BINALIGNER: Aligning Binary Code for Cross-Compilation Environment Diffing
Yiran Zhu
Network and Distributed System Security (NDSS) Symposium 2026 · Day 3 · Systems Security
Binary diffing -- identifying corresponding code regions between two binaries compiled from related source -- is essential for vulnerability detection, patch verification, plagiarism detection, and malware analysis. Existing approaches match at the **basic block (node) level**, losing structural semantics when compiler optimizations split, merge, reorder, or unroll blocks. This talk presents **BinAligner**, which performs binary diffing at the **subgraph level**, using iterative anchor-based subgraph expansion with **condition relaxation policies** to handle compiler-induced structural changes, and **Struc2Vec Siamese networks** with contrastive learning to distinguish aligned from misaligned subgraph pairs.
AI review
A clean contribution to binary diffing that moves from node-level to subgraph-level matching, handling compiler-induced structural changes through well-designed condition relaxation policies. The 100% accuracy on vulnerability/patch detection is impressive, and the cross-architecture agnosticism using basic block statistics is practical. However, the acknowledged limitation of not capturing instruction-level semantics limits the approach's depth, and obfuscation resilience is explicitly excluded.