论文信息 - Function boundary detection in stripped binaries

Function boundary detection in stripped binaries

Automated cyber defense tools require the ability to analyze binary applications, detect vulnerabilities and automatically patch those vulnerabilities. The insertion of security mechanisms that operate at function boundaries (e.g, control flow mitigation, stack guards) require automated detection of those boundaries. This paper introduces a publicly available function boundary detection tool for 32 and 64-bit Intel binaries running under Linux, that is more accurate than other reported approaches.

Jim Alves-Foss | Jia Song | J. Alves-Foss | Jia Song

[1] David Brumley,et al. The Mayhem Cyber Reasoning System , 2018, IEEE Security & Privacy.

[2] Herbert Bos,et al. Compiler-Agnostic Function Detection in Binaries , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[3] Giovanni Agosta,et al. rev.ng: a unified binary analysis framework to recover CFGs and function boundaries , 2017, CC.

[4] David Brumley,et al. BAP: A Binary Analysis Platform , 2011, CAV.

[5] David Brumley,et al. BYTEWEIGHT: Learning to Recognize Functions in Binary Code , 2014, USENIX Security Symposium.

[6] Mingwei Zhang,et al. Control Flow Integrity for COTS Binaries , 2013, USENIX Security Symposium.

[7] Mihai Budiu,et al. Control-flow integrity principles, implementations, and applications , 2009, TSEC.

[8] Dawn Xiaodong Song,et al. Recognizing Functions in Binaries with Neural Networks , 2015, USENIX Security Symposium.

[9] Jim Alves-Foss,et al. The DARPA Cyber Grand Challenge: A Competitor's Perspective, Part 2 , 2015, IEEE Security & Privacy.

[10] Barton P. Miller,et al. Learning to Analyze Binary Computer Code , 2008, AAAI.