Ji et al., 2021 - Google Patents
Vestige: Identifying binary code provenance for vulnerability detectionJi et al., 2021
View PDF- Document ID
- 599333226564794720
- Author
- Ji Y
- Cui L
- Huang H
- Publication year
- Publication venue
- International Conference on Applied Cryptography and Network Security
External Links
Snippet
Identifying the compilation provenance of a binary code helps to pinpoint the specific compilation tools and configurations that were used to produce the executable. Unfortunately, existing techniques are not able to accurately differentiate among closely …
- 238000001514 detection method 0 title abstract description 47
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30386—Retrieval requests
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
- G06F8/41—Compilation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/20—Handling natural language data
- G06F17/27—Automatic analysis, e.g. parsing
- G06F17/2705—Parsing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/3061—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/02—Knowledge representation
- G06N5/022—Knowledge engineering, knowledge acquisition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Ucci et al. | Survey of machine learning techniques for malware analysis | |
| Tufano et al. | Deep learning similarities from different representations of source code | |
| US10848519B2 (en) | Cyber vaccine and predictive-malware-defense methods and systems | |
| Alrabaee et al. | Fossil: a resilient and efficient system for identifying foss functions in malware binaries | |
| Caliskan et al. | When coding style survives compilation: De-anonymizing programmers from executable binaries | |
| Shirani et al. | Binshape: Scalable and robust binary library function identification using function shape | |
| Mi et al. | VSCL: automating vulnerability detection in smart contracts with deep learning | |
| US11934458B2 (en) | Binary code similarity detection system | |
| Ji et al. | Vestige: Identifying binary code provenance for vulnerability detection | |
| Wei et al. | Deephunter: A graph neural network based approach for robust cyber threat hunting | |
| Ullah et al. | Clone detection in 5G-enabled social IoT system using graph semantics and deep learning model | |
| Guo et al. | Vulhunter: An automated vulnerability detection system based on deep learning and bytecode | |
| Alrabaee et al. | On leveraging coding habits for effective binary authorship attribution | |
| Guo et al. | HyVulDect: a hybrid semantic vulnerability mining system based on graph neural network | |
| Xue et al. | Hecate: Automated customization of program and communication features to reduce attack surfaces | |
| Campion et al. | Learning metamorphic malware signatures from samples | |
| Liu et al. | Learning contract invariants using reinforcement learning | |
| Ullah et al. | CroLSSim: Cross‐language software similarity detector using hybrid approach of LSA‐based AST‐MDrep features and CNN‐LSTM model | |
| Marashdih et al. | Predicting input validation vulnerabilities based on minimal SSA features and machine learning | |
| Mi et al. | An automated vulnerability detection framework for smart contracts | |
| Alrabaee | A stratified approach to function fingerprinting in program binaries using diverse features | |
| Liu et al. | Pre-training by Predicting Program Dependencies for Vulnerability Analysis Tasks | |
| US20240045956A1 (en) | Malicious source code detection | |
| Zhang et al. | Unleashing the power of pseudo-code for binary code similarity analysis | |
| Şahin | Malware detection using transformers-based model GPT-2 |