Binary Code Analysis for Cybersecurity: A Systematic Review of Forensic Techniques in Vulnerability Detection and Anti-Evasion Strategies

Binary code analysis is essential in modern cybersecurity, examining compiled program outputs to identify vulnerabilities, detect malware, and ensure software security compliance. However, the field faces significant challenges due to the fragmented nature of existing research and the lack of unified analytical frameworks, which hinder comprehensive understanding and practical application. To address these gaps, we conducted a systematic review of binary code analysis techniques across six key areas, analyzing 236 research papers published between 2007 and 2025. This review provides: 1) a comprehensive overview of methods for binary code similarity; 2) a detailed examination of binary code fingerprinting techniques across various scenarios, from malware detection to digital forensics; 3) a systematic review of vulnerability analysis methods, including control flow graphs, taint analysis, and symbolic execution; 4) an assessment of clone detection strategies, such as text-based, token-based, structural, and behavioral approaches; 5) an in-depth study of authorship attribution techniques, with emphasis on malware attribution methods used in real-world cybersecurity cases; and 6) a thorough review of evasion and anti-analysis strategies, along with their countermeasures. In addition to highlighting the strengths and applications of these approaches, the study identifies limitations in current methods, including challenges in malware analysis, vulnerability analysis, and authorship attribution. Finally, it outlines future research directions, including the development of more robust analytical tools, enhancements to attribution models, and the creation of scalable solutions. Overall, this survey provides a foundation for advancing binary code analysis and fostering innovation to enhance software security and resilience by leveraging insights from previous research.