Title :
Fingerprint Extraction of Executables Based on the Potential Field Graph of Callgraph
Author :
Fanchen, Su ; Zhiyi, Yin ; Haitao, Yao ; Jianming, Fu ; Fuxi, Zhu
Author_Institution :
Comput. Sch., Wuhan Univ., Wuhan
Abstract :
This paper describes a novel method for extracting fingerprints of executables. A new data visual approach based on data field is imported. The 3-tuple (in-degree, out-degree, function call relationship) extracted from call graph are used for constructing data field and the potential field graph. This potential field graph is fingerprinted by the method of shape invariant moments which is mature and statistic approach to analyze the shape of image. Experimental results show that the shape invariant moments of the potential field graph can be used to identify different executable programs as a fingerprint.
Keywords :
graph colouring; supervisory programs; callgraph; data visual approach; executable programs; fingerprint extraction; potential field graph; shape invariant moments; statistic approach; Computer science; Computer worms; Data mining; Distance measurement; Fingerprint recognition; Flow graphs; Image analysis; Shape measurement; Software engineering; Statistical analysis; callgraph; data field; distance measurement; fingerprint extraction; potential field graph; shape invariant moments;
Conference_Titel :
Computer Science and Software Engineering, 2008 International Conference on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-0-7695-3336-0
DOI :
10.1109/CSSE.2008.1184
