 |
Conference papers
Recovering high-level conditions from binary programs
Abstract : The need to get confidence in binary programs without access to their source code has pushed efforts forward to directly analyze executable programs. However, low-level programs lack high-level structures (such as types, control-flow graph, etc.), preventing the straightforward application of source-code analysis techniques. Especially, conditional jumps rely on low-level flag predicates, whereas they often encode high-level “natural” conditions on program variables. Most static analyzers are unable to infer any interesting information from these low-level conditions, leading to serious precision loss compared with source-level analysis. In this paper, we propose template-based recovery, an automatic approach for retrieving high-level predicates from their low-level flag versions. Especially, the technique is sound, efficient, platform-independent and it achieves very high ratio of recovery. This method allows more precise analyses and helps to understand machine encoding of conditionals rather than relying on error-prone human interpretation or (syntactic) pattern-based reasoning.
https://hal-cea.archives-ouvertes.fr/cea-01834972
Contributor : Léna Le Roy Connect in order to contact the contributor
Submitted on : Wednesday, July 11, 2018 - 10:02:03 AM
Last modification on : Friday, June 25, 2021 - 9:52:03 AM
Contributor : Léna Le Roy Connect in order to contact the contributor
Submitted on : Wednesday, July 11, 2018 - 10:02:03 AM
Last modification on : Friday, June 25, 2021 - 9:52:03 AM