Daily Papers

We present the new public version of the KETJU supermassive black hole (SMBH) dynamics module, as implemented into GADGET-4. KETJU adds a small region around each SMBH where the dynamics of the SMBHs and stellar particles are integrated using an algorithmically regularised integrator instead of the leapfrog integrator with gravitational softening used by GADGET-4. This enables modelling SMBHs as point particles even during close interactions with stellar particles or other SMBHs, effectively removing the spatial resolution limitation caused by gravitational softening. KETJU also includes post-Newtonian corrections, which allows following the dynamics of SMBH binaries to sub-parsec scales and down to tens of Schwarzschild radii. Systems with multiple SMBHs are also supported, with the code also including the leading non-linear cross terms that appear in the post-Newtonian equations for such systems. We present tests of the code showing that it correctly captures, at sufficient mass resolution, the sinking driven by dynamical friction and binary hardening driven by stellar scattering. We also present an example application demonstrating how the code can be applied to study the dynamics of SMBHs in mergers of multiple galaxies and the effect they have on the properties of the surrounding galaxy. We expect that the presented KETJU SMBH dynamics module can also be straightforwardly incorporated into other codes similar to GADGET-4, which would allow coupling small-scale SMBH dynamics to the rich variety of galactic physics models that exist in the literature.

Large language models (large LMs) are increasingly trained on massive codebases and used to generate code. However, LMs lack awareness of security and are found to frequently produce unsafe code. This work studies the security of LMs along two important axes: (i) security hardening, which aims to enhance LMs' reliability in generating secure code, and (ii) adversarial testing, which seeks to evaluate LMs' security at an adversarial standpoint. We address both of these by formulating a new security task called controlled code generation. The task is parametric and takes as input a binary property to guide the LM to generate secure or unsafe code, while preserving the LM's capability of generating functionally correct code. We propose a novel learning-based approach called SVEN to solve this task. SVEN leverages property-specific continuous vectors to guide program generation towards the given property, without modifying the LM's weights. Our training procedure optimizes these continuous vectors by enforcing specialized loss terms on different regions of code, using a high-quality dataset carefully curated by us. Our extensive evaluation shows that SVEN is highly effective in achieving strong security control. For instance, a state-of-the-art CodeGen LM with 2.7B parameters generates secure code for 59.1% of the time. When we employ SVEN to perform security hardening (or adversarial testing) on this LM, the ratio is significantly boosted to 92.3% (or degraded to 36.8%). Importantly, SVEN closely matches the original LMs in functional correctness.

Decompilation aims to recover the source code form of a binary executable. It has many security applications such as malware analysis, vulnerability detection and code hardening. A prominent challenge in decompilation is to recover variable names. We propose a novel technique that leverages the strengths of generative models while mitigating model biases and potential hallucinations. We build a prototype, GenNm, from pre-trained generative models CodeGemma-2B and CodeLlama-7B. We finetune GenNm on decompiled functions, and mitigate model biases by incorporating symbol preference to the training pipeline. GenNm includes names from callers and callees while querying a function, providing rich contextual information within the model's input token limitation. It further leverages program analysis to validate the consistency of names produced by the generative model. Our results show that GenNm improves the state-of-the-art name recovery accuracy by 8.6 and 11.4 percentage points on two commonly used datasets, and improves the state-of-the-art from 8.5% to 22.8% in the most challenging setup where ground-truth variable names are not seen in the training dataset.