LLM4Decompile: Revolutionizing Decompilation for Software Analysis and Security Enhancement

  • Decompilation is crucial for software reverse engineering, aiding in the analysis of binary executables without access to source code.
  • LLM4Decompile, introduced by researchers, utilizes Large Language Models to reconstruct accurate source code from binaries, prioritizing code executability.
  • The approach involves extensive pre-training on a dataset of 4 billion tokens, encompassing C and assembly code pairs, resulting in improved decompilation accuracy.
  • Evaluation through the Decompile-Eval benchmark shows LLM4Decompile achieving significant milestones, with a 90% re-compilability rate and a 21% re-executability rate for its 6B model.

Main AI News:

The process of decompilation holds a pivotal role in the realm of software reverse engineering, facilitating the analysis and comprehension of binary executables in instances where access to their original source code is unattainable. This aspect proves particularly invaluable for endeavors such as software security analysis, bug detection, and the restoration of legacy code. Yet, conventional decompilation methodologies often encounter hurdles in yielding human-readable and semantically precise source code, presenting a substantial obstacle.

Traditionally, research in decompilation has relied on an array of tools and techniques aimed at translating binary code back into its corresponding source code. However, the efficacy of these tools, including renowned ones such as Ghidra and IDA Pro, varies across different scenarios, often necessitating refinements to render the code comprehensible to humans. Complicating matters further is the inherent challenge of accurately reconstructing intricate details of the source code, such as variable names and the original structural elements like loops and conditional statements, which are typically lost during the compilation phase.

In a groundbreaking initiative, researchers from the Southern University of Science and Technology and the Hong Kong Polytechnic University have introduced LLM4Decompile, which is distinguished by its innovative approach. Leveraging Large Language Models (LLMs) pretrained on extensive repositories of C source code and corresponding assembly code, LLM4Decompile aims to harness their predictive prowess to reconstruct precise and syntactically sound source code from binary executables. Unlike its predecessors, LLM4Decompile places a paramount emphasis on code executability, a fundamental aspect of functional programming.

The research team curated a colossal dataset comprising 4 billion tokens, encompassing a diverse array of C and assembly code pairs, to train models ranging from 1B to 33B parameters in size. This extensive pre-training endeavors to imbue the models with a profound comprehension of code structure and semantics. In contrast to earlier tools that often produced either non-functional code or code challenging for humans to decipher, LLM4Decompile endeavors to generate code that mirrors the original source in terms of syntax while preserving its executable essence.

The evaluation of LLM4Decompile’s efficacy is conducted with meticulous precision, employing the newly introduced Decompile-Eval benchmark. This benchmark scrutinizes decompiled code on two pivotal fronts: re-compilability and re-executability. These metrics serve as testimony to the model’s grasp of code semantics and its capacity to generate syntactically accurate code. Impressively, LLM4Decompile attains a significant milestone, showcasing the ability to decompile binary code with an astounding 90% re-compilability rate and a remarkable 21% re-executability rate for its 6B model. These findings signify a substantial enhancement in decompilation performance compared to its predecessor, GPT-4, underscoring the strides made in decompilation accuracy and practicality.

Conclusion:

The introduction of LLM4Decompile marks a significant advancement in the field of software decompilation. Its emphasis on code executability and the impressive results obtained through meticulous evaluation signify a substantial leap forward. This innovation holds promise for enhancing software analysis, security, and the restoration of legacy code, potentially reshaping the landscape of the software engineering market by providing more efficient and reliable tools for reverse engineering tasks.

Source