Attack diagnosis on binary executables using dynamic program slicing

Nowadays, the level of the practically used programs is often complex and of such a large scale so that it is not as easy to analyze and debug them as one might expect. And it is quite difficult to diagnose attacks and find vulnerabilities in such large-scale programs. Thus, dynamic program slicing becomes a popular and effective method for program comprehension and debugging since it can reduce the analysis scope greatly and drop useless data that do not influence the final result. Besides, most of existing dynamic slicing tools perform dynamic slicing in the source code level, but the source code is not easy to obtain in practice. We believe that we do need some kinds of systems to help the users understand binary programs. In this paper, we present an approach of diagnosing attacks using dynamic backward program slicing based on binary executables, and provide a dynamic binary slicing tool named DBS to analyze binary executables precisely and efficiently. It computes the set of instructions that may have affected or been affected by slicing criterion set in certain location of the binary execution stream. This tool also can organize the slicing results by function call graphs and control flow graphs clearly and hierarchically.

[1]  Shinji Kusumoto,et al.  Call-mark slicing: an efficient and economical way of reducing slice , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[2]  Eugene H. Spafford,et al.  Debugging with dynamic slicing and backtracking , 1993, Softw. Pract. Exp..

[3]  Janusz W. Laski,et al.  Dynamic Program Slicing , 1988, Inf. Process. Lett..

[4]  Sorin Lerner,et al.  ESP: path-sensitive program verification in polynomial time , 2002, PLDI '02.

[5]  Manu Sridharan,et al.  PSE: explaining program failures via postmortem static analysis , 2004, SIGSOFT '04/FSE-12.

[6]  Bogdan Korel,et al.  Application of Dynamic Slicing in Program Debugging , 1997, AADEBUG.

[7]  Atanas Rountev,et al.  Off-line variable substitution for scaling points-to analysis , 2000, PLDI '00.

[8]  Markus Mock,et al.  Improving program slicing with dynamic points-to data , 2002, SIGSOFT '02/FSE-10.