• Documents
  • Authors
  • Tables
  • Log in
  • Sign up
  • MetaCart
  • DMCA
  • Donate

CiteSeerX logo

Advanced Search Include Citations
Advanced Search Include Citations

DMCA

WYSINWYX: What You See Is Not What You eXecute (2009)

Cached

  • Download as a PDF

Download Links

  • [www.cs.wisc.edu]
  • [research.cs.wisc.edu]
  • [www.cs.wisc.edu]
  • [research.cs.wisc.edu]
  • [www.cs.wisc.edu]
  • [research.cs.wisc.edu]
  • [www.cs.wisc.edu]
  • [research.cs.wisc.edu]
  • [pages.cs.wisc.edu]
  • [pages.cs.wisc.edu]
  • [www.cs.wisc.edu]
  • [www.cs.wisc.edu]
  • [research.cs.wisc.edu]
  • [www.cs.wisc.edu]
  • [www.cs.wisc.edu]
  • [www.ida.liu.se]
  • [www.ida.liu.se]
  • [www.ida.liu.se]
  • [pages.cs.wisc.edu]
  • [research.cs.wisc.edu]
  • [vstte.inf.ethz.ch]
  • [vstte.ethz.ch]
  • [pages.cs.wisc.edu]

  • Save to List
  • Add to Collection
  • Correct Errors
  • Monitor Changes
by Gogul Balakrishnan , Thomas Reps
Citations:91 - 12 self
  • Summary
  • Citations
  • Active Bibliography
  • Co-citation
  • Clustered Documents
  • Version History

BibTeX

@MISC{Balakrishnan09wysinwyx:what,
    author = {Gogul Balakrishnan and Thomas Reps},
    title = {WYSINWYX: What You See Is Not What You eXecute },
    year = {2009}
}

Share

Facebook Twitter Reddit Bibsonomy

OpenURL

 

Abstract

Over the last seven years, we have developed static-analysis methods to recover a good approximation to the variables and dynamically-allocated memory objects of a stripped executable, and to track the flow of values through them. The paper presents the algorithms that we developed, explains how they are used to recover intermediate representations (IRs) from executables that are similar to the IRs that would be available if one started from source code, and describes their application in the context of program understanding and automated bug hunting. Unlike algorithms for analyzing executables that existed prior to our work, the ones presented in this paper provide useful information about memory accesses, even in the absence of debugging information. The ideas described in the paper are incorporated in a tool for analyzing Intel x86 executables, called CodeSurfer/x86. CodeSurfer/x86 builds a system dependence graph for the program, and provides a GUI for exploring the graph by (i) navigating its edges, and (ii) invoking operations, such as forward slicing, backward slicing, and chopping, to discover how parts of the program can impact other parts. To assess the usefulness of the IRs recovered by CodeSurfer/x86 in the context of automated bug hunting, we built a tool on top of CodeSurfer/x86, called Device-Driver Analyzer for x86

Keyphrases

codesurfer x86    intel x86 executables    source code    memory access    automated bug hunting    good approximation    program understanding    static-analysis method    forward slicing    dynamically-allocated memory object    stripped executable    bug hunting    device-driver analyzer    intermediate representation    useful information    system dependence graph   

Powered by: Apache Solr
  • About CiteSeerX
  • Submit and Index Documents
  • Privacy Policy
  • Help
  • Data
  • Source
  • Contact Us

Developed at and hosted by The College of Information Sciences and Technology

© 2007-2019 The Pennsylvania State University