M. A. Solovev, M. G. Bakulin, M. S. Gorbachev, D. V. Manushin, V. A. Padaryan, S. S. Panasenko, “Next generation intermediate representations for binary code analysis”, Proceedings of ISP RAS, 30:6 (2018), 39

Proceedings of the Institute for System Programming of the RAS

RUS ENG

JOURNALS PEOPLE ORGANISATIONS CONFERENCES SEMINARS VIDEO LIBRARY PACKAGE AMSBIB

JavaScript is disabled in your browser. Please switch it on to enable full functionality of the website

	General information
	Latest issue
	Archive

	Search papers
	Search references

	RSS
	Latest issue
	Current issues
	Archive issues
	What is RSS

Proceedings of ISP RAS:
Year:
Volume:
Issue:
Page:
	Find

Personal entry:
Login:
Password:
	Save password
	Enter
	Forgotten password?
	Register

Proceedings of the Institute for System Programming of the RAS, 2018, Volume 30, Issue 6, Pages 39–68
DOI: https://doi.org/10.15514/ISPRAS-2018-30(6)-3 (Mi tisp376)

This article is cited in 5 scientific papers (total in 5 papers)

Next generation intermediate representations for binary code analysis

M. A. Solovev^ab, M. G. Bakulin^b, M. S. Gorbachev^b, D. V. Manushin^ab, V. A. Padaryan^ba, S. S. Panasenko^b

^a Lomonosov Moscow State University
^b Ivannikov Institute for System Programming of the Russian Academy of Sciences

Full-text PDF (713 kB) Citations (5)

References:

PDF

HTML

DOI: https://doi.org/10.15514/ISPRAS-2018-30(6)-3

Abstract: A lot of binary code analysis tools do not work directly with machine instructions, instead relying on an intermediate representation from the binary code. In this paper, we first analyze problems in binary code analysis that benefit from such an IR and construct a list of requirements that an IR suitable for solving these problems must meet. Generally speaking, a universal binary analysis platform requires two principal components. The first component is a retargetable instruction decoder that utilizes external specifications for describing target instruction sets. External specifications facilitate maintainability and allow for quickly adding support for new instruction sets. We analyze some of the more common ISAs, including those used in microcontrollers, and from that produce a list of requirements for a retargetable decoder. We then survey existing multi-ISA decoders and propose our vision of a more generic approach, based on a multi-layered directed acyclic graph describing the decoding process in universal terms. The second component of an analysis platform is the actual architecture-neutral IR. In this paper we describe such existing IRs, and propose Pivot 2, an IR that is low-level enough to be easily constructed from decoded machine instructions, and at the same time is also easy to analyze. The main features of Pivot 2 are explicit side effects, SSA variables, a simpler alternative to phi-functions, and an extensible elementary operation set at the core. The IR also supports machines that have multiple memory address spaces. Finally, we propose a way to tie the decoder and the IR together to fit them to most binary code analysis tasks through abstract interpretation on top of the IR. The proposed scheme takes into account various aspects of target architectures that are overlooked in many other works, including pipeline specifics (handling of delay slots, hardware loop support, etc.), exception and interrupt management, and a generic address space model where accesses may have arbitrary side effects due to memory-mapped devices or other non-trivial behavior of the memory system.

Keywords: abstract interpretation, binary code analysis, compiler techniques, dynamic analysis, software reverse engineering, static analysis, symbolic execution.

Funding agency	Grant number
Russian Foundation for Basic Research	18-07-01256

Bibliographic databases:

Document Type: Article

Language: Russian

Citation: M. A. Solovev, M. G. Bakulin, M. S. Gorbachev, D. V. Manushin, V. A. Padaryan, S. S. Panasenko, “Next generation intermediate representations for binary code analysis”, Proceedings of ISP RAS, 30:6 (2018), 39–68

Citation in format AMSBIB

\Bibitem{SolBakGor18}

\by M.~A.~Solovev, M.~G.~Bakulin, M.~S.~Gorbachev, D.~V.~Manushin, V.~A.~Padaryan, S.~S.~Panasenko

\paper Next generation intermediate representations for binary code analysis

\jour Proceedings of ISP RAS

\yr 2018

\vol 30

\issue 6

\pages 39--68

\mathnet{http://mi.mathnet.ru/tisp376}

\crossref{https://doi.org/10.15514/ISPRAS-2018-30(6)-3}

\elib{https://elibrary.ru/item.asp?id=36825264}

Linking options:

https://www.mathnet.ru/eng/tisp376

https://www.mathnet.ru/eng/tisp/v30/i6/p39

This publication is cited in the following 5 articles:

Citing articles in Google Scholar: Russian citations, English citations
Related articles in Google Scholar: Russian articles, English articles

Proceedings of the Institute for System Programming of the RAS

Registration to the website

Logotypes