Binary code similarityapproaches compare two or more pieces of binary code to identify their
similarities and differences. The ability to compare binary code enables many real-world …

Tags can be used by malware repositories and analysis services to enable searches for
samples of interest across different dimensions. Automatically extracting tags from AV labels …

Phishing is a critical threat to Internet users. Although an extensive ecosystem serves to
protect users, phishing websites are growing in sophistication, and they can slip past the …

Binary code similarity detection (BCSD) serves as a basis for a wide spectrum of
applications, including software plagiarism, malware classification, and known vulnerability …

Traditional machine learning based malware detection methods often use decompiling
techniques or dynamic monitoring techniques to extract the feature representation of …

The recent emergence of consumer off-the-shelf embedded (IoT) devices and the rise of
large-scale IoT botnets has dramatically increased the volume and sophistication of Linux …

Detecting differences between two binary executables (binary diffing), first derived from
patch analysis, have been widely employed in various software security analysis tasks, such …

As the malware research field became more established over the last two decades, new
research questions arose, such as how to make malware research reproducible, how to …

Binary code clone (or similarity) detection is a fundamental technique for many important
applications, such as plagiarism detection, malware analysis, software vulnerability …

Software lineage refers to the evolutionary relationship among a collection of software. The
goal of software lineage inference is to recover the lineage given a set of program binaries …