Information technology facilitates people’s lives greatly,while it also brings many security issues, such as code plagiarism, softwarein-fringement, and malicious code. In order to solve the problems,reverse engineer...Information technology facilitates people’s lives greatly,while it also brings many security issues, such as code plagiarism, softwarein-fringement, and malicious code. In order to solve the problems,reverse engineering is applied to analyze abundant binary code manually,which costs a lot of time. However, due to the maturity of differentobfuscation techniques, the disassembly code generated from the samefunction differs greatly in the opcode and control flow graph throughdifferent obfuscation options. This paper propose a method inspired bynatural language processing, to realize the semantic similarity matchingof binary code in basic block granularity and function granularity. In thesimilarity matching task of binary code obtained by different obfuscationoptions of LLVM, the indicator reaches 99%, which is better than theexisting technologies.展开更多
基金Supported by the Foundation of National Natural Science Foundation of China(No.61802435).
文摘Information technology facilitates people’s lives greatly,while it also brings many security issues, such as code plagiarism, softwarein-fringement, and malicious code. In order to solve the problems,reverse engineering is applied to analyze abundant binary code manually,which costs a lot of time. However, due to the maturity of differentobfuscation techniques, the disassembly code generated from the samefunction differs greatly in the opcode and control flow graph throughdifferent obfuscation options. This paper propose a method inspired bynatural language processing, to realize the semantic similarity matchingof binary code in basic block granularity and function granularity. In thesimilarity matching task of binary code obtained by different obfuscationoptions of LLVM, the indicator reaches 99%, which is better than theexisting technologies.
