SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis

Yan Shoshitaishvili; Ruoyu Wang; Christopher Salls; Nick Stephens; Mario Polino; Andrew Dutcher; John Grosen; Siji Feng; Christophe Hauser; Christopher Kruegel; Giovanni Vigna

doi:10.1109/SP.2016.17

SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis

Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Andrew Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Kruegel, Giovanni Vigna

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

641 Scopus citations

Abstract

Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level, semantically rich information about data structures and control constructs makes the analysis of program properties harder to scale. However, the importance of binary analysis is on the rise. In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed. In this paper, we present a binary analysis framework that implements a number of analysis techniques that have been proposed in the past. We present a systematized implementation of these techniques, which allows other researchers to compose them and develop new approaches. In addition, the implementation of these techniques in a unifying framework allows for the direct comparison of these apporaches and the identification of their advantages and disadvantages. The evaluation included in this paper is performed using a recent dataset created by DARPA for evaluating the effectiveness of binary vulnerability analysis techniques. Our framework has been open-sourced and is available to the security community.

Original language	English (US)
Title of host publication	Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	138-157
Number of pages	20
ISBN (Electronic)	9781509008247
DOIs	https://doi.org/10.1109/SP.2016.17
State	Published - Aug 16 2016
Externally published	Yes
Event	2016 IEEE Symposium on Security and Privacy, SP 2016 - San Jose, United States Duration: May 23 2016 → May 25 2016

Publication series

Name	Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016

Other

Other	2016 IEEE Symposium on Security and Privacy, SP 2016
Country/Territory	United States
City	San Jose
Period	5/23/16 → 5/25/16

Keywords

attacks and defenses
security architectures
system security

ASJC Scopus subject areas

Safety, Risk, Reliability and Quality
Computer Networks and Communications
Software

Access to Document

10.1109/SP.2016.17

Cite this

Shoshitaishvili, Y., Wang, R., Salls, C., Stephens, N., Polino, M., Dutcher, A., Grosen, J., Feng, S., Hauser, C., Kruegel, C., & Vigna, G. (2016). SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis. In Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016 (pp. 138-157). Article 7546500 (Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SP.2016.17

SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis. / Shoshitaishvili, Yan ; Wang, Ruoyu; Salls, Christopher et al.
Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016. Institute of Electrical and Electronics Engineers Inc., 2016. p. 138-157 7546500 (Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Shoshitaishvili, Y , Wang, R, Salls, C, Stephens, N, Polino, M, Dutcher, A, Grosen, J, Feng, S, Hauser, C, Kruegel, C & Vigna, G 2016, SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis. in Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016., 7546500, Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016, Institute of Electrical and Electronics Engineers Inc., pp. 138-157, 2016 IEEE Symposium on Security and Privacy, SP 2016, San Jose, United States, 5/23/16. https://doi.org/10.1109/SP.2016.17

Shoshitaishvili Y , Wang R, Salls C, Stephens N, Polino M, Dutcher A et al. SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis. In Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016. Institute of Electrical and Electronics Engineers Inc. 2016. p. 138-157. 7546500. (Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016). doi: 10.1109/SP.2016.17

@inproceedings{44c55c598a8f4c96ac5fb81b81d060f4,

title = "SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis",

abstract = "Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level, semantically rich information about data structures and control constructs makes the analysis of program properties harder to scale. However, the importance of binary analysis is on the rise. In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed. In this paper, we present a binary analysis framework that implements a number of analysis techniques that have been proposed in the past. We present a systematized implementation of these techniques, which allows other researchers to compose them and develop new approaches. In addition, the implementation of these techniques in a unifying framework allows for the direct comparison of these apporaches and the identification of their advantages and disadvantages. The evaluation included in this paper is performed using a recent dataset created by DARPA for evaluating the effectiveness of binary vulnerability analysis techniques. Our framework has been open-sourced and is available to the security community.",

keywords = "attacks and defenses, security architectures, system security",

author = "Yan Shoshitaishvili and Ruoyu Wang and Christopher Salls and Nick Stephens and Mario Polino and Andrew Dutcher and John Grosen and Siji Feng and Christophe Hauser and Christopher Kruegel and Giovanni Vigna",

note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 2016 IEEE Symposium on Security and Privacy, SP 2016 ; Conference date: 23-05-2016 Through 25-05-2016",

year = "2016",

month = aug,

day = "16",

doi = "10.1109/SP.2016.17",

language = "English (US)",

series = "Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "138--157",

booktitle = "Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016",

}

TY - GEN

T1 - SOK

T2 - 2016 IEEE Symposium on Security and Privacy, SP 2016

AU - Shoshitaishvili, Yan

AU - Wang, Ruoyu

AU - Salls, Christopher

AU - Stephens, Nick

AU - Polino, Mario

AU - Dutcher, Andrew

AU - Grosen, John

AU - Feng, Siji

AU - Hauser, Christophe

AU - Kruegel, Christopher

AU - Vigna, Giovanni

PY - 2016/8/16

Y1 - 2016/8/16

N2 - Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level, semantically rich information about data structures and control constructs makes the analysis of program properties harder to scale. However, the importance of binary analysis is on the rise. In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed. In this paper, we present a binary analysis framework that implements a number of analysis techniques that have been proposed in the past. We present a systematized implementation of these techniques, which allows other researchers to compose them and develop new approaches. In addition, the implementation of these techniques in a unifying framework allows for the direct comparison of these apporaches and the identification of their advantages and disadvantages. The evaluation included in this paper is performed using a recent dataset created by DARPA for evaluating the effectiveness of binary vulnerability analysis techniques. Our framework has been open-sourced and is available to the security community.

AB - Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level, semantically rich information about data structures and control constructs makes the analysis of program properties harder to scale. However, the importance of binary analysis is on the rise. In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed. In this paper, we present a binary analysis framework that implements a number of analysis techniques that have been proposed in the past. We present a systematized implementation of these techniques, which allows other researchers to compose them and develop new approaches. In addition, the implementation of these techniques in a unifying framework allows for the direct comparison of these apporaches and the identification of their advantages and disadvantages. The evaluation included in this paper is performed using a recent dataset created by DARPA for evaluating the effectiveness of binary vulnerability analysis techniques. Our framework has been open-sourced and is available to the security community.

KW - attacks and defenses

KW - security architectures

KW - system security

UR - http://www.scopus.com/inward/record.url?scp=84987622050&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84987622050&partnerID=8YFLogxK

U2 - 10.1109/SP.2016.17

DO - 10.1109/SP.2016.17

M3 - Conference contribution

AN - SCOPUS:84987622050

T3 - Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016

SP - 138

EP - 157

BT - Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 23 May 2016 through 25 May 2016

ER -

SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this