Abstract
Program comprehension and reverse engineering are two large domains of computer science that have one common goal - analysis of existing programs and understanding their behaviour. In present, methods of source-code analysis are well established and used in practice by software engineers. On the other hand, analysis of executable code is a more challenging task that is not fully covered by existing tools. Furthermore, methods of retargetable executable-code analysis are rare because of their complexity. In this paper, we present a complex platform-independent toolchain for executable-code analysis that supports both static and dynamic analysis. This toolchain, developed within the Lissom project, exploits several previously designed methods and it can be used for debugging user's applications as well as malware analysis, etc. The main contribution of this paper is to interconnect the existing methods and illustrate their usage on the real-world scenarios. Furthermore, we introduce a concept of a new retargetable method - the hybrid analysis. It can eliminate the shortcomings of the static and dynamic analysis in future.
Highlights
Software development is getting more tricky since applications are being developed for a wide range of target platforms (computers running x86(-64) processors, smart devices with ARM multi-cores, consumer electronics with smaller chips, etc.) where the toolchain can be incomplete or not properly tested, especially for the newly created platforms such as application-specific instruction-set processors (ASIPs)
We can find several projects focused on a rapid ASIP design that supports quality dynamic analysis, but with a very limited static analysis
All of these projects exploit its own architecture description language (ADL), which has been developed within the project, for the toolchain generation
Summary
Software development is getting more tricky since applications are being developed for a wide range of target platforms (computers running x86(-64) processors, smart devices with ARM multi-cores, consumer electronics with smaller chips, etc.) where the toolchain (e.g. compiler, disassemble, simulator) can be incomplete or not properly tested (e.g. automatically generated compiler, experimental target-specific optimizations), especially for the newly created platforms such as application-specific instruction-set processors (ASIPs) With this diversity of target architectures and operating systems, it is not easy to properly analyze and debug your code because it is highly probable that the appropriate analytical tool do not support such particular target platform. The motivation of this paper is to demonstrate both approaches on the real-world scenarios described in the previous paragraph We highlight their drawbacks and we present their enhancement – the hybrid analysis.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
