Zhu, Yiran;
Tang, Tong;
Wan, Jie;
Yang, Ziqi;
Liu, Zhenguang;
Cavallaro, Lorenzo;
(2026)
BINALIGNER: Aligning Binary Code for Cross-Compilation Environment Diffing.
In:
(Proceedings) Network and Distributed System Security (NDSS) Symposium.
: San Diego, CA, USA.
(In press).
![[thumbnail of ndss26-summer-final649.pdf]](https://discovery.ucl.ac.uk/style/images/fileicons/text.png) |
Text
ndss26-summer-final649.pdf - Accepted Version Access restricted to UCL open access staff until 16 April 2026. Download (1MB) |
Abstract
Binary diffing aims to align portions of control flow graphs corresponding to the same source code snippets between two binaries for software security analyses, such as vulnerability and plagiarism detection tasks. Previous works have limited effectiveness and inflexible support for cross-compilation environment scenarios. The main reason is that they perform matching based on the similarity comparison of basic blocks. In our work, we propose a novel diffing approach BINALIGNER to alleviate the above limitations at the binary level. To reduce the likelihood of false and missed matches corresponding to the same source code snippets, we present conditional relaxation strategies to find candidate subgraph pairs. To support a more flexible binary diffing in cross-compilation environment scenarios, we use instruction-independent basic block features for subgraph embedding generation. We implement BINALIGNER and conduct experiments across four cross-compilation environment scenarios (i.e., cross-version, cross-compiler, cross-optimization level, and cross-architecture) to evaluate its effectiveness and support ability for different scenarios. Experimental results show that BINALIGNER significantly outperforms the state-of-the-art methods in most scenarios. Especially in the cross-architecture scenario and multiple combinations of cross-compilation environment scenarios, BINALIGNER exhibits F1-scores that are on average 65% higher than the baselines. Two case studies using real-world vulnerabilities and patches further demonstrate the utility of BINALIGNER.
| Type: | Proceedings paper |
|---|---|
| Title: | BINALIGNER: Aligning Binary Code for Cross-Compilation Environment Diffing |
| Event: | Network and Distributed System Security (NDSS) Symposium |
| Location: | San Diego, CA, USA |
| DOI: | 10.14722/ndss.2026.230649 |
| Publisher version: | https://dx.doi.org/10.14722/ndss.2026.230649 |
| Language: | English |
| Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10216012 |
Archive Staff Only
 |
View Item |
