Login | Register

Binary Code Fingerprinting with Application to Automated Vulnerability Detection

Title:

Binary Code Fingerprinting with Application to Automated Vulnerability Detection

Shirani, Paria ORCID: https://orcid.org/0000-0001-5592-1518 (2020) Binary Code Fingerprinting with Application to Automated Vulnerability Detection. PhD thesis, Concordia University.

[thumbnail of Shirani_PhD_S2022.pdf]
Preview
Text (application/pdf)
Shirani_PhD_S2022.pdf - Accepted Version
Available under License Spectrum Terms of Access.
10MB

Abstract

With the growing popularity of emerging technologies, the prevalence of digital systems is more than ever. Security, however, has still lagged behind, as evidenced by the increasing rate of recent attacks. Oftentimes, cyber-attacks are initiated by running a malicious code or by exploiting vulnerabilities in the underlying software. To mitigate such alarming threats, analyzing software binary code (a.k.a. binary analysis) has been known as a promising
solution. This thesis answers the following research question: how to automatically fingerprint a cross-architecture code with optimization and obfuscation by attributing compiler provenance, identifying library functions, and detecting vulnerable functions? Specifically, it first analyzes the syntax, structure, and semantic of functions to extract compiler provenance in cross-complied binaries. Second, it introduces a single robust function signature
based on heterogeneous features to solve library function identification problem. Third, it overcomes vulnerable function detection problem through a multi-stage fuzzy matching approach on firmware images. Finally, it addresses vulnerability detection problem in cross-architecture obfuscated binaries and firmware images through a neural machine translation-based approach. This thesis advances the state-of-the-art by improving the accuracy, scalability, and efficiency of binary code analysis. All of the proposed approaches are implemented as a prototype system and their performance are evaluated with real data.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Concordia Institute for Information Systems Engineering
Item Type:Thesis (PhD)
Authors:Shirani, Paria
Institution:Concordia University
Degree Name:Ph. D.
Program:Information and Systems Engineering
Date:21 December 2020
Thesis Supervisor(s):Debbabi, Mourad and Wang, Lingyu
ID Code:987973
Deposited By: PARIA SHIRANI
Deposited On:29 Jun 2021 23:18
Last Modified:07 Feb 2023 01:00
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top