Master Thesis Defense - August 26, 2016: BinType: A Scalable Type Inference Tool for Compiled C Programs

Brit Sundar Mondal

Friday, August 26, 2016 at 3:00 p.m.
Room EV011.119

You are invited to attend the following M.A.Sc. (Information Systems Security) thesis examination.

Examining Committee

Dr. A. Mohammadi, Chair
Dr. M. Mannan, Supervisor
Dr. A. Youssef, CIISE Examiner
Dr. G. Gopakumar, External Examiner (CES)

Abstract

Reverse-engineering program binaries often rely on the recovery of high-level data abstractions.  In particular, recovering variables and their type is challenging as most such information is lost during compilation.  Although past proposals seem to have addressed this problem, their approaches are either not scalable and suffer from coverage issues (e.g., dynamic analysis), or yield insufficient precision by staying too conservative (e.g., static analysis).  Furthermore, most recent works lift assembly to Intermediate Representation (IR), which standardizes low-level operations, and may lose some useful semantics for type influence.  In this paper, we propose BinType, a static analysis-based, scalable, precise and conservative tool that works directly on x86 assembly to automatically reveal type information of variables and function arguments.  BinType is 45% more precise than TIE (NDSS'11) on a dataset 3.5 times larger, and orders of magnitude faster than its underlying algorithm.  We also show that our tool makes a significant impact on the accuracy of a recent tool on binary to sourch matching.