• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>IEEE International Conference on Software Maintenance and Evolution >BinMatch: A Semantics-Based Hybrid Approach on Binary Code Clone Analysis
【24h】

BinMatch: A Semantics-Based Hybrid Approach on Binary Code Clone Analysis

机译:BinMatch:二进制代码克隆分析上的基于语义的混合方法

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Binary code clone analysis is an important technique which has a wide range of applications in software engineering (e.g., plagiarism detection, bug detection). The main challenge of the topic lies in the semantics-equivalent code transformation (e.g., optimization, obfuscation) which would alter representations of binary code tremendously. Another challenge is the trade-off between detection accuracy and coverage. Unfortunately, existing techniques still rely on semantics-less code features which are susceptible to the code transformation. Besides, they adopt merely either a static or a dynamic approach to detect binary code clones, which cannot achieve high accuracy and coverage simultaneously. In this paper, we propose a semantics-based hybrid approach to detect binary clone functions. We execute a template binary function with its test cases, and emulate the execution of every target function for clone comparison with the runtime information migrated from that template function. The semantic signatures are extracted during the execution of the template function and emulation of the target function. Lastly, a similarity score is calculated from their signatures to measure their likeness. We implement the approach in a prototype system designated as BinMatch which analyzes IA-32 binary code on the Linux platform. We evaluate BinMatch with eight real-world projects compiled with different compilation configurations and commonly-used obfuscation methods, totally performing over 100 million pairs of function comparison. The experimental results show that BinMatch is robust to the semantics-equivalent code transformation. Besides, it not only covers all target functions for clone analysis, but also improves the detection accuracy comparing to the state-of-the-art solutions.
机译:二进制代码克隆分析是一种重要的技术,在软件工程中具有广泛的应用(例如,抄袭检测,错误检测)。该主题的主要挑战在于语义 - 等效的代码转换(例如,优化,混淆),这会产生大量二进制代码的表示。另一个挑战是检测准确性和覆盖范围之间的权衡。不幸的是,现有技术仍然依赖于易受代码转换的语义代码特征。此外,它们仅采用静态或动态方法来检测二进制码克隆,这不能同时实现高精度和覆盖。在本文中,我们提出了一种基于语义的混合方法来检测二进制克隆函数。我们以测试用例执行模板二进制函数,并模拟与从该模板函数迁移的运行时信息执行克隆比较的每个目标函数的执行。在执行模板函数和目标函数的仿真期间提取语义签名。最后,从他们的签名计算相似性得分以衡量其相似性。我们在指定为BinMatch的原型系统中实现了方法,该方法在Linux平台上分析了IA-32二进制代码。我们评估宾匹配与八个现实世界项目编制的八个具有不同编译配置和常用的混淆方法,完全执行超过1亿对功能比较。实验结果表明,BinMatch对语义相当的代码转换是强大的。此外,它不仅涵盖了克隆分析的所有目标功能,而且还提高了与最先进的解决方案相比的检测精度。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号