Login | Register

RESource: A Framework for Online Matching of Assembly with Open Source Code

Title:

RESource: A Framework for Online Matching of Assembly with Open Source Code

Rahimian, Ashkan, Charland, Philippe, Preda, Stere and Debbabi, Mourad (2013) RESource: A Framework for Online Matching of Assembly with Open Source Code. In: Foundations and Practice of Security. Lecture Notes in Computer Science, 7743 . Springer, pp. 211-226. ISBN 978-3-642-37119-6

[img]
Preview
Text (application/pdf)
RESource_A_Framework_for_Online_Matching_of_Assembly_with_Open_Source_Code.pdf
Available under License Spectrum Terms of Access.
946kB

Official URL: http://link.springer.com/book/10.1007%2F978-3-642-...

Abstract

Software reverse engineering is a fastidious task demanding a strong expertise in assembly coding. Various existing tools may help analyze the functionality of a binary file without executing it and an interesting step would naturally be the search for the original source files. Our tool called RESource considers the extraction of some features in the assembly code so that queries can be triggered to a source repository in a reliable way: either (1) the result is a set of references to the original project files provided they are hosted on the repository or (2) at least some functionalities of the binary file are unleashed. Such an approach is very promising given its proved performances in real assembly code applications.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science
Concordia University > Gina Cody School of Engineering and Computer Science > Concordia Institute for Information Systems Engineering
Concordia University > Research Units > Computer Security Laboratory
Item Type:Book Section
Refereed:Yes
Authors:Rahimian, Ashkan and Charland, Philippe and Preda, Stere and Debbabi, Mourad
Journal or Publication:Foundations and Practice of Security
Series Name:Lecture Notes in Computer Science
Date:2013
Keywords:Reverse Engineering, Assembly Code, Source Repository
ID Code:978045
Deposited By: ASHKAN RAHIMIAN
Deposited On:06 Dec 2013 19:58
Last Modified:18 Jan 2018 17:45

References:

[1] Abrial, J.R.: The B Book - Assigning Programs to Meanings. Cambridge University Press (1996) ISBN 052149619-5
[2] Boomerang: a general, open source, retargetable decompiler of machine code programs, http://boomerang.sourceforge.net/
[3] Bryant, R.E., O’Hallaron, D.R.: Computer Systems – A programmer’s Perspective, 2nd edn. Addison Wesley (2010) ISBN 0136108040
[4] Eymery, D., Eymery, O., Borello, J.-M., Fraygefond, J.-M., Bion, P.: GenDbg: un débogueur générique. In: Symposium Sur la Séurité des Technologies de l’information et des Communications, SSTIC 2008, France (2008)
[5] GDB: The GNU Project Debugger, http://www.gnu.org/software/gdb/documentation/
[6] GNU Binutils, http://www.gnu.org/software/binutils/
[7] Google Code, http://code.google.com/
[8] Google Data APIs, http://code.google.com/p/gdata-objectivec-client/
[9] IDA Pro multi-processor disassembler and debugger, http://www.hex-rays.com/products/ida/index.shtml
[10] IDA Pro Re-Google Plugin, http://regoogle.carnivore.it/
[11] Lagadec, P.: Dynamic Malware Analysis for Dummies. In: Symposium Sur la Sécurité des Technologies de l’information et des Communications, SSTIC 2008, France (2008)
[12] Precise Calculator Project, http://sourceforge.net/projects/preccalc/
[13] Sikorski, M., Honig, A.: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software. No Starch Press (2012) ISBN 1593272901
[14] The Hex-Rays Decompiler, http://www.hex-rays.com/
[15] Troshina, K., Chernov, A., Derevenets, Y.: C Decompilation: Is It Possible? In: Proceedings of International Workshop on Program Understanding, Altai Mountains, Russia, pp. 18–27 (2009)
[16] Troshina, K., Derevenets, Y., Chernov, A.: Reconstruction of Composite Types for Decompilation. In: Proceedings of the 2010 10th IEEE Working Conference on Source Code Analysis and Manipulation, SCAM 2010, Timisoara, Romania, pp. 179–188 (2010)
[17] Valgrind – a suite of tools for debugging and profiling, http://valgrind.org/
[18] WinDbg debugger for Microsoft Windows, http://www.windbg.org/
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Back to top Back to top