Structural Comparison of Executables with Graph Isomorphisms
Date of Award
2005
Document Type
Thesis
Degree Name
Bachelors
Department
Natural Sciences
First Advisor
McDonald, Patrick
Keywords
Reverse Engineering, Application Security, Assembly Language
Area of Concentration
Mathematics
Abstract
This thesis concerns the following problem: two executables derived from a similar codebase (e.g. successive versions of the same program, computer viruses) are given. Without access to the source code for either, determine which portions of the code are functionally equivalent, and classify all differences in the logic of individual functions. While solutions to related problems generally rely upon raw data comparison or assembly-language instruction comparison, the method developed herein is to treat each executable as a directed graph and construct isomorphisms between distinguished subgraphs. The heuristics forego concrete details concerning the individual assembly language instructions in favor of structural properties of the graph representation.
Recommended Citation
Rolles, Rolf, "Structural Comparison of Executables with Graph Isomorphisms" (2005). Theses & ETDs. 3572.
https://digitalcommons.ncf.edu/theses_etds/3572
Rights
This bibliographic record is available under the Creative Commons CC0 public domain dedication. The New College of Florida, as creator of this bibliographic record, has waived all rights to it worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.