2008 International Conference on Information Security and Assurance (ISA '08) (2008)
April 24, 2008 to April 26, 2008
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ISA.2008.29
Binary diffing is a method to find differences in similar binary executables such as two different versions of security patches. Diffing methods using flow information detect control flow changes very fast, but they cannot track constant value changes. We present a binary diffing tool named SCV which utilizes both structure and value information. SCV summarizes structure and constant value information from disassembled code, and matches the summaries to find differences. By analyzing a Microsoft Windows security patch KB938827, we showed that SCV found necessary differences caused by constant value changes whichthe state-of-the-art binary diffing tool BinDiff failed to find.
Binary comparison, binary diffing, binary control-flow graph
T. Han, S. Seo, H. Park and S. Choi, "SCV: Structure and Constant Value based Binary Diffing," 2008 International Conference on Information Security and Assurance (ISA '08)(ISA), Busan, 2008, pp. 32-35.