-aware transformer for binary code embedding. arXiv preprint arXiv:2308.12659"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00383-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-025-00383-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00383-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,21]],"date-time":"2025-11-21T02:02:29Z","timestamp":1763690549000},"score":1,"resource":{"primary":{"URL":"https:\/\/cybersecurity.springeropen.com\/articles\/10.1186\/s42400-025-00383-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,21]]},"references-count":36,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025,12]]}},"alternative-id":["383"],"URL":"https:\/\/doi.org\/10.1186\/s42400-025-00383-4","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,11,21]]},"assertion":[{"value":"25 November 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 February 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 November 2025","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"86"}}