Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Tags:

Preview:

Click to see full reader

Citation preview

Reassembleable Disassembly

Shuai Wang, Pei Wang, Dinghao Wu

Presented by Chuong Ngo

What’s in Your Dependency?

http://youtube.com/v/xpht2R_0cEg

What’s in Your Dependency?

http://youtube.com/v/3olXUbS-prU

What’s in Your Dependency?

http://youtube.com/v/QJ4t1qP4xvw

Identifying Bugs, Flaws, and Exploits

Study the specifications/papers detailing the techniques and algorithms.

Penetration test the implementation.

Study the implementation.

Get lucky.

Identifying Bugs, Flaws, and Exploits

Study the specifications/papers detailing the techniques and algorithms.

Penetration test the implementation.

Study the implementation.

Get lucky.

Identifying Bugs, Flaws, and Exploits

Study the specifications/papers detailing the techniques and algorithms.

Penetration test the implementation.

Study the implementation.

Get lucky.

But what if you don’t have the source code?

Back to the Source

Review of Compilation Process

Stripped Binary

Disassemblers

IDA Pro-best commercial

EXE to assembly to C.

Not reassembleable.

MC-Semantics

Object to binary only

Reassembleable

Lower performance

Binary Rewriting Tools

Specific compiler or non-stripped binary.

Re-compiled binary bloat.

Large execution overhead.

Not reassembleable.

Code Relocatability is Key to Reassembility

Problem of Relocatability - Data or Reference?

Problem of Relocatability - Data or Reference?

Disassembler needs to symbolize references

Types of Symbol References

Methodology

Simple filter for c2X.4/8 byte aligned.d2d irrelevant.Find jump tables.

Enter Oroboros

Architecture of Uroboros

Architecture of Uroboros

Architecture of Uroboros

Oroboros Evaluation

Evaluation Corpora

Evaluation Corpora

224 total

A1: Coreutils (103)

A2: Real (7)

A3: SPEC2006 C

32-bit Binary Accuracies

64-bit Binary Accuracies

32-bit Binary Execution Overhead

32-bit Binary Processing Times

Summary

Reassembeable disassembly needed

Symbolization solves code relocatability

Uroboros comprised of Disassembly and Analysis module

Compiler independent

No C++ support

Questions

Why did the authors choose to report false positives and false negatives?

Was reporting on the first and last 10 programs, arranged alphabetically, a good idea?

What could explain the outliers in the reported processing times and execution overhead?

Recommended

Ping Shuai
Documents
STAGES SHUAI JIAO WUSHU JIN BAOSHENGddata.over-blog.com/xxxyyy/2/54/95/88/STAGES-SHUAI-JIAO...Microsoft Word - STAGES SHUAI JIAO WUSHU JIN BAOSHENG.docx Author Hadrien Lesueur Created
Documents
fileTitle: BML: A High-performance, Low-cost Gradient Synchronization Algorithm for DML Training Author: Songtao Wang, Dan Li, Yang Cheng, Jinkun Geng,Yanshu Wang, Shuai Wang, Shutao
Documents
D Z C V Desheng Zhangdz220/DeshengZhangCV102020.pdf · [C05] Guang Wang*, Shuxin Zhong, Shuai Wang, Fei Miao, Zheng Dong, Desheng Zhang Data-Driven Fairness-Aware Vehicle Displacement
Documents
High Mobility, Printable, and Solution-Processed Graphene ... files/E-publications... · High Mobility, Printable, and Solution-Processed Graphene Electronics Shuai Wang,†, |Priscilla
Documents
1 st Oct 2013 1 CorLayer: A Transparent Link Correlation Layer for Energy Efficient Broadcast Shuai Wang, Song Min Kim, Yunhuai Liu, Guang Tan, and Tian
Documents
PDF - arxiv.org · Free Side-channel Cross-technology Communication in Wireless Networks Song Min Kim, Shigemi Ishida, Shuai Wang, and Tian He
Documents
LOOP: Logic-Oriented Opaque Predicate Detection in ...LOOP: Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code Jiang Ming, Dongpeng Xu, Li Wang, and Dinghao Wu College
Documents
Yun-Chung Yang TRB: Tag Replication Buffer for Enhancing the Reliability of the Cache Tag Array Shuai Wang; Jie Hu; Ziavras S.G; Dept. of Electr. & Comput
Documents
A novel solidification technology for heavy metals in ... · A novel solidification technology for heavy metals in electrolytic manganese residue Zhong Hong*, Li Changxin, Wang Shuai,
Documents
Abstract - 北海道大学 · Abstract Shuai Wang Candidate for the degree of Philosophy Doctor (PhD) Supervisor: Naoyuki Hashimoto Division of Materials Science, Graduate School
Documents
Academic Advice - Nanjing University · 2016-05-10 · Academic Advice by Shuai Wang Department of Computer Science and Technology Nanjing University. Outline Paper Writing Presentation
Documents
CURRICULUM VITAE Dinghao Wu - Faculty · CURRICULUM VITAE Dinghao Wu Contact Information ... Shuai Wang, The College of IST ... The 5th Annual Hot Topics in the Science of Security
Documents
Anomalous α-Mg Dendrite Growth During …Communication Anomalous a-Mg Dendrite Growth During Directional Solidification of a Mg-Zn Alloy SANSAN SHUAI, ENYU GUO, MINGYUE WANG, MARK
Documents
STAGES SHUAI JIAO WUSHU JIN BAOSHENG - … DE SHUAI JIAO WUSHU JIN BAOSHENG LUTTE CHINOISE de PEKIN EVENEMENT EXCEPTIONNEL Le grand maître Wang Wenyong sera en France à partir du
Documents
, Huihui Ye , Sean Gerrin , Hongyun Wang , Ankur Sharma ... · 1 ErbB2 Signaling Increases Androgen Receptor Expression in Abiraterone-Resistant Prostate Cancer Shuai Gao1,2, Huihui
Documents
Computer Architecture Spring 2016 - Nanjing University · 2016-03-15 · Computer Architecture Spring 2016 Shuai Wang Department of Computer Science and Technology Nanjing University
Documents
STRAWBERRIES SHAO SHUAI WANG MIAN XIE JUN YANG XIAOGE ZHANG RUIQI
Documents
Xiaoyaoshuai-2000 by Shou-Yu Liang Shuai Jiao-Shuai Ch
Documents
Technologies of Food Production and Processing: Invention in the domestic arena By: Miriyah Velez Yu Jun Wang Shuai Liu Veronica Navarette Tatiana Guerrero
Documents