Write a Blog >>
ISSTA 2020
Sat 18 - Wed 22 July 2020
Wed 22 Jul 2020 11:30 - 11:50 at Zoom - BINARY ANALYSIS Chair(s): Junaid Haroon Siddiqui

With the increasing popularity of embedded and mobile devices, ARM is becoming the dominant architecture in them. Accordingly, there is a pressing need to perform security assessments to these devices. Due to the fragmentation, it is an ongoing research question to dynamically run the systems of these devices (or the firmware) in an emulated environment. Mainly due to this, the static analysis approach is still a commonly used way. In particular, existing works usually leverage off-the-shelf disassembly tools to disassemble stripped (ARM) binaries, and assume that reliably disassembling them and identifying functions are solved problems. However, whether this assumption holds for real world ARM binaries is unknown.

In this paper, we conduct a comprehensive study on ARM disassembly tools. Specifically, we build 1,896 ARM binaries (including 248 obfuscated ones) with different compilers, compiling options, and obfuscation methods. Using these binaries, we then evaluate eight state-of-the-art ARM disassembly tools (including both commercial and noncommercial ones) on their capabilities to locate instruction and function boundaries. These two primitives are fundamental ones and could be leveraged to build other primitives. Based on our evaluation, we present observations that were not systematically summarized and/or confirmed previously. For instance, we find that the existence of both the ARM and the Thumb instruction sets, and the reuse of the BL instruction for both direct function call and direct branch bring serious challenges to disassembly tools. Our evaluation sheds light on the limitations of the state-of-the-art disassembly tools and points out potential directions to improve them. To engage the community, we will publicly release the compiled ARM binaries, the retrieved ground truth, and the result.

Wed 22 Jul

Displayed time zone: Tijuana, Baja California change

10:50 - 11:50
BINARY ANALYSISTechnical Papers at Zoom
Chair(s): Junaid Haroon Siddiqui

Public Live Stream/Recording. Registered participants should join via the Zoom link distributed in Slack.

10:50
20m
Talk
Patch Based Vulnerability Matching for Binary Programs
Technical Papers
Yifei Xu , Zhengzi Xu , Bihuan Chen Fudan University, Fu Song , Yang Liu Nanyang Technological University, Singapore, Ting Liu Xi'an Jiaotong University
DOI Media Attached
11:10
20m
Talk
Identifying Java Calls in Native Code via Binary ScanningArtifacts AvailableArtifacts Evaluated – Functional
Technical Papers
George Fourtounis University of Athens, Leonidas Triantafyllou University of Athens, Yannis Smaragdakis University of Athens, Greece
DOI Media Attached
11:30
20m
Talk
An Empirical Study on ARM Disassembly Tools
Technical Papers
Muhui Jiang , Yajin Zhou Zhejiang University, Xiapu Luo The Hong Kong Polytechnic University, Ruoyu Wang , Yang Liu Nanyang Technological University, Singapore, Kui Ren
DOI