• DocumentCode
    3434238
  • Title

    ICE: Binary analysis that you can see

  • Author

    Pucsek, Dean ; Baldwin, Jennifer ; MacLeod, Laura ; Berg, Celina ; Coady, Yvonne ; Salois, Martin

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Victoria, Victoria, BC, Canada
  • fYear
    2013
  • fDate
    27-29 Aug. 2013
  • Firstpage
    346
  • Lastpage
    351
  • Abstract
    Tools for high-level languages often assist developers in successfully comprehending complex systems without worrying about low-level details. However, new architectures and paradigms now pose new challenges in program comprehension that often require high-level reasoning about low-level issues - sometimes even at the level of processor instructions. This is particularly true for the new generation of developers learning to harness the power of SIMD operations, multi-core, multiprocessor systems. Though industrial-strength tools for malware analysts are available, these typically come at considerable cost and require extensive expertise. Our proposed solution is to extend high-level comprehension tools, commonly available in IDEs, to low-level representations. This paper presents the design and prototype implementation of an Integrated Comprehension Environment (ICE), which provides an Eclipse-based tool suite extended to analyse code in intermediate and assembly languages. Preliminary evaluation based on visualisations for wayfinding, call graphs, sequence diagrams and control flow show, (1) correspondence to requirements for comprehension tools in this domain, (2) flexibility in the spectrum of data sources it can accept, and (3) scalability with respect to the explosion of instructions in the code base, while still providing a means to build new visualisations for analysis.
  • Keywords
    assembly language; data visualisation; high level languages; instruction sets; large-scale systems; multiprocessing systems; parallel processing; Eclipse-based tool; ICE; IDE; SIMD operations; assembly languages; binary analysis; call graphs; code analysis; complex systems; control flow; data sources spectrum; high-level comprehension tools; high-level languages; high-level reasoning; industrial-strength tools; integrated comprehension environment; intermediate languages; malware analysts; multicore multiprocessor systems; processor instructions; prototype implementation; sequence diagrams; visualisation-based evaluation; Assembly; Data models; Data visualization; Ice; Libraries; Navigation; Prototypes;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communications, Computers and Signal Processing (PACRIM), 2013 IEEE Pacific Rim Conference on
  • Conference_Location
    Victoria, BC
  • ISSN
    1555-5798
  • Type

    conf

  • DOI
    10.1109/PACRIM.2013.6625501
  • Filename
    6625501