BEST: An Assembler Structural Representation Tool Based on Flow Analysis

Author

Wang, Wei

Author_Institution

Inst. of Comput. Sci. & Technol., Peking Univ., Beijing, China

fYear

2010

fDate

24-26 Aug. 2010

Firstpage

1

Lastpage

4

Abstract

When mining security vulnerabilities in software, a structural intermediate representation of binary code should be obtained first. In this paper, we propose PANDA, a vulnerability-mining-oriented intermediate language and a series of algorithms for assembler understanding based on flow analysis. We implement a lightweight prototype system named BEST for assembler structural representation. The system uses control flow analysis and data flow analysis techniques to identify common control structures, analyze executive flow of a program, reconstruct expressions and functions, find data dependency, finally transform the assembler into a structured PANDA intermediate language program. Experiment results show that our system produces high quality intermediate language programs for further automatic security analysis.

Keywords

data flow analysis; data mining; program assemblers; program control structures; programming languages; security of data; software tools; BEST; PANDA; assembler structural representation tool; automatic security analysis; binary code; control flow analysis; control structure identification; data flow analysis; data mining; lightweight prototype system; vulnerability mining oriented intermediate language; Algorithm design and analysis; Assembly; Doped fiber amplifiers; Registers; Security; Software; Syntactics;

fLanguage

English

Publisher

ieee

Conference_Titel

Management and Service Science (MASS), 2010 International Conference on

Conference_Location

Wuhan

Print_ISBN

978-1-4244-5325-2

Electronic_ISBN

978-1-4244-5326-9

Type

conf

DOI

10.1109/ICMSS.2010.5575669

Filename

5575669