Binary Similarity Analysis for Vulnerability Detection

Zeming Tai; Hironori Washizaki; Yoshiaki Fukazawa; Yurie Fujimatsu; Jun Kanai

doi:10.1109/COMPSAC48688.2020.0-110

Binary Similarity Analysis for Vulnerability Detection

Zeming Tai, Hironori Washizaki, Yoshiaki Fukazawa, Yurie Fujimatsu, Jun Kanai

School of Fundamental Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Citation (Scopus)

Abstract

Binary similarity has been widely used in function recognition and vulnerability detection. How to define a proper similarity is the key element in implementing a fast detection method. We proposed a scalable method to detect binary vulnerabilities based on similarity. Procedures lifted from binaries are divided into several comparable strands by data dependency, and those strands are transformed into a normalized form by our tool named VulneraBin, so that similarity can be determined between two procedures through a hash value comparison. The low computational complexity allows semantically equivalent code to be identified in binaries compiled from million lines of source code in a fast and accurate way.

Original language	English
Title of host publication	Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020
Editors	W. K. Chan, Bill Claycomb, Hiroki Takakura, Ji-Jiang Yang, Yuuichi Teranishi, Dave Towey, Sergio Segura, Hossain Shahriar, Sorel Reisman, Sheikh Iqbal Ahamed
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	1121-1122
Number of pages	2
ISBN (Electronic)	9781728173030
DOIs	https://doi.org/10.1109/COMPSAC48688.2020.0-110
Publication status	Published - 2020 Jul
Event	44th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2020 - Virtual, Madrid, Spain Duration: 2020 Jul 13 → 2020 Jul 17

Publication series

Name	Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020

Conference

Conference	44th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2020
Country/Territory	Spain
City	Virtual, Madrid
Period	20/7/13 → 20/7/17

Keywords

binary analysis
binary code search
binary similarity
static analysis

ASJC Scopus subject areas

Artificial Intelligence
Computer Networks and Communications
Computer Science Applications
Hardware and Architecture
Software
Education

Access to Document

10.1109/COMPSAC48688.2020.0-110

Cite this

Tai, Z., Washizaki, H., Fukazawa, Y., Fujimatsu, Y., & Kanai, J. (2020). Binary Similarity Analysis for Vulnerability Detection. In W. K. Chan, B. Claycomb, H. Takakura, J-J. Yang, Y. Teranishi, D. Towey, S. Segura, H. Shahriar, S. Reisman, & S. I. Ahamed (Eds.), Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020 (pp. 1121-1122). [9201918] (Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/COMPSAC48688.2020.0-110

Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020. ed. / W. K. Chan; Bill Claycomb; Hiroki Takakura; Ji-Jiang Yang; Yuuichi Teranishi; Dave Towey; Sergio Segura; Hossain Shahriar; Sorel Reisman; Sheikh Iqbal Ahamed. Institute of Electrical and Electronics Engineers Inc., 2020. p. 1121-1122 9201918 (Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Tai, Z, Washizaki, H , Fukazawa, Y, Fujimatsu, Y & Kanai, J 2020, Binary Similarity Analysis for Vulnerability Detection. in WK Chan, B Claycomb, H Takakura, J-J Yang, Y Teranishi, D Towey, S Segura, H Shahriar, S Reisman & SI Ahamed (eds), Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020., 9201918, Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020, Institute of Electrical and Electronics Engineers Inc., pp. 1121-1122, 44th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2020, Virtual, Madrid, Spain, 20/7/13. https://doi.org/10.1109/COMPSAC48688.2020.0-110

Tai Z, Washizaki H , Fukazawa Y, Fujimatsu Y, Kanai J. Binary Similarity Analysis for Vulnerability Detection. In Chan WK, Claycomb B, Takakura H, Yang J-J, Teranishi Y, Towey D, Segura S, Shahriar H, Reisman S, Ahamed SI, editors, Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020. Institute of Electrical and Electronics Engineers Inc. 2020. p. 1121-1122. 9201918. (Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020). doi: 10.1109/COMPSAC48688.2020.0-110

Tai, Zeming ; Washizaki, Hironori ; Fukazawa, Yoshiaki et al. / Binary Similarity Analysis for Vulnerability Detection. Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020. editor / W. K. Chan ; Bill Claycomb ; Hiroki Takakura ; Ji-Jiang Yang ; Yuuichi Teranishi ; Dave Towey ; Sergio Segura ; Hossain Shahriar ; Sorel Reisman ; Sheikh Iqbal Ahamed. Institute of Electrical and Electronics Engineers Inc., 2020. pp. 1121-1122 (Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020).

