Title: Scalable Code Reuse Detection
Speaker: PhD student Jiyong Jang (Carnegie Mellon University)
Date: January 9th, (Wed.) 5:00pm~7:00pm
Location: 우정관 (Woojung Building), Room #201, Korea University
Code reuse detection is the problem of finding common code sequences between programs, and is not uncommon in software development. For example, developers reuse open source libraries to reduce software development or maintenance cost or to benefit from well-designed code. Malware authors also generate "new" malware by slightly modifying existing malware to bypass anti-virus detection.
Automatic code reuse detection is a core component in many security scenarios and has the most value when used on very large datasets. For example, security companies receive more than 403 million malware samples they would like to analyze to determine how much malware is really unique. Similarly, we want to search entire OS distributions, e.g., Debian Squeeze consisting of 348 million lines of non-empty and non-comment code, for recurring software bugs. In this talk, I discuss 1) automatic large scale malware triage system called BitShred, and 2) unpatched code clone detection system called ReDeBug.
Jiyong Jang is a fifth-year PhD student in electrical and computer engineering at Carnegie Mellon University. His research interests include systems, software and network security, with a focus on malicious software analysis and binary program analysis. He received his BS degree in computer science and industrial system engineering in 2005 and his MS degree in computer science in
2007 from Yonsei University, South Korea. He is the recipient of the 2011 Symantec Research Labs Graduate Fellowship.