The Community for Technology Leaders
2008 International Conference on Information Security and Assurance (ISA '08) (2008)
Busan
April 24, 2008 to April 26, 2008
ISBN: 978-0-7695-3126-7
pp: 32-35
ABSTRACT
Binary diffing is a method to find differences in similar binary executables such as two different versions of security patches. Diffing methods using flow information detect control flow changes very fast, but they cannot track constant value changes. We present a binary diffing tool named SCV which utilizes both structure and value information. SCV summarizes structure and constant value information from disassembled code, and matches the summaries to find differences. By analyzing a Microsoft Windows security patch KB938827, we showed that SCV found necessary differences caused by constant value changes whichthe state-of-the-art binary diffing tool BinDiff failed to find.
INDEX TERMS
Binary comparison, binary diffing, binary control-flow graph
CITATION
Taisook Han, Sunae Seo, Heewan Park, Seokwoo Choi, "SCV: Structure and Constant Value based Binary Diffing", 2008 International Conference on Information Security and Assurance (ISA '08), vol. 00, no. , pp. 32-35, 2008, doi:10.1109/ISA.2008.29
89 ms
(Ver 3.3 (11022016))