<scp>ARCTURUS</scp> : Full Coverage Binary Similarity Analysis with Reachability-Guided Emulation-Reference-Cited by-同舟云学术

ARCTURUS : Full Coverage Binary Similarity Analysis with Reachability-Guided Emulation

Published:2024-01-11 Issue: Volume: Page:
ISSN:1049-331X
Container-title:ACM Transactions on Software Engineering and Methodology
language:en
Short-container-title:ACM Trans. Softw. Eng. Methodol.

Author:

Zhou Anshunkang¹,Hu Yikun²,Xu Xiangzhe³,Zhang Charles¹

Affiliation:

1. Hong Kong University of Science and Technology, China

2. Shanghai Jiao Tong University, China

3. Purdue University, USA

Abstract

Binary code similarity analysis is extremely useful since it provides rich information about an unknown binary, such as revealing its functionality and identifying reused libraries. Robust binary similarity analysis is challenging as heavy compiler optimizations can make semantically similar binaries have gigantic syntactic differences. Unfortunately, existing semantic-based methods still suffer from either incomplete coverage or low accuracy. In this paper, we propose ARCTURUS , a new technique that can achieve high code coverage and high accuracy simultaneously by manipulating program execution under the guidance of code reachability. Our key insight is that the compiler must preserve program semantics (e.g., dependences between code fragments) during compilation; therefore, the code reachability, which implies the interdependence between code, is invariant across code transformations. Based on the above insight, our key idea is to leverage the stability of code reachability to manipulate the program execution such that deep code logic can also be covered in a consistent way. Experimental results show that ARCTURUS achieves an average precision of 87.8% with 100% block coverage, outperforming compared methods by 38.4% on average. ARCTURUS takes only 0.15 seconds to process one function on average, indicating that it is efficient for practical use.

Publisher

Association for Computing Machinery (ACM)

Subject

Software

Link

https://dl.acm.org/doi/pdf/10.1145/3640337

Reference99 articles.

1. 2017. VMPROTECT SOFTWARE. http://vmpsoft.com. [Online ; accessed 16- February - 2017 ]. 2017. VMPROTECT SOFTWARE. http://vmpsoft.com. [Online; accessed 16-February-2017].

2. 2019. Binary Software Composition Analysis. https://www.grammatech.com/binary-software-composition-analysis-sca. [Online ; accessed 22- November - 2020 ]. 2019. Binary Software Composition Analysis. https://www.grammatech.com/binary-software-composition-analysis-sca. [Online; accessed 22-November-2020].

3. 2020. BinDiff Manual . https://www.zynamics.com/bindiff/manual/index.html. [Online ; accessed 22- November - 2020 ]. 2020. BinDiff Manual. https://www.zynamics.com/bindiff/manual/index.html. [Online; accessed 22-November-2020].

4. 2020. BinTuner. https://github.com/BinTuner/Dev. [Online ; accessed 03- August - 2021 ]. 2020. BinTuner. https://github.com/BinTuner/Dev. [Online; accessed 03-August-2021].

5. 2020. Clang 10 Documentation . https://releases.llvm.org/10.0.0/tools/clang/docs/CommandGuide/clang.html. [Online ; accessed 22- November - 2020 ]. 2020. Clang 10 Documentation. https://releases.llvm.org/10.0.0/tools/clang/docs/CommandGuide/clang.html. [Online; accessed 22-November-2020].