Conference Proceeding Article
Techniques have been proposed to find the semantic differences between two binary programs when the source code is not available. Analyzing control flow, and in particular, intra-procedural control flow, has become an attractive technique in the latest binary diffing tools since it is more resistant to syntactic, but non-semantic, differences. However, this makes such techniques vulnerable to simple function obfuscation techniques (e.g., function inlining) attackers any malware writers could use. In this paper, we first show function obfuscation as an attack to such binary diffing techniques, and then propose iBinHunt which uses deep taint and automatic input generation to find semantic differences in inter-procedural control flows. Evaluation on comparing various versions of a http server and gzip shows that iBinHunt not only is capable of comparing inter-procedural control flows of two programs, but offers substantially better accuracy and efficiency in binary diffing.
binary diffing, semantic difference, taint analysis
Information Security | Software Engineering
Information Security and Cryptology - ICISC 2012: 15th International Conference, Seoul, Korea, November 28-30, 2012: Revised Selected Papers
City or Country
MING, Jiang; PAN, Meng; and GAO, Debin.
iBinHunt: Binary Hunting with Inter-Procedural Control Flow. (2012). Information Security and Cryptology - ICISC 2012: 15th International Conference, Seoul, Korea, November 28-30, 2012: Revised Selected Papers. 7839, 92-109. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/1700
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.