Login | Register

On Matching Binary to Source Code

Title:

On Matching Binary to Source Code

Shahkar, Arash (2016) On Matching Binary to Source Code. Masters thesis, Concordia University.

[img]
Preview
Text (application/pdf)
Shahkar_MASc_S2016.pdf - Accepted Version
Available under License Spectrum Terms of Access.
3MB

Abstract

Reverse engineering of executable binary programs has diverse applications in computer security and forensics, and often involves identifying parts of code that are reused from third party software projects. Identification of code clones by comparing and fingerprinting low-level binaries has been explored in various pieces of work as an effective approach for accelerating the reverse engineering process.
Binary clone detection across different environments and computing platforms bears significant challenges, and reasoning about sequences of low-level machine in- structions is a tedious and time consuming process. Because of these reasons, the ability of matching reused functions to their source code is highly advantageous, de- spite being rarely explored to date.
In this thesis, we systematically assess the feasibility of automatic binary to source matching to aid the reverse engineering process. We highlight the challenges, elab- orate on the shortcomings of existing proposals, and design a new approach that is targeted at addressing the challenges while delivering more extensive and detailed results in a fully automated fashion. By evaluating our approach, we show that it is generally capable of uniquely matching over 50% of reused functions in a binary to their source code in a source database with over 500,000 functions, while narrowing down over 75% of reused functions to at most five candidates in most cases. Finally, we investigate and discuss the limitations and provide directions for future work.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Concordia Institute for Information Systems Engineering
Item Type:Thesis (Masters)
Authors:Shahkar, Arash
Institution:Concordia University
Degree Name:M.A. Sc.
Program:Information Systems Security
Date:1 March 2016
Thesis Supervisor(s):Mannan, Mohammad
Keywords:Reverse engineering, binary, source, code, matching, clone
ID Code:980919
Deposited By: ARASH SHAHKAR
Deposited On:15 Jun 2016 16:32
Last Modified:18 Jan 2018 17:52
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top