Automatically mining program build information via signature matching

Charng Da Lu; Matthew D. Jones; Thomas R. Furlani

doi:10.1145/2016741.2016766

Automatically mining program build information via signature matching

Center for Computational Research

SUNY Buffalo

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

Program build information, such as compilers and libraries used, is vitally important in an auditing and benchmarking framework for HPC systems. We have developed a tool to automatically extract this information using signature-based detection, a common strategy employed by anti-virus software to search for known patterns of data within the program binaries. We formulate the patterns from various "features" embedded in the program binaries, and the experiment shows that our tool can successfully identify many different compilers, libraries, and their versions.

Original language	English
Title of host publication	Proceedings of the TeraGrid 2011 Conference
Subtitle of host publication	Extreme Digital Discovery, TG'11
DOIs	https://doi.org/10.1145/2016741.2016766
State	Published - 2011
Event	TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11 - Salt Lake City, UT, United States Duration: Jul 18 2011 → Jul 21 2011

Publication series

Name	Proceedings of the TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11

Conference

Conference	TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11
Country/Territory	United States
City	Salt Lake City, UT
Period	07/18/11 → 07/21/11

Keywords

ClamAV
program provenance
static binary analysis
technology audit

Access to Document

10.1145/2016741.2016766

Cite this

@inproceedings{9b375f7abf594cdeaef973edd6bdba4d,

title = "Automatically mining program build information via signature matching",

abstract = "Program build information, such as compilers and libraries used, is vitally important in an auditing and benchmarking framework for HPC systems. We have developed a tool to automatically extract this information using signature-based detection, a common strategy employed by anti-virus software to search for known patterns of data within the program binaries. We formulate the patterns from various {"}features{"} embedded in the program binaries, and the experiment shows that our tool can successfully identify many different compilers, libraries, and their versions.",

keywords = "ClamAV, program provenance, static binary analysis, technology audit",

author = "Lu, \{Charng Da\} and Jones, \{Matthew D.\} and Furlani, \{Thomas R.\}",

year = "2011",

doi = "10.1145/2016741.2016766",

language = "English",

isbn = "9781450308885",

series = "Proceedings of the TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11",

booktitle = "Proceedings of the TeraGrid 2011 Conference",

note = "TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11 ; Conference date: 18-07-2011 Through 21-07-2011",

}

Lu, CD, Jones, MD & Furlani, TR 2011, Automatically mining program build information via signature matching. in Proceedings of the TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11. Proceedings of the TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11, TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11, Salt Lake City, UT, United States, 07/18/11. https://doi.org/10.1145/2016741.2016766

Automatically mining program build information via signature matching. / Lu, Charng Da; Jones, Matthew D.; Furlani, Thomas R.
Proceedings of the TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11. 2011. (Proceedings of the TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Automatically mining program build information via signature matching

AU - Lu, Charng Da

AU - Jones, Matthew D.

AU - Furlani, Thomas R.

PY - 2011

Y1 - 2011

N2 - Program build information, such as compilers and libraries used, is vitally important in an auditing and benchmarking framework for HPC systems. We have developed a tool to automatically extract this information using signature-based detection, a common strategy employed by anti-virus software to search for known patterns of data within the program binaries. We formulate the patterns from various "features" embedded in the program binaries, and the experiment shows that our tool can successfully identify many different compilers, libraries, and their versions.

AB - Program build information, such as compilers and libraries used, is vitally important in an auditing and benchmarking framework for HPC systems. We have developed a tool to automatically extract this information using signature-based detection, a common strategy employed by anti-virus software to search for known patterns of data within the program binaries. We formulate the patterns from various "features" embedded in the program binaries, and the experiment shows that our tool can successfully identify many different compilers, libraries, and their versions.

KW - ClamAV

KW - program provenance

KW - static binary analysis

KW - technology audit

UR - https://www.scopus.com/pages/publications/80052338234

U2 - 10.1145/2016741.2016766

DO - 10.1145/2016741.2016766

M3 - Conference contribution

AN - SCOPUS:80052338234

SN - 9781450308885

T3 - Proceedings of the TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11

BT - Proceedings of the TeraGrid 2011 Conference

T2 - TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11

Y2 - 18 July 2011 through 21 July 2011

ER -

Automatically mining program build information via signature matching

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this