Visible to the public Efficient and Safe Control Flow Recovery Using a Restricted Intermediate Language

TitleEfficient and Safe Control Flow Recovery Using a Restricted Intermediate Language
Publication TypeConference Paper
Year of Publication2018
AuthorsPfeffer, T., Herber, P., Druschke, L., Glesner, S.
Conference Name2018 IEEE 27th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)
ISBN Number978-1-5386-6916-7
Keywordsautomatic analysis, Bianry Analysis, Collaboration, Computational modeling, Conferences, Control Flow Recovery, control-flow recovery, data flow analysis, data-flow analyses, Explosions, formal specification, Human Behavior, human factors, low-level object code, Memory management, Metrics, policy-based governance, program compilers, program diagnostics, program verification, pubcrawl, resilience, Resiliency, restricted control transition intermediate language, Safe Coding, safe control flow recovery, security, security mechanisms, security of data, security policies, Security Validation, Semantics, software fault tolerance, source code level

Approaches for the automatic analysis of security policies on source code level cannot trivially be applied to binaries. This is due to the lacking high-level semantics of low-level object code, and the fundamental problem that control-flow recovery from binaries is difficult. We present a novel approach to recover the control-flow of binaries that is both safe and efficient. The key idea of our approach is to use the information contained in security mechanisms to approximate the targets of computed branches. To achieve this, we first define a restricted control transition intermediate language (RCTIL), which restricts the number of possible targets for each branch to a finite number of given targets. Based on this intermediate language, we demonstrate how a safe model of the control flow can be recovered without data-flow analyses. Our evaluation shows that that makes our solution more efficient than existing solutions.

Citation Keypfeffer_efficient_2018