Alireza Saberi

Type

Text

Type

Thesis

Advisor

Sekar, R

Date

2012-12-01

Keywords

Computer science | Abstract Interpretation, Static Binary Analysis, Type Inference

Department

Department of Computer Science

Language

en_US

Source

This work is sponsored by the Stony Brook University Graduate School in compliance with the requirements for completion of degree.

Identifier

http://hdl.handle.net/11401/71535

Publisher

The Graduate School, Stony Brook University: Stony Brook, NY.

Format

application/pdf

Abstract

In recent years, many research efforts have been dedicated to detect vulnerabilities in software. Most of these techniques are based on source code analysis. However, source code-based analysis methods are ineffective when the program source code is not available. In such a case, binary analysis is the only option. Yet, all binary analysis methods have to address serious challenges such as indirect memory access, missing functions and data abstraction. Historically, these problems have been addressed using rather ad hoc techniques. However, recent research has begun to reverse this trend. In this thesis, we cover Value-Set Analysis (VSA) and Abstract Stack Analysis (ASA) that use abstract interpretation to address aforementioned challenges in a principled way. We then move on to binary analysis methods that try to recover the missing type information in binaries. We describe TIE, Howard and REWARD as three binary type analysis methods and compare their effectiveness. | 34 pages

Download

Share

COinS
 
 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.