Recovering high-level conditions from binary programs

Adel Djoudi; Sébastien Bardin; Éric Goubault

doi:10.1007/978-3-319-48989-6_15

Recovering high-level conditions from binary programs

Adel Djoudi
, Sébastien Bardin
, Éric Goubault

Université Paris-Saclay

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

The need to get confidence in binary programs without access to their source code has pushed efforts forward to directly analyze executable programs. However, low-level programs lack high-level structures (such as types, control-flow graph, etc.), preventing the straightforward application of source-code analysis techniques. Especially, conditional jumps rely on low-level flag predicates, whereas they often encode high-level “natural” conditions on program variables. Most static analyzers are unable to infer any interesting information from these low-level conditions, leading to serious precision loss compared with source-level analysis. In this paper, we propose template-based recovery, an automatic approach for retrieving high-level predicates from their low-level flag versions. Especially, the technique is sound, efficient, platform-independent and it achieves very high ratio of recovery. This method allows more precise analyses and helps to understand machine encoding of conditionals rather than relying on error-prone human interpretation or (syntactic) pattern-based reasoning.

Original language	English
Title of host publication	FM 2016
Subtitle of host publication	Formal Methods - 21st International Symposium, Proceedings
Editors	Constance Heitmeyer, Anna Philippou, Stefania Gnesi, John Fitzgerald
Publisher	Springer Verlag
Pages	235-253
Number of pages	19
ISBN (Print)	9783319489889
DOIs	https://doi.org/10.1007/978-3-319-48989-6_15
Publication status	Published - 1 Jan 2016
Externally published	Yes
Event	21st International Symposium on Formal Methods, FM 2016 - Limassol, Cyprus Duration: 9 Nov 2016 → 11 Nov 2016

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	9995 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	21st International Symposium on Formal Methods, FM 2016
Country/Territory	Cyprus
City	Limassol
Period	9/11/16 → 11/11/16

Access to Document

10.1007/978-3-319-48989-6_15

Cite this

Djoudi, A., Bardin, S., & Goubault, É. (2016). Recovering high-level conditions from binary programs. In C. Heitmeyer, A. Philippou, S. Gnesi, & J. Fitzgerald (Eds.), FM 2016: Formal Methods - 21st International Symposium, Proceedings (pp. 235-253). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9995 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-48989-6_15

Djoudi, Adel ; Bardin, Sébastien ; Goubault, Éric. / Recovering high-level conditions from binary programs. FM 2016: Formal Methods - 21st International Symposium, Proceedings. editor / Constance Heitmeyer ; Anna Philippou ; Stefania Gnesi ; John Fitzgerald. Springer Verlag, 2016. pp. 235-253 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{72b81b6102e34e98bd5a0d8f444bb883,

title = "Recovering high-level conditions from binary programs",

abstract = "The need to get confidence in binary programs without access to their source code has pushed efforts forward to directly analyze executable programs. However, low-level programs lack high-level structures (such as types, control-flow graph, etc.), preventing the straightforward application of source-code analysis techniques. Especially, conditional jumps rely on low-level flag predicates, whereas they often encode high-level “natural” conditions on program variables. Most static analyzers are unable to infer any interesting information from these low-level conditions, leading to serious precision loss compared with source-level analysis. In this paper, we propose template-based recovery, an automatic approach for retrieving high-level predicates from their low-level flag versions. Especially, the technique is sound, efficient, platform-independent and it achieves very high ratio of recovery. This method allows more precise analyses and helps to understand machine encoding of conditionals rather than relying on error-prone human interpretation or (syntactic) pattern-based reasoning.",

author = "Adel Djoudi and S{\'e}bastien Bardin and {\'E}ric Goubault",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG 2016.; 21st International Symposium on Formal Methods, FM 2016 ; Conference date: 09-11-2016 Through 11-11-2016",

year = "2016",

month = jan,

day = "1",

doi = "10.1007/978-3-319-48989-6\_15",

language = "English",

isbn = "9783319489889",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "235--253",

