International Business Machines Corporation
Identification of components used in software binaries through approximate concrete execution

Abstract:

Systems, computer-implemented methods, and computer program products that facilitate identifying computer software vulnerabilities, and more specifically, execute an approximate representation of software to produce a fingerprint are provided. In one example, a system is provided. The system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can include a filter component and an execution component. The filter component can filter a platform-independent intermediate representation to a filtered representation. The execution component can execute the filtered representation on a virtual machine to produce an output vector which can be used to identify computer software vulnerabilities.