TaiE: Function Identification for Monolithic FirmwareICPCICPC Full paper
The principal tasks of program analysis, including bug searching and code similarity detection, are executed at the function level. However, the accurate identification of functions within stripped binary files poses a significant challenge. This difficulty is exacerbated by unformatted monolithic firmware images typically found in industrial equipment, rendering existing methods ineffective due to their dependence on specific metadata, which may be absent.
In this paper, we propose a new function identification scheme and a tool that target on monolithic firmware, referred to as TaiE. Our scheme recognizes functions based on stack characteristics and does not rely on auxiliary information provided by the target file. We evaluate TaiE’s performance on synthetic and real-world targets comprising a total of 160 hardware platforms and 1,105 firmware images. The results show that TaiE outperforms the state-of-the-art tools.
Tue 16 AprDisplayed time zone: Lisbon change
16:00 - 17:30 | Code Analysis and Mining StudiesTool Demonstration / Research Track / at Sophia de Mello Breyner Andresen Chair(s): DongGyun Han Royal Holloway, University of London | ||
16:00 10mTalk | ASKDetector: An AST-Semantic and Key Features Fusion based Code Comment Mismatch DetectorICPCICPC Full paperVirtual-Talk Research Track Haiyang Yang School of Computer Science and Engineering, Central South University, hao chen , Zhirui Kuai School of Computer Science and Engineering, Central South University, Shuyuan Tu School of Computer Science and Engineering, Central South University, Li Kuang School of Computer Science and Engineering, Central South University | ||
16:10 10mTalk | TaiE: Function Identification for Monolithic FirmwareICPCICPC Full paper Research Track Jintao Huang Institute of Information Engineering, Chinese Academy of Science & University of Chinese Academy of Sciences, Beijing, China, Kai Yang School of Computer, Electronics and Information, Guangxi University, Gaosheng Wang Institute of Information Engineering, Chinese Academy of Sciences & University of Chinese Academy of Sciences, Beijing, China, Zhiqiang Shi Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences,, Shichao Lv Institute of Information Engineering, Chinese Academy of Science, Limin Sun Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences, | ||
16:20 10mTalk | Rationale Dataset and Analysis for the Commit Messages of the Linux Kernel Out-of-Memory KillerICPCICPC Full paper Research Track Mouna Dhaouadi University of Montreal, Bentley Oakes Polytechnique Montréal, Michalis Famelis Université de Montréal | ||
16:30 10mTalk | Lightweight Syntactic API Usage Analysis with UCovICPCICPC Full paper Research Track Gustave Monce Univ. Bordeaux, Bordeaux INP, CNRS, LaBRI, Thomas Couturou Univ. Bordeaux, Bordeaux INP, CNRS, LaBRI, Yasmine Hamdaoui Univ. Bordeaux, Bordeaux INP, CNRS, LaBRI, Thomas Degueule CNRS, Jean-Rémy Falleri Bordeaux INP Pre-print | ||
16:40 10mTalk | CAREER: Context-Aware API Recognition with Data Augmentation for API Knowledge ExtractionICPCICPC Full paperVirtual-Talk Research Track Zhang Zhang , Xinjun Mao National University of Defense Technology, Shangwen Wang National University of Defense Technology, Kang Yang National University of Defense Technology, Yao Lu National University of Defense Technology | ||
16:50 8mTalk | TerraMetrics: An Open Source Tool for Infrastructure-as-Code (IaC) Quality Metrics in TerraformICPCICPC Tools Tool Demonstration | ||
16:58 8mTalk | OpenGalaxy: An interactive exploration platform for a visualized GitHub Full Domain collaboration networkICPCICPC Tools Tool Demonstration Xinran Zhang , Shengyu Zhao Tongji University, Yenan Tang East China Normal University, Xiaoya Xia East China Normal University, will wang | ||
17:06 8mTalk | Hypercrx: A browser extension for insights into GitHub projects and developersICPCICPC Tools Tool Demonstration Yenan Tang East China Normal University, Shengyu Zhao Tongji University, Xiaoya Xia East China Normal University, Fenglin Bi East China Normal University, will wang | ||
17:14 16mTalk | Code Analysis and Mining Studies: Panel with SpeakersICPC Discussion | ||