Howard: A Dynamic Excavator for Reverse Engineering Data Structures
نویسندگان
چکیده
Even the most advanced reverse engineering techniques and products are weak in recovering data structures in stripped binaries—binaries without symbol tables. Unfortunately, forensics and reverse engineering without data structures is exceedingly hard. We present a new solution, known as Howard, to extract data structures from C binaries without any need for symbol tables. Our results are significantly more accurate than those of previous methods — sufficiently so to allow us to generate our own (partial) symbol tables without access to source code. Thus, debugging such binaries becomes feasible and reverse engineering becomes simpler. Also, we show that we can protect existing binaries from popular memory corruption attacks, without access to source code. Unlike most existing tools, our system uses dynamic analysis (on a QEMU-based emulator) and detects data structures by tracking how a program uses memory.
منابع مشابه
DSIbin: identifying dynamic data structures in C/C++ binaries
Reverse engineering binary code is notoriously difficult and, especially, understanding a binary’s dynamic data structures. Existing data structure analyzers are limited wrt. program comprehension: they do not detect complex structures such as skip lists, or lists running through nodes of different types such as in the Linux kernel’s cyclic doubly-linked list. They also do not reveal complex pa...
متن کاملA Novel Hole Filling Method based on the Hybrid PSO-BP Algorithm
This paper presents a novel hole-filling algorithm in reverse engineering (RE) domain that can fill holes directly from the point clouds-a hybrid PSO-BP approach: Firstly, boundary of the hole is detected and feature points on the boundary are extracted. Secondly, a hole filling method based on the commercial reverse engineering software (Gemagic and Imageware) is employed to cover the hole wit...
متن کاملA Hybrid Dynamic Programming for Inventory Routing Problem in Collaborative Reverse Supply Chains
Inventory routing problems arise as simultaneous decisions in inventory and routing optimization. In the present study, vendor managed inventory is proposed as a collaborative model for reverse supply chains and the optimization problem is modeled in terms of an inventory routing problem. The studied reverse supply chains include several return generators and recovery centers and one collection...
متن کاملConsidering chain to chain competition in forward and reverse logistics of a dynamic and integrated supply chain network design problem
In this paper, a bi-objective model is presented for dynamic and integrated network design of a new entrant competitive closed-loop supply chain. To consider dynamism and integration in the network design problem, multiple long-term periods are regarded during planning horizon, so that each long-term period includes several short-term periods. Furthermore, a chain to chain competition between t...
متن کاملAgent Based Engineering Design Simulation and Optimization under Uncertainty
In this paper a multi-agent based simulation and optimization framework was put forward to solve the aleatory and epistemic uncertainty in engineering design. Agent structures were designed to extract engineering knowledge from experiments and simulation and to communicate an internal message and domain engineering knowledge base. The framework can deal with complicated time-varying structure a...
متن کامل