On the effectiveness of code normalization for function identification

Angelos Oikonomopoulos, Remco Vermeulen, Cristiano Giuffrida, Herbert Bos

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

Information on the identity of functions is typically removed when translating source code to executable form. Yet being able to recognize specific functions opens up a number of applications. In this paper, we investigate normalization-based approaches for the purposes of aiding the reverse engineer and as an enabler for the rejuvenation of legacy binaries. We iteratively refine our methods and report on their effectiveness. Our results show that a naive approach can be surprisingly effective in both problem domains. Further, our evaluation looks into more advanced normalization techniques and finds that their practicality varies significantly with the problem domain.

Original languageEnglish
Title of host publicationProceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018
PublisherIEEE Computer Society
Pages241-251
Number of pages11
ISBN (Electronic)9781538657003
DOIs
Publication statusPublished - 11 Feb 2019
Event23rd IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2018 - Taipei, Taiwan, Province of China
Duration: 4 Dec 20187 Dec 2018

Conference

Conference23rd IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2018
CountryTaiwan, Province of China
CityTaipei
Period4/12/187/12/18

Keywords

  • Binary analysis
  • Binary rejuvenation
  • Program equivalence
  • Reverse engineering

Fingerprint Dive into the research topics of 'On the effectiveness of code normalization for function identification'. Together they form a unique fingerprint.

  • Cite this

    Oikonomopoulos, A., Vermeulen, R., Giuffrida, C., & Bos, H. (2019). On the effectiveness of code normalization for function identification. In Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018 (pp. 241-251). [8639041] IEEE Computer Society. https://doi.org/10.1109/PRDC.2018.00045