Title :
SCV: Structure and Constant Value based Binary Diffing
Author :
Park, Heewan ; Choi, Seokwoo ; Seo, Sunae ; Han, Taisook
Author_Institution :
Korea Adv. Inst. of Sci. & Technol., Daejeon
Abstract :
Binary diffing is a method to find differences in similar binary executables such as two different versions of security patches. Diffing methods using flow information detect control flow changes very fast, but they cannot track constant value changes. We present a binary diffing tool named SCV which utilizes both structure and value information. SCV summarizes structure and constant value information from disassembled code, and matches the summaries to find differences. By analyzing a Microsoft Windows security patch KB938827, we showed that SCV found necessary differences caused by constant value changes which the state-of- the-art binary diffing tool BinDiff ´failed to find.
Keywords :
data flow analysis; operating systems (computers); program assemblers; security of data; software tools; KB938827 Microsoft Windows security patch; SCV binary code diffing tool; binary executables; control flow change detection; disassembled code; Assembly; Binary codes; Failure analysis; Information security; Information technology; Inspection; Lab-on-a-chip; Operating systems; Registers; Shape; Binary comparison; binary control-flow graph; binary diffing;
Conference_Titel :
Information Security and Assurance, 2008. ISA 2008. International Conference on
Conference_Location :
Busan
Print_ISBN :
978-0-7695-3126-7
DOI :
10.1109/ISA.2008.29
