TL;DR
This paper introduces EVIL, a neural machine translation-based approach that automatically generates exploits in assembly and Python from natural language descriptions, simplifying the exploit development process.
Contribution
It presents a novel NMT-based method and a new dataset for automatically translating natural language into exploit code, demonstrating high accuracy in syntax and semantics.
Findings
High syntactic correctness of generated exploits
Semantic accuracy in exploit code generation
Effective use of NMT techniques for security applications
Abstract
Writing exploits for security assessment is a challenging task. The writer needs to master programming and obfuscation techniques to develop a successful exploit. To make the task easier, we propose an approach (EVIL) to automatically generate exploits in assembly/Python language from descriptions in natural language. The approach leverages Neural Machine Translation (NMT) techniques and a dataset that we developed for this work. We present an extensive experimental study to evaluate the feasibility of EVIL, using both automatic and manual analysis, and both at generating individual statements and entire exploits. The generated code achieved high accuracy in terms of syntactic and semantic correctness.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
