SemOpenAlex |

SemOpenAlex

Matches in SemOpenAlex for { <https://semopenalex.org/work/W141381105> ?p ?o ?g. }

Showing items 1 to 100 of ±182 with 100 items per page.

W141381105 abstract "Title of Dissertation: A COMPILER LEVEL INTERMEDIATE REPRESENTATION BASED BINARY ANALYSIS SYSTEM AND ITS APPLICATIONS Kapil Anand, Doctor of Philosophy, 2013 Dissertation directed by: Professor Rajeev Barua Department of Electrical and Computer Engineering Analyzing and optimizing programs from their executables has received a lot of attention recently in the research community. There has been a tremendous amount of activity in executable-level research targeting varied applications such as security vulnerability analysis, untrusted code analysis, malware analysis, program testing, and binary optimizations. The vision of this dissertation is to advance the field of static analysis of executables and bridge the gap between source-level analysis and executable analysis. The main thesis of this work is scalable static binary rewriting and analysis using compiler-level intermediate representation without relying on the presence of metadata information such as debug or symbolic information. In spite of a significant overlap in the overall goals of several source-code methods and executables-level techniques, several sophisticated transformations that are well-understood and implemented in source-level infrastructures have yet to become available in executable frameworks. It is a well known fact that a standalone executable without any meta data is less amenable to analysis than the source code. Nonetheless, we believe that one of the prime reasons behind the limitations of existing executable frameworks is that current executable frameworks define their own intermediate representations (IR) which are significantly more constrained than an IR used in a compiler. Intermediate representations used in existing binary frameworks lack high level features like abstract stack, variables, and symbols and are even machine dependent in some cases. This severely limits the application of wellunderstood compiler transformations to executables and necessitates new research to make them applicable. In the first part of this dissertation, we present techniques to convert the binaries to the same high-level intermediate representation that compilers use. We propose methods to segment the flat address space in an executable containing undifferentiated blocks of memory. We demonstrate the inadequacy of existing variable identification methods for their promotion to symbols and present our methods for symbol promotion. We also present methods to convert the physically addressed stack in an executable to an abstract stack. The proposed methods are practical since they do not employ symbolic, relocation, or debug information which are usually absent in deployed executables. We have integrated our techniques with a prototype x86 binary framework called SecondWrite that uses LLVM as the IR. The robustness of the framework is demonstrated by handling executables totaling more than a million lines of source-code, including several real world programs. In the next part of this work, we demonstrate that several well-known sourcelevel analysis frameworks such as symbolic analysis have limited effectiveness in the executable domain since executables typically lack higher-level semantics such as program variables. The IR should have a precise memory abstraction for an analysis to effectively reason about memory operations. Our first work of recovering a compiler-level representation addresses this limitation by recovering several higherlevel semantics information from executables. In the next part of this work, we propose methods to handle the scenarios when such semantics cannot be recovered. First, we propose a hybrid static-dynamic mechanism for recovering a precise and correct memory model in executables in presence of executable-specific artifacts such as indirect control transfers. Next, the enhanced memory model is employed to define a novel symbolic analysis framework for executables that can perform the same types of program analysis as source-level tools. Frameworks hitherto fail to simultaneously maintain the properties of correct representation and precise memory model and ignore memory-allocated variables while defining symbolic analysis mechanisms. We exemplify that our framework is robust, efficient and it significantly improves the performance of various traditional analyses like global value numbering, alias analysis and dependence analysis for executables. Finally, the underlying representation and analysis framework is employed for two separate applications. First, the framework is extended to define a novel static analysis framework, DemandFlow, for identifying information flow security violations in program executables. Unlike existing static vulnerability detection methods for executables, DemandFlow analyzes memory locations in addition to symbols, thus improving the precision of the analysis. DemandFlow proposes a novel