B2SMatcher: fine-Grained version identification of open-Source software in binary files

Ban, Gu; Xu, Lili; Xiao, Yang; Li, Xinhua; Yuan, Zimu; Huo, Wei

doi:10.1186/s42400-021-00085-7

Cited by 9 publications

(1 citation statement)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To help resolve these code-reuse-related issues, many binary code similarity analysis works are proposed and have been applied in various applications, including code search [29,30,37,63,79,81], OSS reuse detection [19,31,35,36,43,53,68,71,77], vulnerability detection [25,26,38,76] and patch presence test [51,61,74,78,82]. They usually regard the vulnerable functions or reused functions as the query functions and the functions in the commercial software as the target functions and produce the detection results by calculating the similarity between query functions and target functions.…”

Section: Introductionmentioning

confidence: 99%

Cross-Inlining Binary Function Similarity Detection

Jia,

Fan,

et al. 2024

Proceedings of the IEEE/ACM 46th International Conference on Software Engineering

View full text Add to dashboard Cite

Binary function similarity detection plays an important role in a wide range of security applications. Existing works usually assume that the query function and target function share equal semantics and compare their full semantics to obtain the similarity. However, we find that the function mapping is more complex, especially when function inlining happens.In this paper, we will systematically investigate cross-inlining binary function similarity detection. We first construct a crossinlining dataset by compiling 51 projects using 9 compilers, with 4 optimizations, to 6 architectures, with 2 inlining flags, which results in two datasets both with 216 combinations. Then we construct the cross-inlining function mappings by linking the common source functions in these two datasets. Through analysis of this dataset, we find that three cross-inlining patterns widely exist while existing work suffers when detecting cross-inlining binary function similarity. Next, we propose a pattern-based model named CI-Detector for cross-inlining matching. CI-Detector uses the attributed CFG to represent the semantics of binary functions and GNN to embed binary functions into vectors. CI-Detector respectively trains a model for these three cross-inlining patterns. Finally, the testing pairs are input to these three models and all the produced similarities are aggregated to produce the final similarity. We conduct several experiments to evaluate CI-Detector. Results show that CI-Detector can detect cross-inlining pairs with a precision of 81% and a recall of 97%, which exceeds all state-of-the-art works. CCS CONCEPTS• Software and its engineering → Software reverse engineering; Search-based software engineering.

show abstract