Improved Memory-Access Analysis for x86 Executables

CodeSurfer/x86-A Platform for Analyzing x86 Executables

CodeSurfer/x86 is a prototype system for analyzing x86 executables. It uses a static-analysis algorithm called value-set analysis (VSA) to recover intermediate representations that are similar to those that a compiler creates for a program written in a high-level language. A major challenge in building an analysis tool for executables is in providing useful information about operations involvin...

Analyzing Memory Accesses in x86 Binary Executables

Analyzing Memory Accesses in x86 Executables

This paper concerns static-analysis algorithms for analyzing x86 executables. The aim of the work is to recover intermediate representations that are similar to those that can be created for a program written in a high-level language. Our goal is to perform this task for programs such as plugins, mobile code, worms, and virus-infected code. For such programs, symbol-table and debugging informat...

Analyzing Stripped Device-Driver Executables

This paper sketches the design and implementation of DeviceDriver Analyzer for x86 (DDA/x86), a prototype analysis tool for finding bugs in stripped Windows device-driver executables (i.e., when neither source code nor symbol-table/debugging information is available), and presents a case study. DDA/x86 was able to find known bugs (previously discovered by source-code-based analysis tools) along...

A compiler level intermediate representation based binary analysis system and its applications

Title of Dissertation: A COMPILER LEVEL INTERMEDIATE REPRESENTATION BASED BINARY ANALYSIS SYSTEM AND ITS APPLICATIONS Kapil Anand, Doctor of Philosophy, 2013 Dissertation directed by: Professor Rajeev Barua Department of Electrical and Computer Engineering Analyzing and optimizing programs from their executables has received a lot of attention recently in the research community. There has been ...