Abstract
Software reverse engineering is a fastidious task demanding a strong expertise in assembly coding. Various existing tools may help analyze the functionality of a binary file without executing it and an interesting step would naturally be the search for the original source files. Our tool called RESource considers the extraction of some features in the assembly code so that queries can be triggered to a source repository in a reliable way: either (1) the result is a set of references to the original project files provided they are hosted on the repository or (2) at least some functionalities of the binary file are unleashed. Such an approach is very promising given its proved performances in real assembly code applications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abrial, J.R.: The B Book - Assigning Programs to Meanings. Cambridge University Press (1996) ISBN 052149619-5
Boomerang: a general, open source, retargetable decompiler of machine code programs, http://boomerang.sourceforge.net/
Bryant, R.E., O’Hallaron, D.R.: Computer Systems – A programmer’s Perspective, 2nd edn. Addison Wesley (2010) ISBN 0136108040
Eymery, D., Eymery, O., Borello, J.-M., Fraygefond, J.-M., Bion, P.: GenDbg: un débogueur générique. In: Symposium Sur la Séurité des Technologies de l’information et des Communications, SSTIC 2008, France (2008)
GDB: The GNU Project Debugger, http://www.gnu.org/software/gdb/documentation/
GNU Binutils, http://www.gnu.org/software/binutils/
Google Code, http://code.google.com/
Google Data APIs, http://code.google.com/p/gdata-objectivec-client/
IDA Pro multi-processor disassembler and debugger, http://www.hex-rays.com/products/ida/index.shtml
IDA Pro Re-Google Plugin, http://regoogle.carnivore.it/
Lagadec, P.: Dynamic Malware Analysis for Dummies. In: Symposium Sur la Sécurité des Technologies de l’information et des Communications, SSTIC 2008, France (2008)
Precise Calculator Project, http://sourceforge.net/projects/preccalc/
Sikorski, M., Honig, A.: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software. No Starch Press (2012) ISBN 1593272901
The Hex-Rays Decompiler, http://www.hex-ays.com/
Troshina, K., Chernov, A., Derevenets, Y.: C Decompilation: Is It Possible? In: Proceedings of International Workshop on Program Understanding, Altai Mountains, Russia, pp. 18–27 (2009)
Troshina, K., Derevenets, Y., Chernov, A.: Reconstruction of Composite Types for Decompilation. In: Proceedings of the 2010 10th IEEE Working Conference on Source Code Analysis and Manipulation, SCAM 2010, Timisoara, Romania, pp. 179–188 (2010)
Valgrind – a suite of tools for debugging and profiling, http://valgrind.org/
WinDbg debugger for Microsoft Windows, http://www.windbg.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rahimian, A., Charland, P., Preda, S., Debbabi, M. (2013). RESource: A Framework for Online Matching of Assembly with Open Source Code. In: Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., Miri, A., Tawbi, N. (eds) Foundations and Practice of Security. FPS 2012. Lecture Notes in Computer Science, vol 7743. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37119-6_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-37119-6_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-37118-9
Online ISBN: 978-3-642-37119-6
eBook Packages: Computer ScienceComputer Science (R0)