二进制文件同源性检测的结构化相似度计算

提出了一种利用二进制文件的结构化信息进行软件同源性相似度计算的方法.针对克隆软件的特点,设计了基本块签名,在文件-函数-基本块的层次化结构基础上,构建了基于基本块属性和结构化信息的基本块相似度度量,利用函数的结构化信息构建函数权重计算文件相似度,来衡量原文件和目标文件的同源性.针对常见克隆手段进行测试,对所提出的加权相似度算法与不加权算法、主流二进制比对工具的检测结果进行对比.结果表明,加权方法能更准确地衡量出2个文件的相似程度.

Similarity Computation for Executable Objects Homology Detection Based on Structural Signature

A method of similarity computation for executable objects homology detection based on structural signature was proposed.At first step,considering the characteristic of clone code,a signature of basic code block was designed.On the basis of the hierarchical structure of file-function-basic code block,similarity measurement of basic code block was built based on its basic properties and structural information.At second step,to evaluate the homology between original and object files,the similarity was calculated through constructing function weight by means of function structural information.Aiming at the most common clone patterns,some experiments were conducted between the proposed method,the method without considering weight and some mainstream similarity detection tools.Comparative results demonstrate that the proposed method can measure the similarity of two executable objects more accurately than other methods.