VulCatch: Enhancing Binary Vulnerability Detection through CodeT5 Decompilation and KAN Advanced Feature Extraction
This addresses software security by improving detection of unknown vulnerabilities in binary programs, though it appears incremental as it builds on existing deep learning methods with new components.
The paper tackles binary vulnerability detection by proposing VulCatch, a framework that uses CodeT5 decompilation and KAN feature extraction to achieve high accuracy (98.88%) and precision (97.92%) with low false positives (1.56%) and false negatives (2.71%) across CVE datasets.
Binary program vulnerability detection is critical for software security, yet existing deep learning approaches often rely on source code analysis, limiting their ability to detect unknown vulnerabilities. To address this, we propose VulCatch, a binary-level vulnerability detection framework. VulCatch introduces a Synergy Decompilation Module (SDM) and Kolmogorov-Arnold Networks (KAN) to transform raw binary code into pseudocode using CodeT5, preserving high-level semantics for deep analysis with tools like Ghidra and IDA. KAN further enhances feature transformation, enabling the detection of complex vulnerabilities. VulCatch employs word2vec, Inception Blocks, BiLSTM Attention, and Residual connections to achieve high detection accuracy (98.88%) and precision (97.92%), while minimizing false positives (1.56%) and false negatives (2.71%) across seven CVE datasets.