TY - CHAP
T1 - Binary Analysis Overview
AU - Alrabaee, Saed
AU - Debbabi, Mourad
AU - Shirani, Paria
AU - Wang, Lingyu
AU - Youssef, Amr
AU - Rahimian, Ashkan
AU - Nouh, Lina
AU - Mouheb, Djedjiga
AU - Huang, He
AU - Hanna, Aiman
N1 - Publisher Copyright:
© 2020, Springer Nature Switzerland AG.
PY - 2020
Y1 - 2020
N2 - When the source code is unavailable, it is important for security applications, such as malware detection, software license infringement, vulnerability analysis, and digital forensics to be able to efficiently extract meaningful fingerprints from the binary code. Such fingerprints will enhance the effectiveness and efficiency of reverse engineering tasks as they can provide a range of insights into the program binaries. However, a great deal of important information will likely be lost during the compilation process, including variable and function names, the original control and data flow structures, comments, and layout. In this chapter, we provide a comprehensive review of existing binary code fingerprinting frameworks. As such, we systematize the study of binary code fingerprints based on the most important dimensions: the applications that motivate it, the approaches used and their implementations, the specific aspects of the fingerprinting framework, and how the results are evaluated.
AB - When the source code is unavailable, it is important for security applications, such as malware detection, software license infringement, vulnerability analysis, and digital forensics to be able to efficiently extract meaningful fingerprints from the binary code. Such fingerprints will enhance the effectiveness and efficiency of reverse engineering tasks as they can provide a range of insights into the program binaries. However, a great deal of important information will likely be lost during the compilation process, including variable and function names, the original control and data flow structures, comments, and layout. In this chapter, we provide a comprehensive review of existing binary code fingerprinting frameworks. As such, we systematize the study of binary code fingerprints based on the most important dimensions: the applications that motivate it, the approaches used and their implementations, the specific aspects of the fingerprinting framework, and how the results are evaluated.
UR - http://www.scopus.com/inward/record.url?scp=85080942658&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85080942658&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-34238-8_2
DO - 10.1007/978-3-030-34238-8_2
M3 - Chapter
AN - SCOPUS:85080942658
T3 - Advances in Information Security
SP - 7
EP - 44
BT - Advances in Information Security
PB - Springer
ER -