Publication detail

Design of an Automatically Generated Retargetable Decompiler

ĎURFINA, L. KŘOUSTEK, J. ZEMEK, P. KOLÁŘ, D. HRUŠKA, T. MASAŘÍK, K. MEDUNA, A.

Original Title

Design of an Automatically Generated Retargetable Decompiler

English Title

Design of an Automatically Generated Retargetable Decompiler

Type

conference paper

Language

en

Original Abstract

Accurate program decompilation is one of the most difficult tasks of reverse engineering. Currently, there exist several single-purpose decompilers targeted on a particular platform (e.g. Intel x86 architecture and Microsoft Windows OS) and on a particular language. These tools are always hand-written by the author from scratch. This paper presents a concept of a retargetable reverse compiler (i.e. a  decompiler). This tool translates platform-specific binary applications into a high-level language (HLL) representation. A Python-like language was chosen as the target language, but the decompiler can be easily extended to other target languages. Our unique solution is automatically generated from the target platform description. It exploits the architecture description language ISAC for describing the target platform and the LLVM Compiler System as the core of the decompiler. The proof of our concept is presented on a Sony PlayStation Portable (PSP) handheld game console. As can be seen from the experimental results, we are able to automatically generate a decompiler producing a highly readable HLL code for this platform while preserving the functional equivalency with the original application.

English abstract

Accurate program decompilation is one of the most difficult tasks of reverse engineering. Currently, there exist several single-purpose decompilers targeted on a particular platform (e.g. Intel x86 architecture and Microsoft Windows OS) and on a particular language. These tools are always hand-written by the author from scratch. This paper presents a concept of a retargetable reverse compiler (i.e. a  decompiler). This tool translates platform-specific binary applications into a high-level language (HLL) representation. A Python-like language was chosen as the target language, but the decompiler can be easily extended to other target languages. Our unique solution is automatically generated from the target platform description. It exploits the architecture description language ISAC for describing the target platform and the LLVM Compiler System as the core of the decompiler. The proof of our concept is presented on a Sony PlayStation Portable (PSP) handheld game console. As can be seen from the experimental results, we are able to automatically generate a decompiler producing a highly readable HLL code for this platform while preserving the functional equivalency with the original application.

Keywords

decompilation, reverse engineering, malware, LLVM, Lissom, ISAC

RIV year

2011

Released

10.12.2011

Publisher

North Atlantic University Union

Location

Puerto De La Cruz, Tenerife

ISBN

978-1-61804-056-5

Book

2nd European Conference of COMPUTER SCIENCE (ECCS'11)

Edition

NEUVEDEN

Edition number

NEUVEDEN

Pages from

199

Pages to

204

Pages count

6

Documents

BibTex


@inproceedings{BUT76351,
  author="Lukáš {Ďurfina} and Jakub {Křoustek} and Petr {Zemek} and Dušan {Kolář} and Tomáš {Hruška} and Karel {Masařík} and Alexandr {Meduna}",
  title="Design of an Automatically Generated Retargetable Decompiler",
  annote="Accurate program decompilation is one of the most difficult tasks of reverse
engineering. Currently, there exist several single-purpose decompilers targeted
on a particular platform (e.g. Intel x86 architecture and Microsoft Windows OS)
and on a particular language. These tools are always hand-written by the author
from scratch. This paper presents a concept of a retargetable reverse compiler
(i.e. a  decompiler). This tool translates platform-specific binary applications
into a high-level language (HLL) representation. A Python-like language was
chosen as the target language, but the decompiler can be easily extended to other
target languages. Our unique solution is automatically generated from the target
platform description. It exploits the architecture description language ISAC for
describing the target platform and the LLVM Compiler System as the core of the
decompiler. The proof of our concept is presented on a Sony PlayStation Portable
(PSP) handheld game console. As can be seen from the experimental results, we are
able to automatically generate a decompiler producing a highly readable HLL code
for this platform while preserving the functional equivalency with the original
application.",
  address="North Atlantic University Union",
  booktitle="2nd European Conference of COMPUTER SCIENCE (ECCS'11)",
  chapter="76351",
  edition="NEUVEDEN",
  howpublished="print",
  institution="North Atlantic University Union",
  year="2011",
  month="december",
  pages="199--204",
  publisher="North Atlantic University Union",
  type="conference paper"
}