A Survey of Binary Code Fingerprinting Approaches: Taxonomy, Methodologies, and Features

Saed Alrabaee, Mourad Debbabi, Lingyu Wang

Research output: Contribution to journalArticlepeer-review

17 Citations (Scopus)

Abstract

Binary code fingerprinting is crucial in many security applications. Examples include malware detection, software infringement, vulnerability analysis, and digital forensics. It is also useful for security researchers and reverse engineers since it enables high fidelity reasoning about the binary code such as revealing the functionality, authorship, libraries used, and vulnerabilities. Numerous studies have investigated binary code with the goal of extracting fingerprints that can illuminate the semantics of a target application. However, extracting fingerprints is a challenging task since a substantial amount of significant information will be lost during compilation, notably, variable and function naming, the original data and control flow structures, comments, semantic information, and the code layout. This article provides the first systematic review of existing binary code fingerprinting approaches and the contexts in which they are used. In addition, it discusses the applications that rely on binary code fingerprints, the information that can be captured during the fingerprinting process, and the approaches used and their implementations. It also addresses limitations and open questions related to the fingerprinting process and proposes future directions.

Original languageEnglish
Article number19
JournalACM Computing Surveys
Volume55
Issue number1
DOIs
Publication statusPublished - Jan 17 2022

Keywords

  • Binary code analysis
  • reverse engineering
  • software security

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'A Survey of Binary Code Fingerprinting Approaches: Taxonomy, Methodologies, and Features'. Together they form a unique fingerprint.

Cite this