The present disclosure provides a method and system for identifying an open-source software package from a binary file for which an open-source license is to be checked. The method includes: accessing an open-source database generated to include a plurality of reference binary files and a plurality of reference open-source software packages having a plurality of reference open-source files, based on a plurality of first hash values extracted from the plurality of reference binary files generated from the plurality of reference open-source files; receiving the target binary file; extracting a plurality of second hash values including at least two general hash values from the target binary file; extracting at least two first hash values corresponding to the plurality of second hash values among the plurality of first hash values; and identifying a reference open-source software package corresponding to the at least two first hash values based on the open-source database.