COMMSEC: Big Match – How I Learned to Stop Reversing and Love the Strings

Date

August 24, 2023

Time

17:30

Track

CommSec Track

We’ve all been there: after a month of reversing, you realize you are looking at open-source code. Why? Because you didn’t copy-paste the correct string into Google. So we asked ourselves: “can we not just grep all strings from GitHub and stop this nonsense?”

In this talk you’ll get a taste of Big Match – our library recognition engine, and how we discovered its secret ingredients: string hashing, repository embeddings, deduplication, and vector similarity – all featuring 0% machine learning!  I’ve been working on this since the end of 2020 but decided to wait before submitting it to conferences, and here it is!

If you’re a reverse engineer, you’re likely going to enjoy this talk!

Member

mhackeroni CTF Team

Paolo (aka Babush) is a security guy who likes strings, machine learning and reverse engineering. He is also a member of the Italian CTF team mhackeroni, who qualified multiple times at DEF CON CTF but never won. His past research efforts include MikroTik routers, NAVER Line, and Flex/Bison.