{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,20]],"date-time":"2025-06-20T04:08:51Z","timestamp":1750392531681,"version":"3.41.0"},"reference-count":60,"publisher":"Association for Computing Machinery (ACM)","issue":"FSE","funder":[{"name":"National Science Foundation","award":["2312185, 2417055"],"award-info":[{"award-number":["2312185, 2417055"]}]},{"name":"National Institute of Standards and Technology","award":["70NANB21H092"],"award-info":[{"award-number":["70NANB21H092"]}]},{"name":"Science and Technology Development Fund","award":["0134\\\/2024\\\/RIB2"],"award-info":[{"award-number":["0134\\\/2024\\\/RIB2"]}]},{"name":"Macau University of Science and Technology","award":["FRG-25-058-FIE"],"award-info":[{"award-number":["FRG-25-058-FIE"]}]},{"name":"Google","award":["Google Research Scholar Award"],"award-info":[{"award-number":["Google Research Scholar Award"]}]},{"name":"University of Alabama in Huntsville","award":["UAH New Faculty Research Award"],"award-info":[{"award-number":["UAH New Faculty Research Award"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Proc. ACM Softw. Eng."],"published-print":{"date-parts":[[2025,6,19]]},"abstract":"<jats:p>Binary diffing technique aims to identify differences\/similarities in executable files without source code access. Its potential applications in various software security tasks, such as vulnerability search, code clone detection, and malware analysis have generated a large body of literature over the past few years. A recurring theme in binary diffing research is to evaluate the resilience against the impact of compiler optimization, which is the most common source leading to syntactic differences in binary code. Despite claims by most binary diffing papers that they are immune to compiler optimization, recent studies have highlighted a pressing need for the research community to revisit these optimization-resilience claims.  \nIn this paper, we investigate peephole optimization's impact on binary diffing. Mainstream compilers feature a multitude of peephole optimization rules, facilitating local rewriting of input programs to replace instruction sequences within a window (i.e., peephole) with shorter and\/or faster equivalents. Our research reveals that peephole optimization primarily affects binary code differences at the intra-procedural level, which contradicts the assumptions made by basic-block centric comparison approaches. We customized an LLVM translation validation tool to investigate the impact of peephole optimization from the overall optimization process. Our experimental results demonstrate 1) peephole optimization modifies binary code during the whole optimization process, and 2) no existing basic-block centric comparison tools can properly deal with all changes caused by peephole optimization, leading to further performance loss in downstream applications. Our study introduces a \"peephole-oriented\" test suite, designed to isolate and measure the impact of peephole optimizations on binary code. This suite provides a new perspective for evaluating the resilience of binary diffing tools against subtle, intra-procedural code changes, setting a new benchmark for future tool development. Our findings reveal critical insights that challenge existing assumptions in binary diffing, highlighting the need for more robust analysis techniques.<\/jats:p>","DOI":"10.1145\/3729389","type":"journal-article","created":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T15:15:34Z","timestamp":1750346134000},"page":"2689-2711","source":"Crossref","is-referenced-by-count":0,"title":["Revisiting Optimization-Resilience Claims in Binary Diffing Tools: Insights from LLVM Peephole Optimization Analysis"],"prefix":"10.1145","volume":"2","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0425-8987","authenticated-orcid":false,"given":"Xiaolei","family":"Ren","sequence":"first","affiliation":[{"name":"Macau University of Science and Technology, Taipa, Macao"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8548-3299","authenticated-orcid":false,"given":"Mengfei","family":"Ren","sequence":"additional","affiliation":[{"name":"University of Alabama in Huntsville, Huntsville, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1069-5980","authenticated-orcid":false,"given":"Yu","family":"Lei","sequence":"additional","affiliation":[{"name":"University of Texas at Arlington, Arlington, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9682-0502","authenticated-orcid":false,"given":"Jiang","family":"Ming","sequence":"additional","affiliation":[{"name":"Tulane University, New Orleans, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2025,6,19]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3503823.3503879"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1749608.1749612"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1168857.1168906"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855741.1855754"},{"key":"e_1_2_1_5_1","volume-title":"Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS\u201909)","author":"Bayer Ulrich","year":"2009","unstructured":"Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, and Engin Kirda. 2009. Scalable, Behavior-Based Malware Clustering. In Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS\u201909)."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2430553.2430557"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.17"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2505515.2507848"},{"key":"e_1_2_1_9_1","unstructured":"Pinaki Chakraborty. 2015. Fifty Years of Peephole Optimization. Current Science 2186\u20132190."},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2950290.2950350"},{"key":"e_1_2_1_11_1","volume-title":"Natural Language Engineering","author":"Church Kenneth Ward","unstructured":"Kenneth Ward Church. 2016. Natural Language Engineering. Cambridge University Press, New York, NY, USA."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.12"},{"key":"e_1_2_1_13_1","volume-title":"Engineering a Compiler","author":"Cooper Keith","unstructured":"Keith Cooper and Linda Torczon. 2022. Engineering a Compiler (third ed.). Morgan Kaufmann. isbn:978-0128154120"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1015729001611"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2908080.2908126"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3062341.3062387"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3173162.3177157"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00003"},{"key":"e_1_2_1_19_1","volume-title":"Proceedings of the 27th Network and Distributed System Security Symposium (NDSS\u201920)","author":"Duan Yue","year":"2020","unstructured":"Yue Duan, Xuezixiang Li, Jinghan Wang, and Heng Yin. 2020. DeepBinDiff: Learning Program-Wide Code Representations for Binary Diffing. In Proceedings of the 27th Network and Distributed System Security Symposium (NDSS\u201920)."