Title :
Static Analysis of Software Executables
Author :
Melski, David ; Teitelbaum, Tim ; Reps, Thomas
Abstract :
In recent years, there has been a growing need for tools that an analyst can use to understand the workings of COTS software as well as malicious code. Static analysis provides techniques that can help with such problems; however, there are several obstacles that must be overcome, including the absence of source code and the difficulty of analyzing machine code. We have created CodeSurfer/x86, a prototype tool for browsing, inspecting, and analyzing x86 executables. From an x86 executable, CodeSurfer/x86 recovers intermediate representations that are similar to what would be created by a compiler for a program written in a high-level language. These facilities provide a platform for the development of additional tools for analyzing the security properties of executables. CodeSurfer/x86 analyses are automatically generated from a formal specification of the x86 instruction semantics. This makes the analyses more accurate and robust, and makes it easier to retarget the tool to analyze executables for other platforms besides x86.
Keywords :
formal specification; program compilers; software packages; software tools; CodeSurfer/x86; formal specification; high-level language; program compiler; software executables; source code; static analysis; Application software; Computer bugs; Computer security; Contracts; High level languages; Information analysis; Information security; Software tools; Terrorism; Weapons; Vulnerability Discovery and Remediation; executables; static analysis;
Conference_Titel :
Conference For Homeland Security, 2009. CATCH '09. Cybersecurity Applications & Technology
Conference_Location :
Washington, DC
Print_ISBN :
978-0-7695-3568-5
DOI :
10.1109/CATCH.2009.42
