Can We Generate Shellcodes via Natural Language? An Empirical Study

Add code
Feb 08, 2022
Pietro Liguori, Erfan Al-Hossami, Domenico Cotroneo, Roberto Natella, Bojan Cukic, Samira Shaikh
Figure 1 for Can We Generate Shellcodes via Natural Language? An Empirical Study
Figure 2 for Can We Generate Shellcodes via Natural Language? An Empirical Study
Figure 3 for Can We Generate Shellcodes via Natural Language? An Empirical Study
Figure 4 for Can We Generate Shellcodes via Natural Language? An Empirical Study

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Writing software exploits is an important practice for offensive security analysts to investigate and prevent attacks. In particular, shellcodes are especially time-consuming and a technical challenge, as they are written in assembly language. In this work, we address the task of automatically generating shellcodes, starting purely from descriptions in natural language, by proposing an approach based on Neural Machine Translation (NMT). We then present an empirical study using a novel dataset (Shellcode_IA32), which consists of 3,200 assembly code snippets of real Linux/x86 shellcodes from public databases, annotated using natural language. Moreover, we propose novel metrics to evaluate the accuracy of NMT at generating shellcodes. The empirical analysis shows that NMT can generate assembly code snippets from the natural language with high accuracy and that in many cases can generate entire shellcodes with no errors.

* 33 pages, 5 figures, 9 tables. To be published in Automated Software Engineering journal  
View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon