Estimation of similarity between functions extracted from x86 executable files

Estimation of similarity between functions extracted from x86 executable files

Comparison of functions is required in various domains of software engineering. In most domains, comparison is done using source code, but in some domains, such as license violation or malware analysis, only binary code is available. The goal of this paper is to evaluate whether the existing solutio...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Serbian journal of electrical engineering 2015, Vol.12 (2), p.253-262
Hauptverfasser: Berta, Katarina, Stojanovic, Sasa, Cvetanovic, Milos, Radivojevic, Zaharije
Format: Artikel
Sprache:eng
Schlagworte:
binary code
code analysis
similarity assessment
software clones
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Comparison of functions is required in various domains of software engineering. In most domains, comparison is done using source code, but in some domains, such as license violation or malware analysis, only binary code is available. The goal of this paper is to evaluate whether the existing solution meant for ARM architecture can be applied to x86 architecture. The existing solution encompasses multiple approaches, but for the purpose of this paper three representative approaches are implemented; two are based on machine learning, and the third does not require previous knowledge. Results show that the best recalls obtained for the first ten positions on both architectures are comparable and do not differ significantly. The results confirm that adaptation of all approaches of the existing solution is not only possible but also promising and represent adequate basis for future research.
ISSN:1451-4869
2217-7183
DOI:10.2298/SJEE1502253B