Binary Code Analysis for Cybersecurity: A Systematic Review of Forensic Techniques in Vulnerability Detection and Anti-Evasion Strategies

Document Type

Article

Source of Publication

IEEE Access

Publication Date

1-1-2025

Abstract

Binary code analysis is essential in modern cybersecurity by examining compiled program outputs to find vulnerabilities, detect malware, and ensure software security compliance. However, the field faces significant challenges due to the scattered nature of existing research and the lack of unified analytical frameworks, which hinder a comprehensive understanding and practical application. To address these gaps, we conducted a thorough systematic review of current binary code analysis techniques across six key areas, analyzing 239 research papers published between 2007 and 2025. Our work addresses significant gaps in current research by offering: (1) a comprehensive overview of methods for binary code similarity; (2) a detailed examination of binary code fingerprinting techniques across various scenarios, from malware detection to digital forensics; (3) a systematic review of vulnerability analysis methods, including control flow graphs, taint analysis, and symbolic execution; (4) an assessment of clone detection strategies, such as text-based, token-based, structural, and behavioral approaches; (5) an in-depth study of authorship attribution techniques, with emphasis on malware attribution methods used in real-world cybersecurity cases; and (6) a thorough review of evasion and anti-analysis strategies, along with their countermeasures. In addition to highlighting the strengths and applications of these approaches, the study also identifies limitations in current methods, such as challenges in malware analysis, vulnerability analysis, and authorship attribution. Finally, we discuss future research directions, including the development of more robust analytical tools, enhancements to attribution models, and the creation of scalable solutions. Overall, this survey provides a foundation for advancing binary code analysis and fostering innovation to enhance software security and resilience by leveraging insights from previous research.

ISSN

2169-3536

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

Disciplines

Computer Sciences

Keywords

Code analysis, Code similarity analysis, Cybersecurity, Software security, Vulnerability detection

Scopus ID

105016798876

Indexed in Scopus

yes

Open Access

yes

Open Access Type

Gold: This publication is openly available in an open access journal/series

Link to Full Text

Share

COinS