Recovering high-level control-flow structures is a crucial part of modern reverse engineering, especially in fields like binary and malware analysis. Here, analysts often use decompilers to convert functions of binary programs into a more human-readable C-like representation. Among these control-flow structures, switch statements have unique significance because of their ability to represent complex decision-making and branching behavior in a concise and readable manner. Consequently, the successful recovery of switch statements during decompilation can greatly enhance the readability of the resulting decompiler output, making it a highly desired goal in the field of reverse engineering.
In this paper, we present a new technique for identifying abstract syntax tree components that can be transformed into semantically equivalent switch constructs, thus improving code readability. In contrast to other approaches, our approach does not rely on jump tables that have or have not been emitted during compilation. Instead, we identify clusters of comparisons involving the same expression but with varying constant values within the abstract syntax tree to be transformed into switch constructs. Because this approach is inherently linked to the semantic definition of switch statements, it only generates meaningful switches by design.
We evaluated our approach on the coreutils-9.3 dataset and compared it to the leading decompilers Ghidra and Hex-Rays, both of which attempt to recover switch statements as well. Our evaluation results indicate that our approach outperforms both Ghidra and Hex-Rays by successfully recovering more than twice as many switch constructs in the given dataset.
Wed 10 SepDisplayed time zone: Auckland, Wellington change
10:30 - 12:00 | Session 2 - Quality Assurance 1Tool Demonstration Track / Research Papers Track / Industry Track / NIER Track / Journal First Track at Case Room 2 260-057 Chair(s): Coen De Roover Vrije Universiteit Brussel | ||
10:30 15m | A Jump-Table-Agnostic Switch Recovery on ASTs Research Papers Track | ||
10:45 15m | Quantization Is Not a Dealbreaker: Empirical Insights from Large Code Models Research Papers Track Saima Afrin William & Mary, Antonio Mastropaolo William and Mary, USA, Bowen Xu North Carolina State University Pre-print | ||
11:00 10m | AI-Powered Commit Explorer (APCE) Tool Demonstration Track Yousab Grees Belmont University, Polina Iaremchuk Belmont University, Ramtin Ehsani Drexel University, Esteban Parra Rodriguez Belmont University, Preetha Chatterjee Drexel University, USA, Sonia Haiduc Florida State University Pre-print | ||
11:10 10m | JDala - A Simple Capability System for Java Tool Demonstration Track Quinten Smit Victoria University of Wellington, Jens Dietrich Victoria University of Wellington, Michael Homer Victoria University of Wellington, Andrew Fawcet Victoria University of Wellington, James Noble Independent. Wellington, NZ | ||
11:20 10m | ExpertCache: GPU-Efficient MoE Inference through Reinforcement Learning-Guided Expert Selection NIER Track Xunzhu Tang University of Luxembourg, Tiezhu Sun University of Luxembourg, Yewei Song University of Luxembourg, SiYuanMa , Jacques Klein University of Luxembourg, Tegawendé F. Bissyandé University of Luxembourg | ||
11:30 15m | Efficient Detection of Intermittent Job Failures Using Few-Shot Learning Industry Track Henri Aïdasso École de technologie supérieure (ÉTS), Francis Bordeleau École de Technologie Supérieure (ETS), Ali Tizghadam TELUS Pre-print | ||
11:45 15m | LogOW: A Semi-Supervised Log Anomaly Detection Model in Open-World Setting Journal First Track Jingwei Ye Nankai University, Chunbo Liu Civil Aviation University of China, Zhaojun Gu Civil Aviation University of China, Zhikai Zhang Civil Aviation University of China, Xuying Meng The Institute of Computing Technology, Chinese Academy of Sciences, Weiyao Zhang The Institute of Computing Technology, Chinese Academy of Sciences, Yujun Zhang The Institute of Computing Technology, Chinese Academy of Sciences | ||