Token-Efficient Binary Vulnerability Prioritization via Function Pre-filtering with LLMs
摘要
With the widespread use of the Internet of Things (IoT) and mobile devices, binary programs are widely used in human life. From smart homes and car systems to industrial control systems, underlying firmware and native executable files form the core of these critical infrastructures. In traditional vulnerability discovery, researchers need to manually analyze function relationships and function content. With the rapid development of Artificial Intelligence (AI), large language models (LLMs) are utilized for analysis, replacing manual analysis. However, sending fully decompiled functions to LLMs consumes a large number of tokens, resulting in high costs and slow responses, particularly for large binaries. Many existing methods treat all functions equally, without focusing on those more likely to be vulnerable. In this paper, we proposed a token-efficient binary vulnerability prioritization framework. Our framework allows the LLM to analyze function names to identify potentially risky functions, and then enables the LLM to examine only these selected functions in detail. What’s more, we introduce a metric called token-detection efficiency (TDE) to better demonstrate the efficiency of our proposed framework. The experiment shows that our framework achieves higher vulnerability detection accuracy with fewer tokens.