BinclustRE: a configurable tool for binary clustering
Resumo
Esse projeto apresenta o BinclustRE, uma ferramenta de Código Aberto que cria um pipeline para agrupamento automatizado em binários de executáveis, o que é útil para a segurança porque programas agrupados juntos devem apresentar vulnerabilidades de segurança parecidas. Ele implementa um pipeline no qual é simples integrar novas técnicas e executa-as com multi-threading e cache dos resultados intermediários. Nossos experimentos mostram que o BinclustRE foi capaz de agrupar versões da libssl do OpenSSL vulneráveis ao Heartbleed em grupos diferentes a versões pelo menos um ano mais novas que a correção.
Referências
Cilibrasi, R. and Vitanyi, P. (2005). Clustering by compression. IEEE Transactions on Information Theory, 51(4):1523–1545.
Gibert, D., Mateu, C., and Planes, J. (2020). The rise of machine learning for detection and classification of malware: Research developments, trends and challenges. Journal of Network and Computer Applications, 153:102526.
Kim, D., Kim, E., Cha, S. K., Son, S., and Kim, Y. (2023). Revisiting binary code similarity analysis using interpretable feature engineering and lessons learned. IEEE Transactions on Software Engineering, 49(4):1661–1682.
Kumari, P. and Jain, A. K. (2023). A comprehensive study of ddos attacks over iot network and their countermeasures. Computers & Security, 127:103096.
Liu, K., Yang, M., Ling, Z., Yan, H., Zhang, Y., Fu, X., and Zhao, W. (2020). On manually reverse engineering communication protocols of linux-based iot systems. IEEE Internet of Things Journal, 8(8):6815–6827.
Sanches, A., Cardoso, J. M., and Delbem, A. C. (2011). Identifying merge-beneficial software kernels for hardware implementation. In 2011 International Conference on Reconfigurable Computing and FPGAs, pages 74–79.
Yaacoub, J.-P. A., Noura, H. N., Salman, O., and Chehab, A. (2023). Ethical hacking for iot: Security issues, challenges, solutions and recommendations. Internet of Things and Cyber-Physical Systems, 3:280–308.
Gibert, D., Mateu, C., and Planes, J. (2020). The rise of machine learning for detection and classification of malware: Research developments, trends and challenges. Journal of Network and Computer Applications, 153:102526.
Kim, D., Kim, E., Cha, S. K., Son, S., and Kim, Y. (2023). Revisiting binary code similarity analysis using interpretable feature engineering and lessons learned. IEEE Transactions on Software Engineering, 49(4):1661–1682.
Kumari, P. and Jain, A. K. (2023). A comprehensive study of ddos attacks over iot network and their countermeasures. Computers & Security, 127:103096.
Liu, K., Yang, M., Ling, Z., Yan, H., Zhang, Y., Fu, X., and Zhao, W. (2020). On manually reverse engineering communication protocols of linux-based iot systems. IEEE Internet of Things Journal, 8(8):6815–6827.
Sanches, A., Cardoso, J. M., and Delbem, A. C. (2011). Identifying merge-beneficial software kernels for hardware implementation. In 2011 International Conference on Reconfigurable Computing and FPGAs, pages 74–79.
Yaacoub, J.-P. A., Noura, H. N., Salman, O., and Chehab, A. (2023). Ethical hacking for iot: Security issues, challenges, solutions and recommendations. Internet of Things and Cyber-Physical Systems, 3:280–308.
Publicado
18/09/2023
Como Citar
SANTEE, Alexandre Marcelino; DANTAS JÚNIOR, Fernando Antonio; TAFFAREL, Françoa; FREITAS, Osmany Barros de; PEREIRA JÚNIOR, Lourenço Alves.
BinclustRE: a configurable tool for binary clustering. In: SALÃO DE FERRAMENTAS - SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 23. , 2023, Juiz de Fora/MG.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2023
.
p. 49-56.
DOI: https://doi.org/10.5753/sbseg_estendido.2023.235559.
