Software Homology Analysis Based On Intermediate Representation Features

With the development of open-source software technology,a large amount of software directly or indirectly uses open-source codes and open-source libraries in their development process.When there are malicious codes or security vulnerabilities in these open-source code,all software that uses it can be affected,thus introducing the concept of software homology analysis.The software homology analysis technology evaluates the similarity of the software by analyzing the code structure and behavior characteristics of the software.Software homology analysis technology is mainly used for software plagiarism detection,code reuse detection,mining of known vulnerabilities,and clustering of malware families.It has a great application in software intellectual property maintenance and software security.Some commonly used open-source software and open-source libraries are often compiled into multiple architectures,such as Open SSL.However,existing software homology analysis tools have poor analysis capabilities for software under different architectures.To solve this problem,we propose a software homology analysis technique based on intermediate representation features.The main work of this paper is as follows:1.Aiming at the problem that the current binary file comparison tool has weaker cross-architecture comparison ability,we design and implement a binary file comparison tool based on intermediate representation features.The binary software is converted into the form of LLVM IR,and the binary files are compared based on the intermediate representation.2.For software with different versions,the internal changes of some functions are massive and cause challenging to match.We propose a similar matching result optimization technique based on the function call graph and perform a second matching on the function according to the calling relationship between the functions.3.Aiming at the problem that the existing software homology analysis tools have poor software analysis ability under different architectures,we design and implement a software homology analysis tool based on intermediate representation features.Based on the similarity of function levels,the similarity between two binary files is calculated based on the function call graph.