skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: A Biosequence-based Approach to Software Characterization

Abstract

For many applications, it is desirable to have some process for recognizing when software binaries are closely related without relying on them to be identical or have identical segments. Some examples include monitoring utilization of high performance computing centers or service clouds, detecting freeware in licensed code, and enforcing application whitelists. But doing so in a dynamic environment is a nontrivial task because most approaches to software similarity require extensive and time-consuming analysis of a binary, or they fail to recognize executables that are similar but nonidentical. Presented herein is a novel biosequence-based method for quantifying similarity of executable binaries. Using this method, it is shown in an example application on large-scale multi-author codes that 1) the biosequence-based method has a statistical performance in recognizing and distinguishing between a collection of real-world high performance computing applications better than 90% of ideal; and 2) an example of using family tree analysis to tune identification for a code subfamily can achieve better than 99% of ideal performance.

Authors:
; ; ;
Publication Date:
Research Org.:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1339045
Report Number(s):
PNNL-SA-115860
453040300
DOE Contract Number:  
AC05-76RL01830
Resource Type:
Conference
Resource Relation:
Conference: IEEE Security and Privacy Workshops (SPW 2016), May 22-26, 2016, San Jose, California, 118-125
Country of Publication:
United States
Language:
English
Subject:
software analysis; sequence analysis; cyber security

Citation Formats

Oehmen, Christopher S., Peterson, Elena S., Phillips, Aaron R., and Curtis, Darren S. A Biosequence-based Approach to Software Characterization. United States: N. p., 2016. Web. doi:10.1109/SPW.2016.43.
Oehmen, Christopher S., Peterson, Elena S., Phillips, Aaron R., & Curtis, Darren S. A Biosequence-based Approach to Software Characterization. United States. doi:10.1109/SPW.2016.43.
Oehmen, Christopher S., Peterson, Elena S., Phillips, Aaron R., and Curtis, Darren S. Thu . "A Biosequence-based Approach to Software Characterization". United States. doi:10.1109/SPW.2016.43.
@article{osti_1339045,
title = {A Biosequence-based Approach to Software Characterization},
author = {Oehmen, Christopher S. and Peterson, Elena S. and Phillips, Aaron R. and Curtis, Darren S.},
abstractNote = {For many applications, it is desirable to have some process for recognizing when software binaries are closely related without relying on them to be identical or have identical segments. Some examples include monitoring utilization of high performance computing centers or service clouds, detecting freeware in licensed code, and enforcing application whitelists. But doing so in a dynamic environment is a nontrivial task because most approaches to software similarity require extensive and time-consuming analysis of a binary, or they fail to recognize executables that are similar but nonidentical. Presented herein is a novel biosequence-based method for quantifying similarity of executable binaries. Using this method, it is shown in an example application on large-scale multi-author codes that 1) the biosequence-based method has a statistical performance in recognizing and distinguishing between a collection of real-world high performance computing applications better than 90% of ideal; and 2) an example of using family tree analysis to tune identification for a code subfamily can achieve better than 99% of ideal performance.},
doi = {10.1109/SPW.2016.43},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Thu Aug 04 00:00:00 EDT 2016},
month = {Thu Aug 04 00:00:00 EDT 2016}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share: