AIDRC Seminar Series - Saed Alrabaee

Feb 14, 2023
AIDRC Seminar Series Banner

 

Saed Alrabaee

Saed Alrabaee

Associate Professor, United Arab Emirates University

14th Feb 2023, 04:00pm – 05:00pm (GST)

 

Title:

Binary Code Fingerprinting for Cybersecurity: Application to Malicious Code Fingerprinting

Abstract:

Why was this binary written? Which compiler was used? Which free software packages did the developer use? Which sections of the code were borrowed? Who wrote the binary? These questions are of paramount importance to security analysts and reverse engineers, and binary fingerprinting approaches may provide valuable insights that can help answer them. Many methods were proposed to answer the questions. However, many challenges prevent existing approaches from being effective in the absence of source code. To make matters worse, the introduction of obfuscation techniques, the use of different compilers and compilation settings, and software refactoring techniques has made the binary code fingerprinting increasingly difficult. With very few exceptions, the existing approaches are not resilient to such techniques, and the exceptions are not sufficiently efficient. This talk will present a set of solutions that addresses some of the most fundamental problems in program fingerprinting for binary code, notably, reusable binary code discovery, fingerprinting free open-source software packages, and authorship attribution.

Bio:

Dr. Saed Alrabaee received the Ph.D. degree in information system engineering from Concordia University, Montreal, QC, Canada, in 2018. He is currently an Associate Professor with the Department of Information Systems and Security, United Arab Emirates University (UAEU), Al Ain, United Arab Emirates. Prior to joining UAEU, he was a Visiting Assistant Professor with the Department of Electrical and Computer Engineering and the Department of Computer Science, University of New Haven (UNH), West Haven, CT, USA. He also a permanent research scientist at the National Cyber Forensic and Training Alliance (NCFTA) of Canada. His research and development activities and interests focus on the broad area of reverse engineering, including binary authorship attribution and characterization, and malware investigation. In this domain, he has published more than 30 papers in top tier journals and prestigious conferences.