iBinHunt: Binary Hunting with Inter-Procedural Control Flow

iBinHunt: Binary Hunting with Inter-Procedural Control Flow

Techniques have been proposed to find the semantic differences between two binary programs when the source code is not available. Analyzing control flow, and in particular, intra-procedural control flow, has become an attractive technique in the latest binary diffing tools since it is more resistant...

Full description

Saved in:
Bibliographic Details
Main Authors: MING, Jiang, PAN, Meng, GAO, Debin
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2012
Subjects:
binary diffing
semantic difference
taint analysis
Information Security
Software Engineering
Online Access:https://ink.library.smu.edu.sg/sis_research/1700
https://ink.library.smu.edu.sg/context/sis_research/article/2699/viewcontent/icisc12.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-2699
record_format dspace
spelling sg-smu-ink.sis_research-26992016-05-13T07:03:02Z iBinHunt: Binary Hunting with Inter-Procedural Control Flow MING, Jiang PAN, Meng GAO, Debin Techniques have been proposed to find the semantic differences between two binary programs when the source code is not available. Analyzing control flow, and in particular, intra-procedural control flow, has become an attractive technique in the latest binary diffing tools since it is more resistant to syntactic, but non-semantic, differences. However, this makes such techniques vulnerable to simple function obfuscation techniques (e.g., function inlining) attackers any malware writers could use. In this paper, we first show function obfuscation as an attack to such binary diffing techniques, and then propose iBinHunt which uses deep taint and automatic input generation to find semantic differences in inter-procedural control flows. Evaluation on comparing various versions of a http server and gzip shows that iBinHunt not only is capable of comparing inter-procedural control flows of two programs, but offers substantially better accuracy and efficiency in binary diffing. 2012-12-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/1700 info:doi/10.1007/978-3-642-37682-5_8 https://ink.library.smu.edu.sg/context/sis_research/article/2699/viewcontent/icisc12.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University binary diffing semantic difference taint analysis Information Security Software Engineering
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic binary diffing
semantic difference
taint analysis
Information Security
Software Engineering
spellingShingle binary diffing
semantic difference
taint analysis
Information Security
Software Engineering
MING, Jiang
PAN, Meng
GAO, Debin
iBinHunt: Binary Hunting with Inter-Procedural Control Flow
description Techniques have been proposed to find the semantic differences between two binary programs when the source code is not available. Analyzing control flow, and in particular, intra-procedural control flow, has become an attractive technique in the latest binary diffing tools since it is more resistant to syntactic, but non-semantic, differences. However, this makes such techniques vulnerable to simple function obfuscation techniques (e.g., function inlining) attackers any malware writers could use. In this paper, we first show function obfuscation as an attack to such binary diffing techniques, and then propose iBinHunt which uses deep taint and automatic input generation to find semantic differences in inter-procedural control flows. Evaluation on comparing various versions of a http server and gzip shows that iBinHunt not only is capable of comparing inter-procedural control flows of two programs, but offers substantially better accuracy and efficiency in binary diffing.
format text
author MING, Jiang
PAN, Meng
GAO, Debin
author_facet MING, Jiang
PAN, Meng
GAO, Debin
author_sort MING, Jiang
title iBinHunt: Binary Hunting with Inter-Procedural Control Flow
title_short iBinHunt: Binary Hunting with Inter-Procedural Control Flow
title_full iBinHunt: Binary Hunting with Inter-Procedural Control Flow
title_fullStr iBinHunt: Binary Hunting with Inter-Procedural Control Flow
title_full_unstemmed iBinHunt: Binary Hunting with Inter-Procedural Control Flow
title_sort ibinhunt: binary hunting with inter-procedural control flow
publisher Institutional Knowledge at Singapore Management University
publishDate 2012
url https://ink.library.smu.edu.sg/sis_research/1700
https://ink.library.smu.edu.sg/context/sis_research/article/2699/viewcontent/icisc12.pdf
_version_ 1770571456676102144

Similar Items