Binary function database system

Assignee

• Microsoft Corporation · US

Inventors

• Jason Geffner · Bothell, US
• Ning Sun · Redmond, US
• Brad Albrecht · Snohomish, US
• Tony Lee · Sammamish, US
• Pat Winkler · Redmond, US
• Chengyun Chu · Redmond, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/566
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A binary function database system is provided in which binary functions are extracted from compiled and linked program files and stored in a database as robust abstractions which can be matched with others using one or more function matching heuristics. Such abstraction allows for minor variations in function implementation while still enabling matching with an identical stored function in the database, or with a stored function with a given level of confidence. Metadata associated with each function is also typically generated and stored in the database. In an illustrative example, a structured query language database is utilized that runs on a central database server, and that tracks function names, the program file from which the function is extracted, comments and other associated information as metadata during an analyst's live analysis session to enable known function information that is stored in the database to be applied to binary functions of interest that are disassembled from the program file.