Home
Resource
Exploring semantic reverse engineering for software binary protection
PDF
PDF format is widely accepted and good for printing.
Plug-in required
PDF-1(6.17 MB)
Citation & Export
View Usage Statistics
Staff View

Citation & Export
Hide

Simple citation

Sun, Pengfei. Exploring semantic reverse engineering for software binary protection. Retrieved from https://doi.org/doi:10.7282/t3-zy08-nn55

Export

Click here for information about Citation Management Tools at Rutgers.

Statistics
Hide

Description

TitleExploring semantic reverse engineering for software binary protection
NameSun, Pengfei (author); Zonouz, Saman (chair); Marsic, Ivan (internal member); Wei, Sheng (internal member); Murthy, Praveen (outside member); Rutgers University; School of Graduate Studies
Date Created2019
Other Date2019-05 (degree)
SubjectBinary analysis, Electrical and Computer Engineering
Extent1 online resource (x, 155 pages) : illustrations
DescriptionSemantic reverse engineering has become the main approach to explore and understand the big picture of the binary code for closed-source software packages. However, semantic reverse engineering still has two unsolved challenges: (1) to recognize and recover data structure instances from binary memory images without execution traces; and (2) to locate the critical algorithm implementation and extract the high-level semantic meaning for the associated memory addresses/registers. These capabilities have many computer security and forensics applications, such as vulnerability discovery, sensitive data protection and so on.
In this dissertation, I present new techniques to perform automatic semantic reverse engineering to address the above-mentioned challenges. First, I present a systematic framework, ReViver, for semantic reverse engineering of data structure instances from live memory without execution trace. Using the discovered data structure instances in live memory, I develop a new domain-specific semantic memory data attack against power grid controllers. What’s more, I propose a framework, Mismo, to analyze embedded system binaries to extract semantic information about the control algorithms that they implement. Finally, I build BinSec, a vulnerability assessment tool which leverages deep learning and dynamic analysis to do cross-platform binary code similarity detection to identify known vulnerabilities. I demonstrate how I integrate these new techniques to explore semantic information for binary protection and exploitation.
I have obtained the following experimental results. ReViver achieved 98.1% average accuracy in recovering memory data structure instances without execution traces for real-world applications. Mismo’s accuracy for data discovery was an average of 89.82%, and 84.96% for code and data semantics discovery, respectively. For BinSec, I evaluate 25 existing CVE vulnerability functions for the Google Pixel 2 smartphone and Android Things IoT firmware images. The deep learning model identifies vulnerabilities with an accuracy of over 93% and the dynamic analysis can help to identify the correct matches among the top 3 ranked outcomes 100% of the time.
NotePh.D.
NoteIncludes bibliographical references
Genretheses, ETD doctoral
Persistent URLhttps://doi.org/doi:10.7282/t3-zy08-nn55
LanguageEnglish
CollectionSchool of Graduate Studies Electronic Theses and Dissertations
Organization NameRutgers, The State University of New Jersey
RightsThe author owns the copyright to this work.
Version 8.5.5
Rutgers University Libraries - Copyright ©2024