DualSC: Automatic Generation and Summarization of Shellcode via Transformer and Dual Learning

TL;DR

This paper introduces DualSC, a novel Transformer-based approach for automatic shellcode generation and summarization, addressing low-resource challenges and out-of-vocabulary issues, validated on real-world data.

Contribution

The study formalizes shellcode generation and summarization as dual tasks, proposes a normalization method and rule-based repair to enhance low-resource performance.

Findings

DualSC outperforms six state-of-the-art baselines.

Component ablation confirms effectiveness of proposed methods.

Human study validates practical usefulness.

Abstract

A shellcode is a small piece of code and it is executed to exploit a software vulnerability, which allows the target computer to execute arbitrary commands from the attacker through a code injection attack. Similar to the purpose of automated vulnerability generation techniques, the automated generation of shellcode can generate attack instructions, which can be used to detect vulnerabilities and implement defensive measures. While the automated summarization of shellcode can help users unfamiliar with shellcode and network information security understand the intent of shellcode attacks. In this study, we propose a novel approach DualSC to solve the automatic shellcode generation and summarization tasks. Specifically, we formalize automatic shellcode generation and summarization as dual tasks, use a shallow Transformer for model construction, and design a normalization method Adjust QKNorm to adapt these low-resource tasks (i.e., insufficient training data). Finally, to alleviate the out-of-vocabulary problem, we propose a rulebased repair component to improve the performance of automatic shellcode generation. In our empirical study, we select a highquality corpus Shellcode IA32 as our empirical subject. This corpus was gathered from two real-world projects based on the line-by-line granularity. We first compare DualSC with six state-of-the-art baselines from the code generation and code summarization domains in terms of four performance measures. The comparison results show the competitiveness of DualSC. Then, we verify the effectiveness of the component setting in DualSC. Finally, we conduct a human study to further verify the effectiveness of DualSC.