editor = "Constance Heitmeyer and Anna Philippou and Stefania Gnesi and John Fitzgerald",

booktitle = "FM 2016",

}

Djoudi, A, Bardin, S & Goubault, É 2016, Recovering high-level conditions from binary programs. in C Heitmeyer, A Philippou, S Gnesi & J Fitzgerald (eds), FM 2016: Formal Methods - 21st International Symposium, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9995 LNCS, Springer Verlag, pp. 235-253, 21st International Symposium on Formal Methods, FM 2016, Limassol, Cyprus, 9/11/16. https://doi.org/10.1007/978-3-319-48989-6_15

Recovering high-level conditions from binary programs. / Djoudi, Adel; Bardin, Sébastien; Goubault, Éric.
FM 2016: Formal Methods - 21st International Symposium, Proceedings. ed. / Constance Heitmeyer; Anna Philippou; Stefania Gnesi; John Fitzgerald. Springer Verlag, 2016. p. 235-253 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9995 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Recovering high-level conditions from binary programs

AU - Djoudi, Adel

AU - Bardin, Sébastien

AU - Goubault, Éric

N1 - Publisher Copyright: © Springer International Publishing AG 2016.

PY - 2016/1/1

Y1 - 2016/1/1

N2 - The need to get confidence in binary programs without access to their source code has pushed efforts forward to directly analyze executable programs. However, low-level programs lack high-level structures (such as types, control-flow graph, etc.), preventing the straightforward application of source-code analysis techniques. Especially, conditional jumps rely on low-level flag predicates, whereas they often encode high-level “natural” conditions on program variables. Most static analyzers are unable to infer any interesting information from these low-level conditions, leading to serious precision loss compared with source-level analysis. In this paper, we propose template-based recovery, an automatic approach for retrieving high-level predicates from their low-level flag versions. Especially, the technique is sound, efficient, platform-independent and it achieves very high ratio of recovery. This method allows more precise analyses and helps to understand machine encoding of conditionals rather than relying on error-prone human interpretation or (syntactic) pattern-based reasoning.

AB - The need to get confidence in binary programs without access to their source code has pushed efforts forward to directly analyze executable programs. However, low-level programs lack high-level structures (such as types, control-flow graph, etc.), preventing the straightforward application of source-code analysis techniques. Especially, conditional jumps rely on low-level flag predicates, whereas they often encode high-level “natural” conditions on program variables. Most static analyzers are unable to infer any interesting information from these low-level conditions, leading to serious precision loss compared with source-level analysis. In this paper, we propose template-based recovery, an automatic approach for retrieving high-level predicates from their low-level flag versions. Especially, the technique is sound, efficient, platform-independent and it achieves very high ratio of recovery. This method allows more precise analyses and helps to understand machine encoding of conditionals rather than relying on error-prone human interpretation or (syntactic) pattern-based reasoning.

UR - https://www.scopus.com/pages/publications/84996537992

U2 - 10.1007/978-3-319-48989-6_15

DO - 10.1007/978-3-319-48989-6_15

M3 - Conference contribution

AN - SCOPUS:84996537992

SN - 9783319489889

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 235

EP - 253

BT - FM 2016

A2 - Heitmeyer, Constance

A2 - Philippou, Anna

A2 - Gnesi, Stefania

A2 - Fitzgerald, John

PB - Springer Verlag

T2 - 21st International Symposium on Formal Methods, FM 2016

Y2 - 9 November 2016 through 11 November 2016

ER -

Djoudi A, Bardin S, Goubault É. Recovering high-level conditions from binary programs. In Heitmeyer C, Philippou A, Gnesi S, Fitzgerald J, editors, FM 2016: Formal Methods - 21st International Symposium, Proceedings. Springer Verlag. 2016. p. 235-253. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-48989-6_15

Recovering high-level conditions from binary programs

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this