Procedure Abstraction Recovery from Binary Code
CSMR '00 Proceedings of the Conference on Software Maintenance and Reengineering
Using a Decompiler for Real-World Source Recovery
WCRE '04 Proceedings of the 11th Working Conference on Reverse Engineering
Pin: building customized program analysis tools with dynamic instrumentation
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
BIRD: Binary Interpretation using Runtime Disassembly
Proceedings of the International Symposium on Code Generation and Optimization
ATOM: a flexible interface for building high performance program analysis tools
TCON'95 Proceedings of the USENIX 1995 Technical Conference Proceedings
Parameter and Return-value Analysis of Binary Executables
COMPSAC '07 Proceedings of the 31st Annual International Computer Software and Applications Conference - Volume 01
Automatic reconstruction of data types in the decompilation problem
Programming and Computing Software
DIVINE: discovering variables in executables
VMCAI'07 Proceedings of the 8th international conference on Verification, model checking, and abstract interpretation
Reconstruction of Composite Types for Decompilation
SCAM '10 Proceedings of the 2010 10th IEEE Working Conference on Source Code Analysis and Manipulation
A compiler-level intermediate representation based binary analysis and rewriting system
Proceedings of the 8th ACM European Conference on Computer Systems
A platform for secure static binary instrumentation
Proceedings of the 10th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Hi-index | 0.00 |
We present scalable static analyses to recover variables, data types, and function prototypes from stripped x86 executables (without symbol or debug information) and obtain a functional intermediate representation (IR) for analysis and rewriting purposes. Our techniques on average run 352X faster than current techniques and still have the same precision. This enables analyzing executables as large as millions of instructions in minutes which is not possible using existing techniques. Our techniques can recover variables allocated to the floating point stack unlike current techniques. We have integrated our techniques to obtain a compiler level IR that works correctly if recompiled and produces the same output as the input executable. We demonstrate scalability, precision and correctness of our proposed techniques by evaluating them on the complete SPEC2006 benchmarks suite.