Please use this identifier to cite or link to this item:
Title: Accurate and scalable cross-architecture cross-OS binary code search with emulation
Authors: Xue, Yinxing
Xu, Zhengzi
Chandramohan, Mahinthan
Liu, Yang
Keywords: Engineering::Computer science and engineering
Issue Date: 2019
Source: Xue, Y., Xu, Z., Chandramohan, M., & Liu, Y. (2018). Accurate and scalable cross-architecture cross-OS binary code search with emulation. IEEE Transactions on Software Engineering, 45(11), 1125 - 1149. doi:10.1109/TSE.2018.2827379
Journal: IEEE Transactions on Software Engineering
Abstract: Different from source code clone detection, clone detection (similar code search) in binary executables faces big challenges due to the gigantic differences in the syntax and the structure of binary code that result from different configurations of compilers, architectures and OSs. Existing studies have proposed different categories of features for detecting binary code clones, including CFG structures, n-gram in CFG, input/output values, etc. In our previous study and the tool BinGo, to mitigate the huge gaps in CFG structures due to different compilation scenarios, we propose a selective inlining technique to capture the complete function semantics by inlining relevant library and user-defined functions. However, only features of input/output values are considered in BinGo. In this study, we propose to incorporate features from different categories (e.g., structural features and high-level semantic features) for accuracy improvement and emulation for efficiency improvement. We empirically compare our tool, BinGo-E, with the pervious tool BinGo and the available state-of-the-art tools of binary code search in terms of search accuracy and performance. Results show that BinGo-E achieves significantly better accuracies than BinGo for cross-architecture matching, cross-OS matching, cross-compiler matching and intra-compiler matching. Additionally, in the new task of matching binaries of forked projects, BinGo-E also exhibits a better accuracy than the existing benchmark tool. Meanwhile, BinGo-E takes less time than BinGo during the process of matching.
ISSN: 0098-5589
DOI: 10.1109/TSE.2018.2827379
Rights: © 2018 IEEE. All rights reserved.
Fulltext Permission: none
Fulltext Availability: No Fulltext
Appears in Collections:SCSE Journal Articles

Citations 50

Updated on Mar 10, 2021

Page view(s)

Updated on May 28, 2022

Google ScholarTM




Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.