Semantic-Based Representation Binary Clone Detection for Cross-Architectures in the Internet of Things

Luo, Zhenhao; Wang, Baosheng; Tang, Yong; Xie, W.

doi:10.3390/app9163283

Cited by 19 publications

(9 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This limits the benefit of NSP. Some recent methods also adopted PTT, predicting the similarities between two instructions [11,25]. However, they still treat the individual instruction as the unit to mine semantic information, which may also be less effective.…”

Section: Extraction Of Textual Semantic Informationmentioning

confidence: 99%

FUSION: Measuring Binary Function Similarity with Code-Specific Embedding and Order-Sensitive GNN

et al. 2022

View full text Add to dashboard Cite

Binary code similarity measurement is a popular research area in binary analysis with the recent development of deep learning-based models. Current state-of-the-art methods often use the pre-trained language model (PTLM) to embed instructions into basic blocks as representations of nodes within a control flow graph (CFG). These methods will then use the graph neural network (GNN) to embed the whole CFG and measure the binary similarities between these code embeddings. However, these methods almost directly treat the assembly code as a natural language text and ignore its code-specific features when training PTLM. Moreover, They barely consider the direction of edges in the CFG or consider it less efficient. The weaknesses of the above approaches may limit the performances of previous methods. In this paper, we propose a novel method called function similarity using code-specific PPTs and order-sensitive GNN (FUSION). Since the similarity of binary codes is a symmetric/asymmetric problem, we were guided by the ideas of symmetry and asymmetry in our research. They measure the binary function similarity with two code-specific PTLM training strategies and an order-sensitive GNN, which, respectively, alleviate the aforementioned weaknesses. FUSION outperforms the state-of-the-art binary similarity methods by up to 5.4% in accuracy, and performs significantly better.

show abstract

Section: Extraction Of Textual Semantic Informationmentioning

confidence: 99%

FUSION: Measuring Binary Function Similarity with Code-Specific Embedding and Order-Sensitive GNN

et al. 2022

View full text Add to dashboard Cite

show abstract

“…The consequent clone attacks need more efficient corresponding detection approaches. To detect code clones in IoT applications, Tekchandani et al [53], and Luo et al [54] provided good results based on semanticlevel source code analysis; however, their studies were not primarily on cloned vulnerability detection. Sachidananda et al [55] proposed a framework to detect various vulnerabilities located in IoT devices using the static analysis method.…”

Section: A: Sensor Networkmentioning

confidence: 99%

A Survey of Software Clone Detection From Security Perspective

Zhang

Sakurai

2021

IEEE Access

View full text Add to dashboard Cite

In software engineering, if two code fragments are closely similar with minor modifications, or even identical as a result of copy-paste behavior, they are called software/code clones. Code clones can cause trouble in software maintenance and the debugging process because identifying all copied compromised code fragments in other locations is time-consuming. Researchers have been studying code clone detection issues for a long time, and the discussion mainly focuses on software engineering management and system maintenance. Another considerable issue is that code cloning provides an easy way for attackers to maliciously inject code. A thorough survey of code clone identification/detection from the security perspective is indispensable for providing a comprehensive review of previous related studies and proposing potential research directions. This paper satisfies the above requirements. We review and introduce previous security-related studies following three classifications and various comparison criteria. We then discuss three further research directions: (i) deep learning-based code clone vulnerability detection, (ii) vulnerable code clone detection for 5G-Internet of Things devices, and (iii) real-time detection methods for more efficiently detecting clone attacks. These methods are more advanced and adaptive to technological development and still have sufficient research space for future studies.

show abstract

“…The Hex-Rays Decompiler, which is one of its well-known plug-ins for automatic decompilation, was used to decompile the assembly instructions into C files. More importantly, it supports the compiler-generated code for the x86, x64, ARM32, ARM64 and PowerPC processors, satisfying the needs of most airborne software decompilations [62]. The Hex-Rays Decompiler was used to decompile the object code of the ADC software to acquire the decompiled source code, as displayed in Figure 10.…”

Section: Traceability From Executable Object Code To Source Codementioning

confidence: 99%

Formal Analysis and Verification of Airborne Software Based on DO-333

Cao

Huang

et al. 2020

Electronics

View full text Add to dashboard Cite

With rapid technological advances in airborne control systems, it has become imperative to ensure the reliability, robustness, and adaptability of airborne software since failure of these software could result in catastrophic loss of property and life. DO-333 is a supplement to the DO-178C standard, which is dedicated to guiding the application of formal methods in the review and analysis of airborne software development processes. However, DO-333 lacks theoretical guidance on how to choose appropriate formal methods and tools to achieve verification objectives at each stage of the verification process, thereby limiting their practical application. This paper is intended to illustrate the formal methods and tools available in the verification process to lay down a general guide for the formal development and verification of airborne software. We utilized the Air Data Computer (ADC) software as the research object and applied different formal methods to verify software lifecycle artifacts. This example explains how to apply formal methods in practical applications and proves the effectiveness of formal methods in the verification of airborne software.

show abstract

Semantic-Based Representation Binary Clone Detection for Cross-Architectures in the Internet of Things

Cited by 19 publications

References 22 publications

FUSION: Measuring Binary Function Similarity with Code-Specific Embedding and Order-Sensitive GNN

FUSION: Measuring Binary Function Similarity with Code-Specific Embedding and Order-Sensitive GNN

A Survey of Software Clone Detection From Security Perspective

Formal Analysis and Verification of Airborne Software Based on DO-333

Contact Info

Product

Resources

About