40 0

Function matching-based binary-level software similarity calculation

Title
Function matching-based binary-level software similarity calculation
Author
임을규
Keywords
Binary Analysis; Static Analysis; Software Similarity; Call Graph; Function Matching; N-gram; Malware
Issue Date
2013-10
Publisher
2013 ACM New York, NY, USA
Citation
Proceedings of the 2013 Research in Adaptive & Convergent Systems, 2013, P.322-327
Abstract
This paper proposes a method to calculate similarities of software without any source code information. The proposed method can be used for various applications such as detecting the source code theft and copyright infringement, as well as locating updated parts of software including malware. To determine the similarities of software, we used an approach that matches similar functions included in software. Our function-based matching process is composed of two steps. In step 1, the structural information of call graph in binary file is used to match functions, and the matched functions are not processed in step 2 to reduce the number of detailed matching. In step 2, by using instruction mnemonics, N-gram similarity-based matching is performed. Using the structural matching proposed in this paper, about 30% improvement in the matching performance is achieved with the four-tuple matching which also reduces the false positive rate compared to previous studies. Our other experimental results showed that, in comparison to source code-based approaches, our proposed method has only about 3% difference in similarity calculation with real software samples. Therefore, we argue that our proposed method makes a contribution in the field of binary-based software similarity calculation.
URI
http://dl.acm.org/citation.cfm?doid=2513228.2513300http://repository.hanyang.ac.kr/handle/20.500.11754/73196
ISBN
978-145032348-2
DOI
10.1145/2513228.2513300
Appears in Collections:
COLLEGE OF ENGINEERING[S](공과대학) > COMPUTER SCIENCE(컴퓨터소프트웨어학부) > Articles
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML


qrcode

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

BROWSE