Blogs (1) >>
ICSE 2019
Sat 25 - Fri 31 May 2019 Montreal, QC, Canada
Fri 31 May 2019 16:40 - 17:00 at St-Paul / Ste-Catherine - Reverse Engineering Chair(s): Sandeep Kuttal

Disassembling stripped binaries is a prominent challenge for binary analysis, due to the interleaving of code segments and data, and the difficulties of resolving control transfer targets of indirect calls and jumps. As a result, most existing disassemblers have both false positives (FP) and false negatives (FN). We observe that uncertainty is inevitable in disassembly due to the information loss during compilation and code generation. We therefore propose to model such uncertainty using probabilities and propose a novel disassembly technique, which computes a probability for each address in the code space, indicating its likelihood of being a true positive instruction. The probability is computed from a set features that are reachable to an address, including control flow and data flow features. Our experiments with more than two thousands binaries show that our technique does not have any FN and only 3.7% FP. In comparison, a state-of-the-art superset disassembly technique has 85% FP. A rewriter built on our disassembly can generate binaries that are only half of the size of those by superset disassembly and run 3% faster. While many widely-used disassemblers such as IDA and BAP suffer from missing function entries, our experiment also shows that even without any function entry information, our disassembler can still achieve 0 FN and 6.8% FP.

Fri 31 May

Displayed time zone: Eastern Time (US & Canada) change

16:00 - 17:20
Reverse EngineeringTechnical Track / Papers at St-Paul / Ste-Catherine
Chair(s): Sandeep Kuttal The University of Tulsa
16:00
20m
Talk
Recovering Variable Names for Minified Code with Usage ContextsTechnical Track
Technical Track
Hieu Tran The University of Texas at Dallas, Ngoc Tran , Son Nguyen The University of Texas at Dallas, Hoan Nguyen Iowa State University, Tien N. Nguyen University of Texas at Dallas
16:20
20m
Talk
Gigahorse: Thorough, Declarative Decompilation of Smart ContractsArtifacts AvailableArtifacts Evaluated ReusableTechnical Track
Technical Track
Neville Grech University of Athens, Lexi Brent University of Sydney, Bernhard Scholz University of Sydney, Australia, Yannis Smaragdakis University of Athens
16:40
20m
Talk
Probabilistic DisassemblyArtifacts Evaluated ReusableTechnical Track
Technical Track
Kenneth Miller Purdue University, Yonghwi Kwon University of Virginia, Yi Sun Purdue University, USA, Zhuo Zhang Purdue University, Xiangyu Zhang Purdue University, Zhiqiang Lin The Ohio State University
17:00
20m
Talk
Discussion Period
Papers