Identifying Multiple Authors in a Binary Program
نویسندگان
چکیده
Knowing the authors of a binary program has significant application to forensics of malicious software (malware), software supply chain risk management, and software plagiarism detection. Existing techniques assume that a binary is written by a single author, which does not hold true in real world because most modern software, including malware, often contains code from multiple authors. In this paper, we make the first step toward identifying multiple authors in a binary. We present new fine-grained techniques to address the tougher problem of determining the author of each basic block. The decision of attributing authors at the basic block level is based on an empirical study of three large open source software, in which we find that a large fraction of basic blocks can be well attributed to a single author. We present new code features that capture programming style at the basic block level, our approach for identifying external template library code, and a new approach to capture correlations between the authors of basic blocks in a binary. Our experiments show strong evidence that programming styles can be recovered at the basic block level and it is practical to identify multiple authors in a binary.
منابع مشابه
Who Wrote This Code? Identifying the Authors of Program Binaries
Program authorship attribution—identifying a programmer based on stylistic characteristics of code—has practical implications for detecting software theft, digital forensics, and malware analysis. Authorship attribution is challenging in these domains where usually only binary code is available; existing source code-based approaches to attribution have left unclear whether and to what extent pr...
متن کاملعنوان: Effect of Orem-based self-care education program on disease-related problems in patients with multiple sclerosis: A clinical trial
چکیده: Background: Globally, multiple sclerosis (MS) is one of the leading causes of disability and is associated with a wide range of complications. Therefore, identifying patient needs and providing education based on an appropriate nursing model seems crucial. In this study, we aimed to evaluate the effect of Orem-based self-care education program on MS complications. Methods: This clinical ...
متن کاملPoster: Atoms of Style: Identifying the Authors of Program Binaries
Being able to identify the author of a program has many applications in both academic and commercial environments. In most use cases, the source code is readily available, and this is reflected in the literature, as previous work has mostly focused on source code analyses. In contrast, scant research has been carried out on identifying the authors of executable program binaries. This would be m...
متن کاملExamination of Authors' Stylistic Elements of Electronic Messages based on Researched Studies
Identifying author is an important issue in natural language processing and text classification. It shows the author's characteristic in various texts. The rapid development of the Internet causes Web-based tools such as email and blogs with an anonymous identity become a popular method of communication for the perpetrators. Moreover, it creates some specific security issues. In this paper, we ...
متن کاملEvaluating Dye Concentration in Bicomponent Solution by PCA-MPR and PCA-ANN Techniques
This paper studies the application of principal component analysis, multiple polynomial regression, and artificial neural network ANN techniques to the quantitative analysis of binary mixture of dye solution. The binary mixtures of three textile dyes including blue, red and yellow colors were analyzed by PCA-Multiple polynomial Regression and PCA-Artificial Neural network PCA-ANN methods. The o...
متن کامل