Nimbus++: Revisiting Efficient Function Signature Recovery with Depth Data Analysis

Abstract

Function signature recovery is vital for many binary analysis tasks, led by control-flow integrity enhancement. To minimize human effort, existing works attempt to replace rule-based methods with learning-based methods. These works put a lot of work into improving the system’s performance, but this had the unintended consequence of increasing resource usage. However, recovering the function signature is more about providing information for subsequent tasks, e.g. reverse engineering, so both efficiency and performance are significant. To identify the fundamental factors that increase efficiency, we attempt to optimize data-driven systems throughout their lifecycle from a data perspective. To this end, we perform detailed data analysis on a carefully collected dataset. After analysis and exploration, selective input is adopted and a multi-task learning (MTL) structure is introduced for function feature recovery to make full use of mutual information, and the computing resource overhead is optimized based on the observation of information deviation and sub-task relationship. The resource usage of the entire process is significantly reduced by our suggested solution, named Nimbus++ for efficient function signature recovery, without sacrificing performance. Our test findings demonstrate that we even surpass the state-of-the-art method’s prediction accuracy across all function signature recovery tasks by about 1% with just about 12.5% of the processing time.