AI-powered tool for cybersecurity earns ACM CCS Distinguished Paper Award - Department of Computer Science - Purdue University Skip to main content
Department of Computer Science

AI-powered tool for cybersecurity earns ACM CCS Distinguished Paper Award

03-13-2025

Design of binary being encoded. Graphic credit: Adobe AI.

Design of binary being encoded. Graphic credit: Adobe AI.

 

Cybercriminals hide their tracks by stripping software of meaningful labels, leaving behind a maze of cryptic code—but a new AI-powered tool from Purdue is cutting through the confusion to expose hidden threats. The research introducing ReSym has been recognized with the Association for Computing Machinery (ACM) Conference on Computer and Communications Security (CCS) Distinguished Paper Award, underscoring its significant impact on cybersecurity and reverse engineering. 

A team of researchers from Purdue University’s Department of Computer Science has developed ReSym, an advanced AI-driven tool that significantly enhances the process of reverse-engineering stripped binary code. This breakthrough has major implications for cybersecurity, particularly in malware detection, vulnerability analysis, and software maintenance.  

The study was conducted by researchers from Purdue CS, including PhD student Danning Xie, postdoctoral researcher Zhuo Zhang, PhD students Nan Jiang and Xiangzhe Xu, the Mary J. Elmore New Frontiers Professor, Lin Tan, and the Samuel Conte Professor of Computer Science, Xiangyu Zhang. 

Understanding the significance of ReSym requires recognizing the challenge security experts face when analyzing stripped binary code. When software is compiled, human-readable elements such as variable names, function identifiers, and data structures are removed, leaving only raw instructions.  

This is like examining a flowchart that outlines how a business operates, but instead of clear labels such as “HR department,” “finance” or “customer support,” everything is replaced with vague terms such as “Group A,” “Process B” and “Task X.” Some connections remain visible, but the purpose of each component is difficult to decipher. This lack of information makes it challenging for analysts to determine a program's function, detect vulnerabilities or assess whether it contains malware. 

ReSym acts as an intelligent decoder, analyzing stripped binary code and reconstructing missing information using Large Language Models. By identifying patterns in the structure of the software, it can infer the likely names and relationships of variables and functions, making it easier for security analysts to understand what the software does.  

Tan explained the significance of the research, saying, “ReSym provides an automated approach to reverse-engineering stripped binary code, which is essential for malware analysis, vulnerability detection, and securing critical infrastructure. Without this tool, security professionals must rely on manual analysis and less accurate tools, which is slow, error-prone, and often infeasible at scale.”  

This study builds on expertise from multiple areas of software engineering and cybersecurity. Lin Tan’s research focuses on software-AI synergy, software security and reliability, LLM4Code, defect detection and repair, and software text analytics. Xiangyu Zhang specializes in AI security, software analysis, and cyber forensics. By combining advancements in software engineering with AI-driven security research, ReSym introduces a new level of automation and accuracy to binary analysis.  

ReSym is expected to have a significant impact across industries that rely on software security and maintenance. In cybersecurity, it will enhance malware detection and vulnerability analysis by making it easier to understand stripped binaries. In software maintenance, it will assist engineers in analyzing legacy code when the original source code is unavailable. The tool will also be useful in intellectual property protection by helping organizations prevent unauthorized modifications to software. Industries such as defense and healthcare, which rely on highly secure and well-maintained software systems, stand to benefit from improved binary analysis techniques. 

With cybercrime costs projected to reach $10.5 trillion annually by 2025, tools like ReSym are becoming increasingly valuable for improving software security and threat detection. As threats become more sophisticated, automating the analysis of stripped binaries will be crucial for keeping critical infrastructure and software systems secure. 

This research was supported by multiple funding sources, including National Science Foundation grants, an Intelligence Advanced Research Projects Activity TrojAI grant, and Office of Naval Research grants. Additional support was provided by the Center for AI Safety and a CFI fund for computational resources. 

The Purdue team’s development of ReSym represents a major advancement in binary analysis and cybersecurity. By leveraging AI and Large Language Models, the tool streamlines the reverse-engineering process, making it faster and more efficient to analyze stripped binaries.  

The recognition of this work with the ACM CCS Distinguished Paper Award highlights its importance in the field and its potential to shape the future of cybersecurity. As cyber threats continue to evolve, innovations like ReSym will play a crucial role in securing software systems and protecting digital infrastructure worldwide. 


About ACM CCS

The ACM Conference on Computer and Communications Security (CCS) is the flagship annual conference of the Special Interest Group on Security, Audit and Control (SIGSAC) of the Association for Computing Machinery (ACM). The conference brings together information security researchers, practitioners, developers, and users from all over the world to explore cutting-edge ideas and results.


About the Department of Computer Science at Purdue University  

Founded in 1962, the Department of Computer Science was created to be an innovative base of knowledge in the emerging field of computing as the first degree-awarding program in the United States. The department continues to advance the computer science industry through research. US News & World Report ranks the department No. 8 in computer engineering and No. 18 and 19 overall in undergraduate and graduate computer science. Additionally, the program is ranked No. 6 in cybersecurity, No. 8 in software engineering, No. 13 in systems, No. 15 in programming languages and data analytics, and No. 18 in theory. Graduates of the program are able to solve complex and challenging problems in many fields. Our consistent success in an ever-changing landscape is reflected in the record undergraduate enrollment, increased faculty hiring, innovative research projects, and the creation of new academic programs. The increasing centrality of computer science in society, academic disciplines and new research activities—centered around foundations and applications of artificial intelligence and machine learning, such as natural language processing, human computer interaction, vision, and robotics, as well as systems and security—are the future focus of the department. Learn more at cs.purdue.edu.

Last Updated: Mar 13, 2025 2:06 PM

Department of Computer Science, 305 N. University Street, West Lafayette, IN 47907

Purdue University Indianapolis, 723 W. Michigan St., Indianapolis, IN 46202

Phone: (765) 494-6010 • Fax: (765) 494-0739

Copyright © 2024 Purdue University | An equal access/equal opportunity university | Copyright Complaints | DOE Degree Scorecards

Trouble with this page? Accessibility issues? Please contact the College of Science.