},{"key":"e_1_2_1_20_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium (USENIX Security\u201914)","author":"Egele Manuel","year":"2014","unstructured":"Manuel Egele, Maverick Woo, Peter Chapman, and David Brumley. 2014. Blanket Execution: Dynamic Similarity Testing for Program Binaries and Components. In Proceedings of the 23rd USENIX Security Symposium (USENIX Security\u201914)."},{"key":"e_1_2_1_21_1","volume-title":"Proceedings of the 23rd Annual Network and Distributed System Security Symposium (NDSS\u201916)","author":"Eschweiler Sebastian","year":"2016","unstructured":"Sebastian Eschweiler, Khaled Yakdan, and Elmar Gerhards-Padilla. 2016. discovRE: Efficient Cross-Architecture Identification of Bugs in Binary Code. In Proceedings of the 23rd Annual Network and Distributed System Security Symposium (NDSS\u201916)."},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978370"},{"key":"e_1_2_1_23_1","volume-title":"Proceedings of the 2004 GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA\u201904)","author":"Flake Halvar","year":"2004","unstructured":"Halvar Flake. 2004. Structural Comparison of Executable Objects. In Proceedings of the 2004 GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA\u201904)."},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.11"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-88625-9_16"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3238147.3240480"},{"key":"e_1_2_1_27_1","unstructured":"Google LLC. 2023. BinDiff: Graph Comparison for Binary Files. https:\/\/www.zynamics.com\/bindiff.html"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3446371"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653736"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICPC.2017.22"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046742"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3561385"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2022.3187689"},{"key":"e_1_2_1_34_1","volume-title":"Iterative Compilation. In Proceedings of the 2002 International Workshop on Embedded Computer Systems.","author":"Knijnenburg P.M.W.","year":"2002","unstructured":"P.M.W. Knijnenburg, T. Kisuki, and M.F.P. O\u2019Boyle. 2002. Iterative Compilation. In Proceedings of the 2002 International Workshop on Embedded Computer Systems."},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511750854"},{"key":"e_1_2_1_36_1","unstructured":"LLVM. [online]. LLVM\u2019s Analysis and Transform Passes. https:\/\/llvm.org\/docs\/Passes.html"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3453483.3454030"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2737924.2737965"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635900"},{"key":"e_1_2_1_40_1","volume-title":"Proceedings of the Third International Conference on Computational Intelligence and Information Technology (CIIT\u201913)","author":"Malkauthekar M. D.","year":"2013","unstructured":"M. D. Malkauthekar. 2013. Analysis of Euclidean Distance and Manhattan Distance Measure in Face Recognition. In Proceedings of the Third International Conference on Computational Intelligence and Information Technology (CIIT\u201913). 503\u2013507."},{"key":"e_1_2_1_41_1","volume-title":"Proceedings of the 31st USENIX Security Symposium (USENIX Security\u201922)","author":"Marcelli Andrea","year":"2022","unstructured":"Andrea Marcelli, Mariano Graziano, Xabier Ugarte-Pedrero, Yanick Fratantonio, Mohamad Mansouri, and Davide Balzarotti. 2022. How Machine Learning Is Solving the Binary Function Similarity Problem. In Proceedings of the 31st USENIX Security Symposium (USENIX Security\u201922)."},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/364995.365000"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884809"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2931037.2931047"},{"key":"e_1_2_1_45_1","volume-title":"Proceedings of the 26th USENIX Conference on Security Symposium (USENIX Security \u201917)","author":"Ming Jiang","year":"2017","unstructured":"Jiang Ming, Dongpeng Xu, Yufei Jiang, and Dinghao Wu. 2017. BinSim: Trace-based Semantic Binary Diffing via System Call Sliced Segment Equivalence Checking. In Proceedings of the 26th USENIX Conference on Security Symposium (USENIX Security \u201917)."},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF01840446"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.49"},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664269"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/3453483.3454035"},{"key":"e_1_2_1_50_1","volume-title":"Proceedings of the 27th USENIX Security Symposium (USENIX Security\u201918)","author":"Song Le","year":"2018","unstructured":"Le Song. 2018. Structure2Vec: Deep Learning for Security Analytics over Graphs. In Proceedings of the 27th USENIX Security Symposium (USENIX Security\u201918). Atlanta, GA."},{"key":"e_1_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2015.2454508"},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3569933"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534367"},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.5555\/3155562.3155606"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653696"},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134018"},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2017.49"},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3423342"},{"key":"e_1_2_1_59_1","volume-title":"Proceedings of the 32nd International Conference on Machine Learning (ICML\u201915)","author":"Zhu Xiaodan","year":"2015","unstructured":"Xiaodan Zhu, Parinaz Sobihani, and Hongyu Guo. 2015. Long Short-Term Memory Over Recursive Structures. In Proceedings of the 32nd International Conference on Machine Learning (ICML\u201915). 1604\u20131612."},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23492"}],"container-title":["Proceedings of the ACM on Software Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3729389","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T15:17:22Z","timestamp":1750346242000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3729389"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,19]]},"references-count":60,"journal-issue":{"issue":"FSE","published-print":{"date-parts":[[2025,6,19]]}},"alternative-id":["10.1145\/3729389"],"URL":"https:\/\/doi.org\/10.1145\/3729389","relation":{},"ISSN":["2994-970X"],"issn-type":[{"value":"2994-970X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,6,19]]}}}