Litcius/Paper detail

The Convergence of Source Code and Binary Vulnerability Discovery -- A Case Study

Alessandro Mantovani, Luca Compagna, Yan Shoshitaishvili, Davide Balzarotti

2022Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security17 citationsDOI

Abstract

Decompilers are tools designed to recover a high-level language representation (typically in C code) from program binaries. Over the past five years, decompilers have improved enormously, not only in terms of the readability of the produced pseudocode, but also in terms of similarity of the recovered representation to the original source code. Albeit decompilers are routinely used by reverse engineers in different disciplines (e.g., to support vulnerability discovery or malware analysis), they are not yet adopted to produce input for source-code static analysis tools. In particular, source code vulnerability discovery and binary vulnerability discovery remain today two very different areas of research, despite the fact that decompilers could potentially bridge this gap and enable source-code analysis on binary files.

Topics & Concepts

Computer scienceSource codeVulnerability (computing)Code (set theory)Static program analysisStatic analysisProgramming languageReadabilityIntermediate languageBinary codeBinary numberTheoretical computer scienceSoftwareComputer securitySet (abstract data type)Software developmentArithmeticCompilerMathematicsAdvanced Malware Detection TechniquesSecurity and Verification in ComputingSoftware Engineering Research
The Convergence of Source Code and Binary Vulnerability Discovery -- A Case Study | Litcius