Structural Comparison of Executable Objects
作者: Halvar Flake
DOI: 10.17877/DE290R-2007
关键词: Isomorphism 、 Reverse engineering 、 Parsing 、 Construct (python library) 、 Executable 、 Vulnerability assessment 、 Programming language 、 Computer science 、 Component (UML) 、 Vulnerability 、 Theoretical computer science
摘要: A method to heuristically construct an isomorphism between the sets of functions in two similar but differing versions same executable file is presented. Such has multiple practical applications, specifically ability detect programmatic changes versions. Moreover, information (function names) which available for one can also be made other . framework implementing described methods presented, along with empirical data about its performance when used analyze patches recent security vulnerabilities. As a more example, update fixes critical vulnerability H.323 parsing component analyzed, relevant extracted and implications fix discussed.
tu-dortmund.de 
sci-hub.st 参考文章(4)
Scott McFarling, Ken Pierce, Zheng Wang, BMAT -- A Binary Matching Tool for Stale Profile Propagation Journal of Instruction-level Parallelism. ,vol. 2, ,(2000)
Udi Manber, Brenda S. Baker, Deducing similarities in Java sources from bytecodes usenix annual technical conference. pp. 15- 15 ,(1998)
James W. Hunt, Thomas G. Szymanski, A fast algorithm for computing longest common subsequences Communications of the ACM. ,vol. 20, pp. 350- 353 ,(1977) , 10.1145/359581.359603
Daniel S. Hirschberg, Algorithms for the Longest Common Subsequence Problem Journal of the ACM. ,vol. 24, pp. 664- 675 ,(1977) , 10.1145/322033.322044