Detail publikace

A Novel Approach to Online Retargetable Machine-Code Decompilation

ĎURFINA, L. KŘOUSTEK, J. MATULA, P. ZEMEK, P.

Originální název

A Novel Approach to Online Retargetable Machine-Code Decompilation

Anglický název

A Novel Approach to Online Retargetable Machine-Code Decompilation

Jazyk

en

Originální abstrakt

Machine-code decompilation, belonging to the area of reverse engineering, has found its applications in many real-world areas. Analysis of malicious software, search for vulnerabilities, and source-code recovery are some of the most important uses. As there exists a diversity of different platforms on which software can be run, an existence of a generic decompiler would be highly appreciated. This paper presents an extended version of our retargetable decompiler that also allows decompilation of raw binary code, such as firmware or code snippets. More specifically, in the present paper, we provide a description of a retargetable decompiler that is being developed within the Lissom project. First, we give an introduction into the area of machine-code decompilation, including a brief discussion of existing tools. Then, we describe the concept and architecture of the decompiler. As it is available in the form of a web service, we also provide its description. Finally, we summarise our results, present a case study of using the tool for analysing malicious software, and conclude the paper by several remarks on future research.

Anglický abstrakt

Machine-code decompilation, belonging to the area of reverse engineering, has found its applications in many real-world areas. Analysis of malicious software, search for vulnerabilities, and source-code recovery are some of the most important uses. As there exists a diversity of different platforms on which software can be run, an existence of a generic decompiler would be highly appreciated. This paper presents an extended version of our retargetable decompiler that also allows decompilation of raw binary code, such as firmware or code snippets. More specifically, in the present paper, we provide a description of a retargetable decompiler that is being developed within the Lissom project. First, we give an introduction into the area of machine-code decompilation, including a brief discussion of existing tools. Then, we describe the concept and architecture of the decompiler. As it is available in the form of a web service, we also provide its description. Finally, we summarise our results, present a case study of using the tool for analysing malicious software, and conclude the paper by several remarks on future research.

Dokumenty

BibTex


@article{BUT111623,
  author="Lukáš {Ďurfina} and Jakub {Křoustek} and Peter {Matula} and Petr {Zemek}",
  title="A Novel Approach to Online Retargetable Machine-Code Decompilation",
  annote="Machine-code decompilation, belonging to the area of reverse engineering, has
found its applications in many real-world areas. Analysis of malicious software,
search for vulnerabilities, and source-code recovery are some of the most
important uses. As there exists a diversity of different platforms on which
software can be run, an existence of a generic decompiler would be highly
appreciated.

This paper presents an extended version of our retargetable decompiler that also
allows decompilation of raw binary code, such as firmware or code snippets. More
specifically, in the present paper, we provide a description of a retargetable
decompiler that is being developed within the Lissom project. First, we give an
introduction into the area of machine-code decompilation, including a brief
discussion of existing tools. Then, we describe the concept and architecture of
the decompiler. As it is available in the form of a web service, we also provide
its description. Finally, we summarise our results, present a case study of using
the tool for analysing malicious software, and conclude the paper by several
remarks on future research.",
  address="NEUVEDEN",
  chapter="111623",
  edition="NEUVEDEN",
  howpublished="online",
  institution="NEUVEDEN",
  number="1",
  volume="2",
  year="2014",
  month="september",
  pages="224--232",
  publisher="NEUVEDEN",
  type="journal article - other"
}