Aggregate structure identification and its application to program analysis
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Obfuscation of executable code to improve resistance to static disassembly
Proceedings of the 10th ACM conference on Computer and communications security
DART: directed automated random testing
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Intermediate-representation recovery from low-level code
Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
SYNERGY: a new algorithm for property checking
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
The Daikon system for dynamic detection of likely invariants
Science of Computer Programming
Wysinwyx: what you see is not what you execute
Wysinwyx: what you see is not what you execute
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
WYSINWYX: What You See Is Not What You eXecute
Verified Software: Theories, Tools, Experiments
Adding nesting structure to words
Journal of the ACM (JACM)
Symbolic Analysis via Semantic Reinterpretation
Proceedings of the 16th International SPIN Workshop on Model Checking Software
Compositional may-must program analysis: unleashing the power of alternation
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
WYSINWYX: What you see is not what you eXecute
ACM Transactions on Programming Languages and Systems (TOPLAS)
DIVINE: discovering variables in executables
VMCAI'07 Proceedings of the 8th international conference on Verification, model checking, and abstract interpretation
A system for generating static analyzers for machine instructions
CC'08/ETAPS'08 Proceedings of the Joint European Conferences on Theory and Practice of Software 17th international conference on Compiler construction
Analyzing stripped device-driver executables
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Recency-Abstraction for heap-allocated storage
SAS'06 Proceedings of the 13th international conference on Static Analysis
A next-generation platform for analyzing executables
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Analysis of modular arithmetic
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Directed proof generation for machine code
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Model checking x86 executables with codesurfer/x86 and WPDS++
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Extended weighted pushdown systems
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
The BINCOA framework for binary code analysis
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
Precise control flow reconstruction using boolean logic
EMSOFT '11 Proceedings of the ninth ACM international conference on Embedded software
Context-sensitive analysis without calling-context
Higher-Order and Symbolic Computation
TSL: A System for Generating Abstract Interpreters and its Application to Machine-Code Analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
Hi-index | 0.00 |
This paper discusses the obstacles that stand in the way of doing a good job of machine-code analysis Compared with analysis of source code, the challenge is to drop all assumptions about having certain kinds of information available (variables, control-flow graph, call-graph, etc.) and also to address new kinds of behaviors (arithmetic on addresses, jumps to “hidden” instructions starting at positions that are out of registration with the instruction boundaries of a given reading of an instruction stream, self-modifying code, etc.). The paper describes some of the challenges that arise when analyzing machine code, and what can be done about them It also provides a rationale for some of the design decisions made in the machine-code-analysis tools that we have built over the past few years.