An experimentation framework for evaluating disassembly and decompilation tools for C++ and java

The inherent differences between C++ and Javaprograms dictate that the methods used for reverseengineering their compiled executables will be language-specific. This paper looks at the history of decompilers,disassemblers, and obfuscators in C++ and Java andpresents the current state of the art for binary reverseengineering. An experimentation framework forevaluating tools is described, including methodology,benchmark programs, metrics, and reverse engineeringtasks. Preliminary results of experiments conducted sofar to assess the capability of a small select set of chosenpopular tools are given. These results reveal language-specific differences in the feasibility of the binary reverseengineering tasks on input programs with varying degreesof obfuscation (e.g., stripped vs. unstripped binaries). Inaddition, the results reveal the relative effort required tocomplete a task and an assessment of the value of thetools and techniques.

[1]  Cristina Cifuentes An environment for the reverse engineering of executable programs , 1995, Proceedings 1995 Asia Pacific Software Engineering Conference.

[2]  Cristina Cifuentes Partial automation of an integrated reverse engineering environment of binary code , 1996, Proceedings of WCRE '96: 4rd Working Conference on Reverse Engineering.

[3]  Alexander E. Quilici,et al.  Proceedings on the 5th working conference on reverse engineering , 1998 .

[4]  Cristina Cifuentes,et al.  Analysis of virtual method invocation for binary translation , 2002, Ninth Working Conference on Reverse Engineering, 2002. Proceedings..

[5]  I. Guilfanov,et al.  Simple type system for program reengineering , 2001, Proceedings Eighth Working Conference on Reverse Engineering.

[6]  Cristina Cifuentes,et al.  Decompilation of binary programs , 1995, Softw. Pract. Exp..

[7]  Cristina Cifuentes,et al.  Computer security analysis through decompilation and high-level debugging , 2001, Proceedings Eighth Working Conference on Reverse Engineering.

[8]  Susan Elliott Sim,et al.  A structured demonstration of program comprehension tools , 2000, Proceedings Seventh Working Conference on Reverse Engineering.

[9]  Watts S. Humphrey,et al.  A discipline for software engineering , 2012, Series in software engineering.

[10]  Cristina Cifuentes,et al.  Machine-adaptable dynamic binary translation , 2000 .

[11]  Cristina Cifuentes,et al.  Optimising hot paths in a dynamic binary translator , 2001, CARN.

[12]  Doug Simon,et al.  Procedure abstraction recovery from binary code , 2000, Proceedings of the Fourth European Conference on Software Maintenance and Reengineering.

[13]  M. H. Halstead A Quantitative Connection Between Computer Programs And Technical Prose , 1977 .

[14]  Norman Ramsey,et al.  Experience in the design, implementation and use of a retargetable static binary translation framework , 2002 .

[15]  Gregory R. Andrews,et al.  Disassembly of executable code revisited , 2002, Ninth Working Conference on Reverse Engineering, 2002. Proceedings..

[16]  Mike Van,et al.  UQBT: Adaptable Binary Translation at Low Cost , 2000 .

[17]  R Fisher,et al.  Design of Experiments , 1936 .

[18]  Cristina Cifuentes,et al.  Recovery of jump table case statements from binary code , 2001, Sci. Comput. Program..

[19]  Norman Ramsey,et al.  Specifying representations of machine instructions , 1997, TOPL.

[20]  Richard L. Sites,et al.  Binary translation , 1993, CACM.

[21]  Susan Elliott Sim,et al.  On using a benchmark to evaluate C++ extractors , 2002, Proceedings 10th International Workshop on Program Comprehension.

[22]  Alan Mycroft,et al.  Comparing type-based and proof-directed decompilation , 2001, Proceedings Eighth Working Conference on Reverse Engineering.