Title :
BEST: An Assembler Structural Representation Tool Based on Flow Analysis
Author_Institution :
Inst. of Comput. Sci. & Technol., Peking Univ., Beijing, China
Abstract :
When mining security vulnerabilities in software, a structural intermediate representation of binary code should be obtained first. In this paper, we propose PANDA, a vulnerability-mining-oriented intermediate language and a series of algorithms for assembler understanding based on flow analysis. We implement a lightweight prototype system named BEST for assembler structural representation. The system uses control flow analysis and data flow analysis techniques to identify common control structures, analyze executive flow of a program, reconstruct expressions and functions, find data dependency, finally transform the assembler into a structured PANDA intermediate language program. Experiment results show that our system produces high quality intermediate language programs for further automatic security analysis.
Keywords :
data flow analysis; data mining; program assemblers; program control structures; programming languages; security of data; software tools; BEST; PANDA; assembler structural representation tool; automatic security analysis; binary code; control flow analysis; control structure identification; data flow analysis; data mining; lightweight prototype system; vulnerability mining oriented intermediate language; Algorithm design and analysis; Assembly; Doped fiber amplifiers; Registers; Security; Software; Syntactics;
Conference_Titel :
Management and Service Science (MASS), 2010 International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-5325-2
Electronic_ISBN :
978-1-4244-5326-9
DOI :
10.1109/ICMSS.2010.5575669
