Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

BLens: Contrastive Captioning of Binary Functions using Ensemble Embedding

Tristan Benoit, Yunru Wang, Moritz Dannehl, Johannes Kinder

TL;DR

BLens reframes function-name prediction for stripped binaries as a multimodal captioning task, aligning binary function patches with lexical function names through a contrastive learning objective. It introduces Combo to fuse multiple binary embeddings into coherent function patches and Lord, a MLM-based decoder with flexible autoregression that prioritizes precision. The approach achieves state-of-the-art results across cross-binary and cross-project settings, with substantial gains in $F_1$, RougeL, and Bleu metrics and strong generalization under distribution shifts. The work demonstrates practical potential for more reliable reverse-engineering tooling and provides open-source artifacts to support reproducibility and further research.

Abstract

Function names can greatly aid human reverse engineers, which has spurred the development of machine learning-based approaches to predicting function names in stripped binaries. Much current work in this area now uses transformers, applying a metaphor of machine translation from code to function names. Still, function naming models face challenges in generalizing to projects unrelated to the training set. In this paper, we take a completely new approach by transferring advances in automated image captioning to the domain of binary reverse engineering, such that different parts of a binary function can be associated with parts of its name. We propose BLens, which combines multiple binary function embeddings into a new ensemble representation, aligns it with the name representation latent space via a contrastive learning approach, and generates function names with a transformer architecture tailored for function names. Our experiments demonstrate that BLens significantly outperforms the state of the art. In the usual setting of splitting per binary, we achieve an $F_1$ score of 0.79 compared to 0.70. In the cross-project setting, which emphasizes generalizability, we achieve an $F_1$ score of 0.46 compared to 0.29. Finally, in an experimental setting reducing shared components across projects, we achieve an $F_1$ score of $0.32$ compared to $0.19$.

BLens: Contrastive Captioning of Binary Functions using Ensemble Embedding

TL;DR

BLens reframes function-name prediction for stripped binaries as a multimodal captioning task, aligning binary function patches with lexical function names through a contrastive learning objective. It introduces Combo to fuse multiple binary embeddings into coherent function patches and Lord, a MLM-based decoder with flexible autoregression that prioritizes precision. The approach achieves state-of-the-art results across cross-binary and cross-project settings, with substantial gains in , RougeL, and Bleu metrics and strong generalization under distribution shifts. The work demonstrates practical potential for more reliable reverse-engineering tooling and provides open-source artifacts to support reproducibility and further research.

Abstract

Function names can greatly aid human reverse engineers, which has spurred the development of machine learning-based approaches to predicting function names in stripped binaries. Much current work in this area now uses transformers, applying a metaphor of machine translation from code to function names. Still, function naming models face challenges in generalizing to projects unrelated to the training set. In this paper, we take a completely new approach by transferring advances in automated image captioning to the domain of binary reverse engineering, such that different parts of a binary function can be associated with parts of its name. We propose BLens, which combines multiple binary function embeddings into a new ensemble representation, aligns it with the name representation latent space via a contrastive learning approach, and generates function names with a transformer architecture tailored for function names. Our experiments demonstrate that BLens significantly outperforms the state of the art. In the usual setting of splitting per binary, we achieve an score of 0.79 compared to 0.70. In the cross-project setting, which emphasizes generalizability, we achieve an score of 0.46 compared to 0.29. Finally, in an experimental setting reducing shared components across projects, we achieve an score of compared to .
Paper Structure (23 sections, 7 equations, 5 figures, 9 tables)

This paper contains 23 sections, 7 equations, 5 figures, 9 tables.

Table of Contents

  1. Introduction
  2. Multimodal Machine Learning
  3. Overview
  4. Combo
  5. Ensemble Encoding
  6. Contrastive Captioning
  7. Lord
  8. Masked Language Modeling
  9. Flexible Autoregression
  10. Evaluation
  11. Methodology
  12. Cross-Binary Setting
  13. Cross-Project Setting
  14. Strict Setting
  15. Ablation Study
  16. ...and 8 more sections

Figures (5)

  • Figure 1: Overview of BLens. Inspired by CoCa coca and GIT git, BLens employs a two-stage process: pre-training (blue arrows) and fine-tuning (red arrows). In pre-training, we initialize function tokens using an ensemble encoder and pre-train the function encoder with a contrastive captioning task. During fine-tuning, the pre-trained encoder, combined with a function name decoder trained with a new MLM task, generates function names. In inference (green arrows), the model takes functions as input and outputs their corresponding names with the flexible autoregression.
  • Figure 2: Overview of the ensemble encoder.
  • Figure 3: Overview of the contrastive captioning task.
  • Figure 4: A toy example of the flexible autoregressive process.
  • Figure 5: Curve of validation $F_1$ scores over the fine-tuning for the input embeddings ablation models.