Shingled Graph Disassembly: Finding the Undecideable Path
作者: Richard Wartell , Yan Zhou , Kevin W. Hamlen , Murat Kantarcioglu
DOI: 10.1007/978-3-319-06608-0_23
关键词: Probabilistic logic 、 Graph (abstract data type) 、 Reverse engineering 、 Operand 、 Machine learning 、 Opcode 、 Finite-state machine 、 Undecidable problem 、 Machine code 、 Artificial intelligence 、 Computer science 、 Theoretical computer science
摘要: A probabilistic finite state machine approach to statically disassembling x86 language programs is presented and evaluated. Static disassembly a crucial prerequisite for software reverse engineering, has many applications in computer security binary analysis. The general problem provably undecidable because of the heavy use unaligned instruction encodings dynamically computed control flows architecture. Limited work learning data mining been undertaken on this subject. This paper shows that semantic meanings opcode sequences can be leveraged infer similarities between groups operand sequences. empowers learn statistically significant training corpus disassemblies. demonstrate statistical significance opcodes operands surrounding context, facilitating more accurate new binaries. Empirical results algorithm efficient effective than comparable approaches used by state-of-the-art tools.
springer.com
utdallas.edu 
sci-hub.st 参考文章(10)
Richard Wartell, Yan Zhou, Kevin W. Hamlen, Murat Kantarcioglu, Bhavani Thuraisingham, Differentiating Code from Data in x86 Binaries Machine Learning and Knowledge Discovery in Databases. pp. 522- 536 ,(2011) , 10.1007/978-3-642-23808-6_34
Johannes Kinder, Helmut Veith, Jakstab: A Static Analysis Platform for Binaries computer aided verification. pp. 423- 427 ,(2008) , 10.1007/978-3-540-70545-1_40
Johannes Kinder, Florian Zuleger, Helmut Veith, An Abstract Interpretation-Based Framework for Control Flow Reconstruction from Binaries Lecture Notes in Computer Science. pp. 214- 228 ,(2008) , 10.1007/978-3-540-93900-9_19
Chris Eagle, The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler ,(2008)
Tarek Abudawood, Peter Flach, Evaluation Measures for Multi-class Subgroup Discovery european conference on machine learning. pp. 35- 50 ,(2009) , 10.1007/978-3-642-04180-8_20
B. Schwarz, S. Debray, G. Andrews, Disassembly of executable code revisited working conference on reverse engineering. pp. 45- 54 ,(2002) , 10.1109/WCRE.2002.1173063
Johannes Kinder, Helmut Veith, Precise static analysis of untrusted driver binaries formal methods in computer-aided design. pp. 43- 50 ,(2010) , 10.5555/1998496.1998509
E. Vidal, F. Thollard, C. de la Higuera, F. Casacuberta, R.C. Carrasco, Probabilistic finite-state machines - part II IEEE Transactions on Pattern Analysis and Machine Intelligence. ,vol. 27, pp. 1013- 1025 ,(2005) , 10.1109/TPAMI.2005.147
Nithya Krishnamoorthy, Saumya Debray, Keith Fligg, Static Detection of Disassembly Errors working conference on reverse engineering. pp. 259- 268 ,(2009) , 10.1109/WCRE.2009.16
Pau Klein, San Francisco, California Blog de viajes · Pasaporteblog. ,(2007)