stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
9b58589ba01342d5df7ab3bbfd7370cc970cdd21
git.stella-ops.org/docs/features/unchecked/scanner/binary-intelligence-engine.md

36 lines
2.4 KiB
Markdown
Raw Blame History

# Binary Intelligence Engine (Function-Level Code Fingerprinting)
## Module
Scanner
## Status
IMPLEMENTED
## Description
Function-level binary code fingerprinting with symbol recovery for stripped binaries, vulnerable function matching against a fingerprint corpus, and source-to-binary correlation. Extends existing binary fingerprint capabilities with intelligence-grade analysis for entrypoint-scoped binary reachability.
## Implementation Details
- **Core Analyzer**:
- `src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Binary/BinaryIntelligenceAnalyzer.cs` - Main analyzer for function-level binary code fingerprinting
- **Symbol Recovery**:
- `src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Binary/ISymbolRecovery.cs` - Interface for recovering symbols from stripped binaries
- **Fingerprint Index**:
- `src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Binary/IFingerprintIndex.cs` - Interface for fingerprint corpus lookup
- **Vulnerable Function Matching**:
- `src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Binary/VulnerableFunctionMatcher.cs` - Matches binary functions against known vulnerable function fingerprints
- **Analysis Results**:
- `src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Binary/BinaryAnalysisResult.cs` - Result models for binary intelligence analysis
- **Risk Scoring**:
- `src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Risk/IRiskScorer.cs` - Risk scorer integrating binary intelligence into entrypoint risk assessment
- **Worker Integration**:
- `src/Scanner/StellaOps.Scanner.Worker/Processing/EntryTraceExecutionService.cs` - Executes entry trace analysis including binary intelligence during scan
- `src/Scanner/StellaOps.Scanner.Worker/Processing/IEntryTraceExecutionService.cs` - Interface for entry trace execution
## E2E Test Plan
- [ ] Scan a container image containing stripped ELF binaries and verify symbol recovery identifies function boundaries
- [ ] Verify fingerprint matching identifies known library functions in the binary via the `IFingerprintIndex`
- [ ] Scan an image with a binary containing a known vulnerable function and verify `VulnerableFunctionMatcher` flags it
- [ ] Verify binary intelligence results include source-to-binary correlation where debug info is available
- [ ] Verify binary analysis results appear in the entry trace response via `GET /api/v1/scans/{scanId}/entry-trace`
- [ ] Verify binary-level reachability findings contribute to the overall risk score
Reference in New Issue View Git Blame Copy Permalink