Table 5 Real-world vulnerability analysis results (Top-k)
From: Unleashing the power of pseudo-code for binary code similarity analysis
CVE | Vulnerable function | Total | UPPC/true positives (k) | Asm2Vec/true positives (k) | SAFE/true positives (k) | Gemini/true positives (k) |
|---|---|---|---|---|---|---|
2014-0160 | dtls1_proc- ess_heartbeat | 15 | 14 | 15 | 12 | 7 |
2014-6271 | initialize_sh- ell_variables | 9 | 9 | 7 | 6 | 4 |
2015-3456 | fdctrl_handle_drive_s- pecification_command | 6 | 6 | 6 | 4 | 2 |
2014-9259 | configure | 7 | 7 | 7 | 2 | 4 |
2014-7169 | parse_and_execute | 3 | 3 | 3 | 1 | 3 |
2014-4877 | snmp_usm_pass- word_to_key_sha1 | 7 | 7 | 7 | 5 | 6 |
2014-4877 | ftp_syst | 7 | 5 | 5 | 5 | 3 |
2015-6826 | ff_rv34_decod- e_init_thread_copy | 7 | 7 | 7 | 7 | 7 |
Total | 61 | 58 | 57 | 42 | 36 | |
RecallRate | Â | 0.951 | 0.934 | 0.689 | 0.590 | |
Embedding Times (s) | Â | 172 | 1980 | 2341 | 1652 | |