信息工程大学学报2025,Vol.26Issue(4):478-484,7.DOI:10.3969/j.issn.1671-0673.2025.04.015
DeepClap:一种基于残差对齐网络的漏洞跨模态搜索方法
DeepClap:A Cross-Modal Vulnerability Retrieval Method Based on Residual Alignment Network
摘要
Abstract
To address performance bottlenecks in cross-architecture binary code representation learn-ing caused by compiler optimizations,architectural variations,and code obfuscation,while mitigating data scarcity constraints in binary vulnerability detection,the DeepClap framework is proposed.Key innovations include the following aspects.A quantized DeepSeek model for code explanation genera-tion.A lightweight residual alignment network to reduce training costs with enhanced representation fi-delity.A natural language processing(NLP)-bridged vulnerability detection method linking target bi-nary code is constructed to source code vulnerability datasets.Experimental results demonstrate the improvement of 14.8%in the baseline model's area under the receiver operating characteristic curve(AUC)for binary code similarity analysis.Zero-shot evaluation shows 7.1 percentage point accuracy en-hancement,while cross-modal vulnerability retrieval achieves mean reciprocal rank(MRR)of 0.76 and recall@1 of 0.73.The framework is verified to significantly improve cross-architecture code representa-tion quality and vulnerability detection capability,exhibiting particular effectiveness in data-scarce and zero-shot scenarios.关键词
二进制分析/残差对齐/跨模态学习/漏洞检测/大语言模型Key words
binary analysis/residual alignment/cross-modal learning/vulnerability detection/large language models分类
信息技术与安全科学引用本文复制引用
杜江,魏强,王奕森,白星雨..DeepClap:一种基于残差对齐网络的漏洞跨模态搜索方法[J].信息工程大学学报,2025,26(4):478-484,7.基金项目
国家重点研发计划(2020YFB2010900) (2020YFB2010900)
中原英才计划(224200510002) (224200510002)
