Advanced Semantics Based Binary Code Similarity Comparison Methods

主讲:Dinghao Wu, Pennsylvania State University

Binary code comparison has many applications in, for example, malware analysis and software engineering. In this talk, I will present two semantics based methods. The first one is called Longest Common Subsequences (LCS) of Semantically Equivalent Basic Blocks [FSE'14]. Given two traces, obtained from two programs executed with the same input, we construct two sequences of basic blocks being executed. We then compute LCS with the blocks as sequence elements, using a semantically equivalent basic block checking algorithm. Our experiments show that the method is effective, but due to the nature of LCS, it does not handle well on block reordering and block splitting and merging.



var _hmt = _hmt || []; (function() { var hm = document.createElement("script"); hm.src = "//"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })();