Blogs (1) >>
ICSE 2019
Sat 25 - Fri 31 May 2019 Montreal, QC, Canada
Fri 31 May 2019 16:40 - 17:00 at St-Paul / Ste-Catherine - Reverse Engineering Chair(s): Sandeep Kuttal

Disassembling stripped binaries is a prominent challenge for binary analysis, due to the interleaving of code segments and data, and the difficulties of resolving control transfer targets of indirect calls and jumps. As a result, most existing disassemblers have both false positives (FP) and false negatives (FN). We observe that uncertainty is inevitable in disassembly due to the information loss during compilation and code generation. We therefore propose to model such uncertainty using probabilities and propose a novel disassembly technique, which computes a probability for each address in the code space, indicating its likelihood of being a true positive instruction. The probability is computed from a set features that are reachable to an address, including control flow and data flow features. Our experiments with more than two thousands binaries show that our technique does not have any FN and only 3.7% FP. In comparison, a state-of-the-art superset disassembly technique has 85% FP. A rewriter built on our disassembly can generate binaries that are only half of the size of those by superset disassembly and run 3% faster. While many widely-used disassemblers such as IDA and BAP suffer from missing function entries, our experiment also shows that even without any function entry information, our disassembler can still achieve 0 FN and 6.8% FP.

Fri 31 May
Times are displayed in time zone: Eastern Time (US & Canada) change

16:00 - 17:20: Reverse EngineeringPapers / Technical Track at St-Paul / Ste-Catherine
Chair(s): Sandeep KuttalThe University of Tulsa
16:00 - 16:20
Recovering Variable Names for Minified Code with Usage ContextsTechnical Track
Technical Track
Hieu TranThe University of Texas at Dallas, Ngoc Tran, Son NguyenThe University of Texas at Dallas, Hoan NguyenIowa State University, Tien N. NguyenUniversity of Texas at Dallas
16:20 - 16:40
Gigahorse: Thorough, Declarative Decompilation of Smart ContractsArtifacts AvailableArtifacts Evaluated ReusableTechnical Track
Technical Track
Neville GrechUniversity of Athens, Lexi BrentUniversity of Sydney, Bernhard ScholzUniversity of Sydney, Australia, Yannis SmaragdakisUniversity of Athens
16:40 - 17:00
Probabilistic DisassemblyArtifacts Evaluated ReusableTechnical Track
Technical Track
Kenneth MillerPurdue University, Yonghwi KwonUniversity of Virginia, Yi SunPurdue University, USA, Zhuo ZhangPurdue University, Xiangyu ZhangPurdue University, Zhiqiang LinThe Ohio State University
17:00 - 17:20
Discussion Period