CodeGrafter: Unifying Source and Binary Graphs for Robust Vulnerability Detection

CodeGrafter: Unifying Source and Binary Graphs for Robust Vulnerability Detection

연구 분야: Infrastructure

학회: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment

CodeGrafter is a novel framework for detecting security vulnerabilities in compiled C/C++ programs by integrating source- and binary-level code features into a unified Cross-Domain Code Property Graph (CDCPG). By combining the high-level semantic insights from source code with the detailed low-level information from compiled assembly, CodeGrafter uncovers vulnerabilities that are not detectable via source analysis or binary analysis alone. By combining both, it examines compiler decisions, such as dead code elimination, build-environment-dependent semantics (e.g., macros and pragmas), and compiler-generated interface code, to avoid false positives and false negatives in its analysis. For example, it can detect Points of Interests (POIs) where vulnerability severity is influenced by compilation-specific factors, such as stack layouts that place critical data near buffers. To streamline vulnerability detection, CodeGrafter represents these POIs as graphs and leverages Graph Neural Networks (GNNs) to significantly reduce manual auditing effort. Evaluations on six real-world applications demonstrate that CodeGrafter outperforms prior works that rely solely on source or binary-level representations alone, achieving an F1-score of 0.937 and a recall of 0.945 in identifying vulnerable functions.