Deep Learning-based Binary Analysis for Vulnerability Detection in x86-64 Machine Code

TL;DR

This study investigates the potential of using raw x86-64 machine code with deep learning models for vulnerability detection, finding that graph-based models outperform sequential ones and that machine code retains enough information for effective analysis.

Contribution

It is the first systematic evaluation of deep learning models on raw machine code for vulnerability detection, highlighting the effectiveness of graph-based approaches.

Findings

Graph-based models outperform sequential models.

Machine code contains sufficient information for vulnerability detection.

Control flow relationships improve model performance.

Abstract

While much of the current research in deep learning-based vulnerability detection relies on disassembled binaries, this paper explores the feasibility of extracting features directly from raw x86-64 machine code. Although assembly language is more interpretable for humans, it requires more complex models to capture token-level context. In contrast, machine code may enable more efficient, lightweight models and preserve all information that might be lost in disassembly. This paper approaches the task of vulnerability detection through an exploratory study on two specific deep learning model architectures and aims to systematically evaluate their performance across three vulnerability types. The results demonstrate that graph-based models consistently outperform sequential models, emphasizing the importance of control flow relationships, and that machine code contains sufficient information for effective vulnerability discovery.