Journal Article10.1145/2896499
Type Inference on Executables
Juan Caballero,Zhiqiang Lin +1 more
TL;DR: This article systematize the area of binary code type inference according to its most important dimensions: the applications that motivate its importance, the approaches used, the types that those approaches infer, the implementation of those approaches, and how the inference results are evaluated.
read more
Abstract: In many applications, source code and debugging symbols of a target program are not available, and the only thing that we can access is the program executable. A fundamental challenge with executables is that, during compilation, critical information such as variables and types is lost. Given that typed variables provide fundamental semantics of a program, for the last 16 years, a large amount of research has been carried out on binary code type inference, a challenging task that aims to infer typed variables from executables (also referred to as binary code). In this article, we systematize the area of binary code type inference according to its most important dimensions: the applications that motivate its importance, the approaches used, the types that those approaches infer, the implementation of those approaches, and how the inference results are evaluated. We also discuss limitations, underdeveloped problems and open challenges, and propose further applications.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
A Survey of Binary Code Similarity
Irfan Ul Haq,Juan Caballero +1 more
TL;DR: This article analyzes 70 binary code similarity approaches and analyzes them on four aspects: the applications they enable, their approach characteristics, how the approaches are implemented, and the benchmarks and methodologies used to evaluate them.
From Hack to Elaborate Technique—A Survey on Binary Rewriting
TL;DR: This survey gives detailed insight into the development and state-of-the-art in binary rewriting by reviewing 67 publications from 1966 to 2018 and establishes a thorough categorization of binary rewriting approaches with respect to their use-case, applied analysis technique, code-transformation method, and code generation techniques.
83
ICSREF: A Framework for Automated Reverse Engineering of Industrial Control Systems Binaries
TL;DR: ICSas discussed by the authors as discussed by the authors is a modular industrial control system reverse engineering framework for programmable logic controllers (ICS) compiled with CODESYS, a widely used software stack and compiler for PLCs.
ICSREF: A Framework for Automated Reverse Engineering of Industrial Control Systems Binaries.
Anastasis Keliris,Michail Maniatakos +1 more
- 01 Jan 2019
TL;DR: This work proposes a structured methodology that automates the reverse engineering process for ICS binaries taking into account their unique domain-specific characteristics, and develops the modular Industrial Control Systems Reverse Engineering Framework (ICSREF), and instantiate ICSREF modules for reversing binaries compiled with CODESYS.
55
StateFormer: fine-grained type recovery from binaries using generative state modeling
Kexin Pei,Jonas Guan,Matthew Broughton,Zhongtian Chen,Songchen Yao,David Williams-King,Vikas Ummadisetty,Junfeng Yang,Baishakhi Ray,Suman Jana +9 more
- 20 Aug 2021
TL;DR: Stateformer as discussed by the authors uses Generative State Modeling (GSM) to train a model to statically approximate execution effects of assembly instructions in both forward and backward directions, and then uses this knowledge of operational semantics to infer types.
51
References
Pin: building customized program analysis tools with dynamic instrumentation
Chi-Keung Luk,Robert Cohn,Robert Muth,Harish Patil,Artur Klauser,Geoff Lowney,Steven Wallace,Vijay Janapa Reddi,Kim Hazelwood +8 more
- 12 Jun 2005
TL;DR: The goals are to provide easy-to-use, portable, transparent, and efficient instrumentation, and to illustrate Pin's versatility, two Pintools in daily use to analyze production software are described.
Valgrind: a framework for heavyweight dynamic binary instrumentation
Nicholas Nethercote,Julian Seward +1 more
- 10 Jun 2007
TL;DR: Valgrind is described, a DBI framework designed for building heavyweight DBA tools that can be used to build more interesting, heavyweight tools that are difficult or impossible to build with other DBI frameworks such as Pin and DynamoRIO.
•Proceedings Article
QEMU, a fast and portable dynamic translator
Fabrice Bellard
- 10 Apr 2005
TL;DR: QEMU supports full system emulation in which a complete and unmodified operating system is run in a virtual machine and Linux user mode emulation where a Linux process compiled for one target CPU can be run on another CPU.
A theory of type polymorphism in programming
TL;DR: This work presents a formal type discipline for polymorphic procedures in the context of a simple programming language, and a compile time type-checking algorithm w which enforces the discipline.
2.6K
•Proceedings Article
A Virtual Machine Introspection Based Architecture for Intrusion Detection.
Tal Garfinkel,Mendel Rosenblum +1 more
- 01 Jan 2003
TL;DR: This paper presents an architecture that retains the visibility of a host-based IDS, but pulls the IDS outside of the host for greater attack resistance, achieved through the use of a virtual machine monitor.
Related Papers (5)
David Brumley,Ivan Jager,Thanassis Avgerinos,Edward J. Schwartz +3 more
- 14 Jul 2011
Gogul Balakrishnan,Thomas Reps +1 more
- 14 Jan 2007
Veselin Raychev,Martin Vechev,Andreas Krause +2 more
- 14 Jan 2015