Binary Code Heredity and Provenance based on Gene Detection and Networks Science

 

LIYING CUI

PENNSYLVANIA STATE UNIVERSITY

 

In this paper, we propose a network based method to detect the heredity, provenance and variants of binary codes. The semantic and context based approaches exist to identify the nature of software. However methods to relate binary codes are sparse. Science for identifying the family relationship of malware is at its infantile stage. We present a social networks based approach to relate binary codes, which we believe will be fundamental in identifying the relationship between malware. Such a methodology will help in developing quick mitigation strategies. We believe that this is an innovative approach and worth of further investigation.