Conventional techniques to verify signatures of binary executable files include sectional hash or checksum comparisons. These techniques are subject to false negatives because a change in a few lines of code may lead to different register allocations. Similarly, compiler optimization may lead to the shifting of various code blocks. Thus, in any kind of security technology which is signature-based, if a vendor updates a binary executable file, or if the binary is recompiled with different flags, the signature of the binary may no longer be effective. This is problematic for a security vendor who must continuously add or update more and more signatures to account for the variants. This also may be a frustrating experience for a user. For example, the user may set the security decisions for the application to authorize the application to communicate over the network. Each time the application receives a patch or update, the application signature may become invalid, thus forcing the user to reset the security decision. Because binaries change often, this may become cumbersome to the user. Thus, there is a need in the art for means to identify binaries at a higher level so that minor changes to the binary or a recompilation of the binary may be distinguished from a completely different application having the same file name or located in the same location.