Write a Blog >>
CC 2017
Sun 5 - Mon 6 February 2017 Austin, Texas, United States
Mon 6 Feb 2017 11:16 - 11:45 at 404 - Program Analysis Chair(s): Jose Nelson Amaral

Static binary analysis is a key tool to assess the security of third-party binaries and legacy programs. Most forms of binary analysis rely on the availability of two key pieces of information: the program's control-flow graph and function boundaries. However, current tools struggle to provide accurate and precise results, in particular when dealing with hand-written assembly functions and non-trivial control-flow transfer instructions, such as tail calls. In addition, most of the existing solutions are ad-hoc, rely on hand-coded heuristics, and are tied to a specific architecture.

In this paper we highlight the challenges faced by an architecture agnostic static binary analysis framework to provide accurate information about a program's CFG and function boundaries without employing debugging information or symbols. We propose a set of analyses to address predicate instructions, noreturn functions, tail calls, and context-dependent CFG.

rev.ng, our binary analysis framework based on QEMU and LLVM, handles all the 17 architectures supported by QEMU and produces a compilable LLVM IR. We implement our described analyses on top of LLVM IR. In an extensive evaluation, we test our tool on binaries compiled for MIPS, ARM, and x86-64 using GCC and clang and compare them to the industry's state of the art tool, IDA Pro, and two well-known academic tools, BAP/ByteWeight and angr. In all cases, the quality of the CFG and function boundaries produced by rev.ng is comparable to or improves over the alternatives.

Mon 6 Feb
Times are displayed in time zone: (GMT-06:00) Saskatchewan, Central America change

10:20 - 11:45: Research Papers - Program Analysis at 404
Chair(s): Jose Nelson AmaralUniversity of Alberta
CC-2017-papers10:20 - 10:48
Nouraldin JaberPurdue University, USA, Milind KulkarniPurdue University
CC-2017-papers10:48 - 11:16
Lian LiInstitute of Computing Technology at Chinese Academy of Sciences, China, Yi LuOracle, Jingling XueUNSW Australia
CC-2017-papers11:16 - 11:45
Alessandro Di FedericoPolitecnico di Milano, Italy, Mathias PayerPurdue University, Giovanni AgostaPolitecnico di Milano, Italy