Graph-based comparison of Executable Objects ( English Version )

@inproceedings{Dullien2005GraphbasedCO,
  title={Graph-based comparison of Executable Objects ( English Version )},
  author={Thomas Dullien and Rolf Rolles},
  year={2005}
}
Résumé A method to construct an optimal isomorphism between the sets of instructions, sets of basic blocks and sets of functions in two differing but similar executables is presented. This isomorphism can be used for porting recovered information between different disassemblies, recover changes made by security updates and detect code theft. The most interesting applications in the realm of security are in malware analysis where the analysis of a family of trojans or viruses can be reduced to… CONTINUE READING

Similar Papers

Citations

Publications citing this paper.
SHOWING 1-10 OF 44 CITATIONS

THE SCALABLE AND ACCOUNTABLE BINARY CODE SEARCH AND ITS APPLICATIONS

VIEW 5 EXCERPTS
CITES METHODS, RESULTS & BACKGROUND
HIGHLY INFLUENCED

Xmark: Dynamic Software Watermarking Using Collatz Conjecture

  • IEEE Transactions on Information Forensics and Security
  • 2019
VIEW 1 EXCERPT
CITES METHODS

VMPBL: Identifying Vulnerable Functions Based on Machine Learning Combining Patched Information and Binary Comparison Technique by LCS

  • 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)
  • 2018
VIEW 1 EXCERPT
CITES METHODS