On the effectiveness of code normalization for function identification

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

Information on the identity of functions is typically removed when translating source code to executable form. Yet being able to recognize specific functions opens up a number of applications. In this paper, we investigate normalization-based approaches for the purposes of aiding the reverse engineer and as an enabler for the rejuvenation of legacy binaries. We iteratively refine our methods and report on their effectiveness. Our results show that a naive approach can be surprisingly effective in both problem domains. Further, our evaluation looks into more advanced normalization techniques and finds that their practicality varies significantly with the problem domain.

Original languageEnglish
Title of host publicationProceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018
PublisherIEEE Computer Society
Pages241-251
Number of pages11
ISBN (Electronic)9781538657003
DOIs
Publication statusPublished - 11 Feb 2019
Event23rd IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2018 - Taipei, Taiwan, Province of China
Duration: 4 Dec 20187 Dec 2018

Conference

Conference23rd IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2018
CountryTaiwan, Province of China
CityTaipei
Period4/12/187/12/18

Fingerprint

Engineers

Keywords

  • Binary analysis
  • Binary rejuvenation
  • Program equivalence
  • Reverse engineering

Cite this

Oikonomopoulos, A., Vermeulen, R., Giuffrida, C., & Bos, H. (2019). On the effectiveness of code normalization for function identification. In Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018 (pp. 241-251). [8639041] IEEE Computer Society. https://doi.org/10.1109/PRDC.2018.00045
Oikonomopoulos, Angelos ; Vermeulen, Remco ; Giuffrida, Cristiano ; Bos, Herbert. / On the effectiveness of code normalization for function identification. Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018. IEEE Computer Society, 2019. pp. 241-251
@inproceedings{d7812a339bb147b6ba9c8a8aa4a867c6,
title = "On the effectiveness of code normalization for function identification",
abstract = "Information on the identity of functions is typically removed when translating source code to executable form. Yet being able to recognize specific functions opens up a number of applications. In this paper, we investigate normalization-based approaches for the purposes of aiding the reverse engineer and as an enabler for the rejuvenation of legacy binaries. We iteratively refine our methods and report on their effectiveness. Our results show that a naive approach can be surprisingly effective in both problem domains. Further, our evaluation looks into more advanced normalization techniques and finds that their practicality varies significantly with the problem domain.",
keywords = "Binary analysis, Binary rejuvenation, Program equivalence, Reverse engineering",
author = "Angelos Oikonomopoulos and Remco Vermeulen and Cristiano Giuffrida and Herbert Bos",
year = "2019",
month = "2",
day = "11",
doi = "10.1109/PRDC.2018.00045",
language = "English",
pages = "241--251",
booktitle = "Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018",
publisher = "IEEE Computer Society",
address = "United States",

}

Oikonomopoulos, A, Vermeulen, R, Giuffrida, C & Bos, H 2019, On the effectiveness of code normalization for function identification. in Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018., 8639041, IEEE Computer Society, pp. 241-251, 23rd IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2018, Taipei, Taiwan, Province of China, 4/12/18. https://doi.org/10.1109/PRDC.2018.00045

On the effectiveness of code normalization for function identification. / Oikonomopoulos, Angelos; Vermeulen, Remco; Giuffrida, Cristiano; Bos, Herbert.

Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018. IEEE Computer Society, 2019. p. 241-251 8639041.

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

TY - GEN

T1 - On the effectiveness of code normalization for function identification

AU - Oikonomopoulos, Angelos

AU - Vermeulen, Remco

AU - Giuffrida, Cristiano

AU - Bos, Herbert

PY - 2019/2/11

Y1 - 2019/2/11

N2 - Information on the identity of functions is typically removed when translating source code to executable form. Yet being able to recognize specific functions opens up a number of applications. In this paper, we investigate normalization-based approaches for the purposes of aiding the reverse engineer and as an enabler for the rejuvenation of legacy binaries. We iteratively refine our methods and report on their effectiveness. Our results show that a naive approach can be surprisingly effective in both problem domains. Further, our evaluation looks into more advanced normalization techniques and finds that their practicality varies significantly with the problem domain.

AB - Information on the identity of functions is typically removed when translating source code to executable form. Yet being able to recognize specific functions opens up a number of applications. In this paper, we investigate normalization-based approaches for the purposes of aiding the reverse engineer and as an enabler for the rejuvenation of legacy binaries. We iteratively refine our methods and report on their effectiveness. Our results show that a naive approach can be surprisingly effective in both problem domains. Further, our evaluation looks into more advanced normalization techniques and finds that their practicality varies significantly with the problem domain.

KW - Binary analysis

KW - Binary rejuvenation

KW - Program equivalence

KW - Reverse engineering

UR - http://www.scopus.com/inward/record.url?scp=85062881399&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85062881399&partnerID=8YFLogxK

U2 - 10.1109/PRDC.2018.00045

DO - 10.1109/PRDC.2018.00045

M3 - Conference contribution

SP - 241

EP - 251

BT - Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018

PB - IEEE Computer Society

ER -

Oikonomopoulos A, Vermeulen R, Giuffrida C, Bos H. On the effectiveness of code normalization for function identification. In Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018. IEEE Computer Society. 2019. p. 241-251. 8639041 https://doi.org/10.1109/PRDC.2018.00045