Research on Intelligent Detection of Command Level Stack Pollution for Binary Program Analysis
How to efficiently and reasonably analyze binary programs has always been the primary issue in the field of software security. As for the stack, the current technology has begun to show limitations on various conditions. In this work, we will introduce a technique for intelligently detecting the sta...
Uloženo v:
| Vydáno v: | Mobile networks and applications Ročník 26; číslo 4; s. 1723 - 1732 |
|---|---|
| Hlavní autoři: | , , , , , , |
| Médium: | Journal Article |
| Jazyk: | angličtina |
| Vydáno: |
New York
Springer US
01.08.2021
Springer Nature B.V |
| Témata: | |
| ISSN: | 1383-469X, 1572-8153 |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Shrnutí: | How to efficiently and reasonably analyze binary programs has always been the primary issue in the field of software security. As for the stack, the current technology has begun to show limitations on various conditions. In this work, we will introduce a technique for intelligently detecting the stack space and operating its readable and writable area (referred to as stack pollution). We innovatively defined the concept of “stack pollution” and raised the level of analysis from byte level to instruction level: Control flow recovery and instruction promotion based on the McSema tool. The “stack pollution” technology is a process of intelligently and intact “polluting” the required research space objects, solving the three stack space constraints by modifying SEM (semantic functions) interpretation of the instructions in the promotion process. |
|---|---|
| Bibliografie: | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14 |
| ISSN: | 1383-469X 1572-8153 |
| DOI: | 10.1007/s11036-019-01507-0 |