Binary Code Analysis for Cybersecurity: A Systematic Review of Forensic Techniques in Vulnerability Detection and Anti-Evasion Strategies | Zendy

Haseeb Javed | Zendy; Farman Ali | Zendy; Babar Shah | Zendy; Daehan Kwak | Zendy

Open Access

Binary Code Analysis for Cybersecurity: A Systematic Review of Forensic Techniques in Vulnerability Detection and Anti-Evasion Strategies

Author(s) -

Haseeb Javed,

Farman Ali,

Babar Shah,

Daehan Kwak

Publication year - 2025

Publication title -

ieee access

Language(s) - English

Resource type - Magazines

SCImago Journal Rank - 0.587

H-Index - 127

eISSN - 2169-3536

DOI - 10.1109/access.2025.3610616

Subject(s) - aerospace , bioengineering , communication, networking and broadcast technologies , components, circuits, devices and systems , computing and processing , engineered materials, dielectrics and plasmas , engineering profession , fields, waves and electromagnetics , general topics for engineers , geoscience , nuclear engineering , photonics and electrooptics , power, energy and industry applications , robotics and control systems , signal processing and analysis , transportation

Binary code analysis is essential in modern cybersecurity by examining compiled program outputs to find vulnerabilities, detect malware, and ensure software security compliance. However, the field faces significant challenges due to the scattered nature of existing research and the lack of unified analytical frameworks, which hinder a comprehensive understanding and practical application. To address these gaps, we conducted a thorough systematic review of current binary code analysis techniques across six key areas, analyzing 239 research papers published between 2007 and 2025. Our work addresses significant gaps in current research by offering: (1) a comprehensive overview of methods for binary code similarity; (2) a detailed examination of binary code fingerprinting techniques across various scenarios, from malware detection to digital forensics; (3) a systematic review of vulnerability analysis methods, including control flow graphs, taint analysis, and symbolic execution; (4) an assessment of clone detection strategies, such as text-based, token-based, structural, and behavioral approaches; (5) an in-depth study of authorship attribution techniques, with emphasis on malware attribution methods used in real-world cybersecurity cases; and (6) a thorough review of evasion and anti-analysis strategies, along with their countermeasures. In addition to highlighting the strengths and applications of these approaches, the study also identifies limitations in current methods, such as challenges in malware analysis, vulnerability analysis, and authorship attribution. Finally, we discuss future research directions, including the development of more robust analytical tools, enhancements to attribution models, and the creation of scalable solutions. Overall, this survey provides a foundation for advancing binary code analysis and fostering innovation to enhance software security and resilience by leveraging insights from previous research.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research