BinclustRE: a configurable tool for binary clustering
Abstract
This project presents BinclustRE. This Open-Source tool creates a pipeline for automated clustering of executable binaries, which is helpful for security because programs in the same group should have similar security vulnerabilities. It implements a pipeline in which it’s simple to integrate new techniques and run them using multi-threading and caching of intermediary results. Our experiments show BinclustRE was able to cluster versions of OpenSSL’s libssl vulnerable to heartbleed in different groups from versions at least one year newer than the patch.
References
Cilibrasi, R. and Vitanyi, P. (2005). Clustering by compression. IEEE Transactions on Information Theory, 51(4):1523–1545.
Gibert, D., Mateu, C., and Planes, J. (2020). The rise of machine learning for detection and classification of malware: Research developments, trends and challenges. Journal of Network and Computer Applications, 153:102526.
Kim, D., Kim, E., Cha, S. K., Son, S., and Kim, Y. (2023). Revisiting binary code similarity analysis using interpretable feature engineering and lessons learned. IEEE Transactions on Software Engineering, 49(4):1661–1682.
Kumari, P. and Jain, A. K. (2023). A comprehensive study of ddos attacks over iot network and their countermeasures. Computers & Security, 127:103096.
Liu, K., Yang, M., Ling, Z., Yan, H., Zhang, Y., Fu, X., and Zhao, W. (2020). On manually reverse engineering communication protocols of linux-based iot systems. IEEE Internet of Things Journal, 8(8):6815–6827.
Sanches, A., Cardoso, J. M., and Delbem, A. C. (2011). Identifying merge-beneficial software kernels for hardware implementation. In 2011 International Conference on Reconfigurable Computing and FPGAs, pages 74–79.
Yaacoub, J.-P. A., Noura, H. N., Salman, O., and Chehab, A. (2023). Ethical hacking for iot: Security issues, challenges, solutions and recommendations. Internet of Things and Cyber-Physical Systems, 3:280–308.
Gibert, D., Mateu, C., and Planes, J. (2020). The rise of machine learning for detection and classification of malware: Research developments, trends and challenges. Journal of Network and Computer Applications, 153:102526.
Kim, D., Kim, E., Cha, S. K., Son, S., and Kim, Y. (2023). Revisiting binary code similarity analysis using interpretable feature engineering and lessons learned. IEEE Transactions on Software Engineering, 49(4):1661–1682.
Kumari, P. and Jain, A. K. (2023). A comprehensive study of ddos attacks over iot network and their countermeasures. Computers & Security, 127:103096.
Liu, K., Yang, M., Ling, Z., Yan, H., Zhang, Y., Fu, X., and Zhao, W. (2020). On manually reverse engineering communication protocols of linux-based iot systems. IEEE Internet of Things Journal, 8(8):6815–6827.
Sanches, A., Cardoso, J. M., and Delbem, A. C. (2011). Identifying merge-beneficial software kernels for hardware implementation. In 2011 International Conference on Reconfigurable Computing and FPGAs, pages 74–79.
Yaacoub, J.-P. A., Noura, H. N., Salman, O., and Chehab, A. (2023). Ethical hacking for iot: Security issues, challenges, solutions and recommendations. Internet of Things and Cyber-Physical Systems, 3:280–308.
Published
2023-09-18
How to Cite
SANTEE, Alexandre Marcelino; DANTAS JÚNIOR, Fernando Antonio; TAFFAREL, Françoa; FREITAS, Osmany Barros de; PEREIRA JÚNIOR, Lourenço Alves.
BinclustRE: a configurable tool for binary clustering. In: TOOLS - BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 23. , 2023, Juiz de Fora/MG.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2023
.
p. 49-56.
DOI: https://doi.org/10.5753/sbseg_estendido.2023.235559.
