摘要: Executable binary code is the authoritative source of information about program content and behavior. The compile, link, optimize steps can cause a program's detailed execution behavior to differ substantially from its code. Binary analysis used provide structure, therefore foundation many applications, including modification[3,12,22,31], translation[5,29], matching[30], performance profiling[13,16,18], debugging, extraction parameters for modeling, computer security[7,8] forensics[23,26]. Ideally, should produce (instructions, basic blocks, functions, modules), structure (control data flow), structures (global stack variables). quality availability this affects applications that rely on analysis.
acm.org
sci-hub.st 参考文章(25)
Saumya Debray, Gregory Andrews, Matthew Legendre, Benjamin Schwarz, PLTO: A Link-Time Optimizer for the Intel IA-32 Architecture ,(2007)
Barton P. Miller, Somesh Jha, Jonathon T. Giffin, Efficient Context-Sensitive Intrusion Detection. network and distributed system security symposium. ,(2004)
J. Pierce, T. Mudge, IDtrace/spl minus/a tracing tool for i486 simulation modeling, analysis, and simulation on computer and telecommunication systems. pp. 419- 420 ,(1994) , 10.1109/MASCOT.1994.284381
Tzi-cker Chiueh, Manish Prasad, A Binary Rewriting Defense Against Stack based Buffer Overflow Attacks. usenix annual technical conference. pp. 211- 224 ,(2003)
Fredrik Valeur, Christopher Kruegel, Giovanni Vigna, William Robertson, Static disassembly of obfuscated binaries usenix security symposium. pp. 18- 18 ,(2004)
Barton P. Miller, Somesh Jha, Jonathon T. Giffin, Detecting Manipulated Remote Call Streams usenix security symposium. pp. 61- 79 ,(2002)
A.V. Mirgorodskiy, B.P. Miller, CrossWalk: A tool for performance profiling across the user-kernel boundary parallel computing. ,vol. 13, pp. 745- 752 ,(2004) , 10.1016/S0927-5452(04)80091-1
C. Cifuentes, M. Van Emmerik, N. Ramsey, The design of a resourceable and retargetable binary translator Sixth Working Conference on Reverse Engineering (Cat. No.PR00303). pp. 280- 291 ,(1999) , 10.1109/WCRE.1999.806967
C. Cifuentes, M. Van Emmerik, Recovery of jump table case statements from binary code workshop on program comprehension. pp. 192- 199 ,(1999) , 10.1109/WPC.1999.777758
Alec Wolman, Dennis Lee, Geoff Voelker, Wayne Wong, Brad Chen, Ted Romer, Hank Levy, Brian Bershad, Instrumentation and optimization of Win32/intel executables using Etch usenix windows nt workshop. pp. 1- 1 ,(1997)