iBinHunt: Binary Hunting with Inter-procedural Control Flow
نویسندگان
چکیده
Techniques have been proposed to find the semantic differences between two binary programs when the source code is not available. Analyzing control flow, and in particular, intra-procedural control flow, has become an attractive technique in the latest binary diffing tools since it is more resistant to syntactic, but non-semantic, differences. However, this makes such techniques vulnerable to simple function obfuscation techniques (e.g., function inlining) attackers any malware writers could use. In this paper, we first show function obfuscation as an attack to such binary diffing techniques, and then propose iBinHunt which uses deep taint and automatic input generation to find semantic differences in inter-procedural control flows. Evaluation on comparing various versions of a http server and gzip shows that iBinHunt not only is capable of comparing inter-procedural control flows of two programs, but offers substantially better accuracy and efficiency in binary diffing.
منابع مشابه
Status of the Bound-T WCET Tool
Bound-T is a tool for static WCET analysis from binary executable code. We describe the general structure of the tool and some specific difficulties met in the analysis of the supported processors, which are the Intel 8051 8-bit microcontrollers, the Analog Devices ADSP21020 Digital Signal Processor, and the SPARC V7 processor. For the DSP, the problem is the complex program sequencing logic us...
متن کاملThird-order Decentralized Safe Consensus Protocol for Inter-connected Heterogeneous Vehicular Platoons
In this paper, the stability analysis and control design of heterogeneous traffic flow is considered. It is assumed that the traffic flow consists of infinite number of cooperative non-identical vehicular platoons. Two different networks are investigated in stability analysis of heterogeneous traffic flow: 1) inter-platoon network which deals with the communication topology of lead vehicles and...
متن کاملDevelopment of a novel method in TRMC for a Binary Gas Flow Inside a Rotating Cylinder
A new approach to calculate the axially symmetric binary gas flow is proposed Dalton’s law for partial pressures contributed by each species of a binary gas mixture (argon and helium) is incorporated into numerical simulation of rarefied axially symmetric flow inside a rotating cylinder using the time relaxed Monte-Carlo (TRMC) scheme and the direct simulation Monte-Carlo (DSMC) method. The res...
متن کاملA New Hunting Control Method for Permanent Magnet Hysteresis Motors
Hunting is a flutter associated with the synchronous speed that gives rise to the gyro drifting errors and may cause objectionable time-displacement errors in video head wheel drives and other precision scanning systems. In this paper, dynamic characteristics of permanent Magnet hysteresis motors are presented and hunting is explained. New damping techniques have been developed using optimi...
متن کامل