A Novel Approach to Online Retargetable Machine-Code Decompilation

článek v časopise - ostatní, Jost

angličtina

Machine-code decompilation, belonging to the area of reverse engineering, has found its applications in many real-world areas. Analysis of malicious software, search for vulnerabilities, and source-code recovery are some of the most important uses. As there exists a diversity of different platforms on which software can be run, an existence of a generic decompiler would be highly appreciated. This paper presents an extended version of our retargetable decompiler that also allows decompilation of raw binary code, such as firmware or code snippets. More specifically, in the present paper, we provide a description of a retargetable decompiler that is being developed within the Lissom project. First, we give an introduction into the area of machine-code decompilation, including a brief discussion of existing tools. Then, we describe the concept and architecture of the decompiler. As it is available in the form of a web service, we also provide its description. Finally, we summarise our results, present a case study of using the tool for analysing malicious software, and conclude the paper by several remarks on future research.

reverse engineering, decompilation, retargetable decompiler, raw machine code, code snippets, web service, Lissom

ĎURFINA, L.; KŘOUSTEK, J.; MATULA, P.; ZEMEK, P.

2014

26. 9. 2014

2160-2174

Journal of Network and Innovative Computing (JNIC)

2

1

Spojené státy americké

224

232

9

http://www.mirlabs.net/jnic/secured/Volume2-Issue1/Paper24/JNIC_Paper24.pdf