@inproceedings{00a43326df6a49cf9b3612f497c77515,

title = "Binary Similarity Analysis for Vulnerability Detection",

abstract = "Binary similarity has been widely used in function recognition and vulnerability detection. How to define a proper similarity is the key element in implementing a fast detection method. We proposed a scalable method to detect binary vulnerabilities based on similarity. Procedures lifted from binaries are divided into several comparable strands by data dependency, and those strands are transformed into a normalized form by our tool named VulneraBin, so that similarity can be determined between two procedures through a hash value comparison. The low computational complexity allows semantically equivalent code to be identified in binaries compiled from million lines of source code in a fast and accurate way.",

keywords = "binary analysis, binary code search, binary similarity, static analysis",

author = "Zeming Tai and Hironori Washizaki and Yoshiaki Fukazawa and Yurie Fujimatsu and Jun Kanai",

note = "Publisher Copyright: {\textcopyright} 2020 IEEE.; 44th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2020 ; Conference date: 13-07-2020 Through 17-07-2020",

year = "2020",

month = jul,

doi = "10.1109/COMPSAC48688.2020.0-110",

language = "English",

series = "Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "1121--1122",

editor = "Chan, {W. K.} and Bill Claycomb and Hiroki Takakura and Ji-Jiang Yang and Yuuichi Teranishi and Dave Towey and Sergio Segura and Hossain Shahriar and Sorel Reisman and Ahamed, {Sheikh Iqbal}",

booktitle = "Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020",

}

TY - GEN

T1 - Binary Similarity Analysis for Vulnerability Detection

AU - Tai, Zeming

AU - Washizaki, Hironori

AU - Fukazawa, Yoshiaki

AU - Fujimatsu, Yurie

AU - Kanai, Jun

PY - 2020/7

Y1 - 2020/7

N2 - Binary similarity has been widely used in function recognition and vulnerability detection. How to define a proper similarity is the key element in implementing a fast detection method. We proposed a scalable method to detect binary vulnerabilities based on similarity. Procedures lifted from binaries are divided into several comparable strands by data dependency, and those strands are transformed into a normalized form by our tool named VulneraBin, so that similarity can be determined between two procedures through a hash value comparison. The low computational complexity allows semantically equivalent code to be identified in binaries compiled from million lines of source code in a fast and accurate way.

AB - Binary similarity has been widely used in function recognition and vulnerability detection. How to define a proper similarity is the key element in implementing a fast detection method. We proposed a scalable method to detect binary vulnerabilities based on similarity. Procedures lifted from binaries are divided into several comparable strands by data dependency, and those strands are transformed into a normalized form by our tool named VulneraBin, so that similarity can be determined between two procedures through a hash value comparison. The low computational complexity allows semantically equivalent code to be identified in binaries compiled from million lines of source code in a fast and accurate way.

KW - binary analysis

KW - binary code search

KW - binary similarity

KW - static analysis

UR - http://www.scopus.com/inward/record.url?scp=85094102116&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85094102116&partnerID=8YFLogxK

U2 - 10.1109/COMPSAC48688.2020.0-110

DO - 10.1109/COMPSAC48688.2020.0-110

M3 - Conference contribution

AN - SCOPUS:85094102116

T3 - Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020

SP - 1121

EP - 1122

BT - Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020

A2 - Chan, W. K.

A2 - Claycomb, Bill

A2 - Takakura, Hiroki

A2 - Yang, Ji-Jiang

A2 - Teranishi, Yuuichi

A2 - Towey, Dave

A2 - Segura, Sergio

A2 - Shahriar, Hossain

A2 - Reisman, Sorel

A2 - Ahamed, Sheikh Iqbal

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 44th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2020

Y2 - 13 July 2020 through 17 July 2020

ER -

Binary Similarity Analysis for Vulnerability Detection

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this