demand-driven mechanism to identify and precisely analyze only those program locations and memory accesses which are relevant to a vulnerability, thus enhancing scalability. DemandFlow uncovers six previously undiscovered format string and directory traversal vulnerabilities in popular ftp and internet relay chat clients. Next, the framework is extended to implement a platform-specific optimization for embedded processors. Several embedded systems provide the facility of locking one or more lines in the cache. We devise the first method in literature that employs instruction cache locking as a mechanism for improving the average-case run-time of general embedded applications. We demonstrate that the optimal solution for instruction cache locking can be obtained in polynomial time. Since our scheme is implemented inside a binary framework, it successfully addresses the portability concern by enabling the implementation of cache locking at the time of deployment when all the details of the memory hierarchy are available. A COMPILER LEVEL INTERMEDIATE REPRESENTATION BASED BINARY ANALYSIS SYSTEM AND ITS APPLICATIONS" @default.
W141381105 created "2016-06-24" @default.
W141381105 creator A5080319339 @default.
W141381105 date "2013-01-01" @default.
W141381105 modified "2023-09-23" @default.
W141381105 title "A compiler level intermediate representation based binary analysis system and its applications" @default.
W141381105 cites W105131483 @default.
W141381105 cites W109951691 @default.
W141381105 cites W127238549 @default.
W141381105 cites W1489781149 @default.
W141381105 cites W1505465226 @default.
W141381105 cites W1510011212 @default.
W141381105 cites W1515180657 @default.
W141381105 cites W1524336136 @default.
W141381105 cites W1524877046 @default.
W141381105 cites W1536051636 @default.
W141381105 cites W1537374583 @default.
W141381105 cites W1537648157 @default.
W141381105 cites W1544225867 @default.
W141381105 cites W1555215938 @default.
W141381105 cites W1565113942 @default.
W141381105 cites W1568194905 @default.
W141381105 cites W1579850852 @default.
W141381105 cites W1582331515 @default.
W141381105 cites W1582456956 @default.
W141381105 cites W1583425800 @default.
W141381105 cites W1585630533 @default.
W141381105 cites W1600965014 @default.
W141381105 cites W1655226010 @default.
W141381105 cites W168640152 @default.
W141381105 cites W1710734607 @default.
W141381105 cites W17195072 @default.
W141381105 cites W1908449836 @default.
W141381105 cites W1947621832 @default.
W141381105 cites W1963971515 @default.
W141381105 cites W1967564401 @default.
W141381105 cites W1967995061 @default.
W141381105 cites W1972235549 @default.
W141381105 cites W1972429847 @default.
W141381105 cites W1977857710 @default.
W141381105 cites W1984303163 @default.
W141381105 cites W1990717911 @default.
W141381105 cites W1994372357 @default.
W141381105 cites W1994742583 @default.
W141381105 cites W1997385049 @default.
W141381105 cites W2004633100 @default.
W141381105 cites W2006471246 @default.
W141381105 cites W2007455965 @default.
W141381105 cites W2008875774 @default.
W141381105 cites W2010204191 @default.
W141381105 cites W2010452422 @default.
W141381105 cites W2017842497 @default.
W141381105 cites W2018636274 @default.
W141381105 cites W2022363576 @default.
W141381105 cites W2028806953 @default.
W141381105 cites W2029009124 @default.
W141381105 cites W2040183246 @default.
W141381105 cites W2040384644 @default.
W141381105 cites W2056608406 @default.
W141381105 cites W2059590831 @default.
W141381105 cites W2066905287 @default.
W141381105 cites W2078113878 @default.
W141381105 cites W2084974764 @default.
W141381105 cites W2085925880 @default.
W141381105 cites W2086672145 @default.
W141381105 cites W2089294198 @default.
W141381105 cites W2089745089 @default.
W141381105 cites W2097699872 @default.
W141381105 cites W2100184706 @default.
W141381105 cites W2101152030 @default.
W141381105 cites W2101310246 @default.
W141381105 cites W2101811680 @default.
W141381105 cites W2102683450 @default.
W141381105 cites W2102839400 @default.
W141381105 cites W2102970979 @default.
W141381105 cites W2105778948 @default.
W141381105 cites W2107558499 @default.
W141381105 cites W2107563064 @default.
W141381105 cites W2108149083 @default.
W141381105 cites W2111487235 @default.
W141381105 cites W2112481005 @default.
W141381105 cites W2113520225 @default.
W141381105 cites W2113864883 @default.
W141381105 cites W2117825191 @default.
W141381105 cites W2119251836 @default.
W141381105 cites W2122049982 @default.
W141381105 cites W2124153277 @default.
W141381105 cites W2125357166 @default.
W141381105 cites W2128345666 @default.
W141381105 cites W2128462419 @default.
W141381105 cites W2129482816 @default.
W141381105 cites W2132461047 @default.
W141381105 cites W2132661148 @default.
W141381105 cites W2132897303 @default.
W141381105 cites W2133189397 @default.
W141381105 cites W2133731789 @default.
W141381105 cites W2134633067 @default.
W141381105 cites W2135274583 @default.
W141381105 cites W2135974246 @default.
W141381105 cites W2137530017 @default.