Advertisement

Jakstab: A Static Analysis Platform for Binaries

Tool Paper
  • Johannes Kinder
  • Helmut Veith
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5123)

Abstract

For processing compiled code, model checkers require accurate model extraction from binaries. We present our fully configurable binary analysis platform Jakstab, which resolves indirect branches by multiple rounds of disassembly interleaved with dataflow analysis. We demonstrate that this iterative disassembling strategy achieves better results than the state-of-the-art tool IDA Pro.

Download to read the full conference paper text

References

  1. 1.
    Balakrishnan, G., Reps, T., Melski, D., Teitelbaum, T.: WYSINWYX: What You See Is Not What You eXecute. In: VSTTE, Zurich, Switzerland (2005)Google Scholar
  2. 2.
    Gulavani, B., Henzinger, T., Kannan, Y., Nori, A., Rajamani, S.: SYNERGY: a new algorithm for property checking. In: SIGSOFT FSE 2006, pp. 117–127. ACM, New York (2006)Google Scholar
  3. 3.
    Kinder, J., Katzenbeisser, S., Schallhart, C., Veith, H.: Detecting malicious code by model checking. In: Julisch, K., Krügel, C. (eds.) DIMVA 2005. LNCS, vol. 3548, pp. 174–187. Springer, Heidelberg (2005)Google Scholar
  4. 4.
    Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: CCS 2003, pp. 290–299. ACM, New York (2003)CrossRefGoogle Scholar
  5. 5.
    Balakrishnan, G., Reps, T.: Analyzing memory accesses in x86 executables. In: Duesterwald, E. (ed.) CC 2004. LNCS, vol. 2985, pp. 5–23. Springer, Heidelberg (2004)Google Scholar
  6. 6.
    Balakrishnan, G., Reps, T.: Analyzing stripped device-driver executables. In: TACAS 2008. LNCS, pp. 124–140. Springer, Heidelberg (2008)Google Scholar
  7. 7.
    Cifuentes, C.: Reverse Compilation Techniques. PhD thesis, Queensland University of Technology (1994)Google Scholar
  8. 8.
    van Emmerik, M., Waddington, T.: Using a decompiler for real-world source recovery. In: WCRE 2004, pp. 27–36. IEEE Computer Society, Los Alamitos (2004)Google Scholar
  9. 9.
    Chang, B., Harren, M., Necula, G.: Analysis of low-level code using cooperating decompilers. In: Yi, K. (ed.) SAS 2006. LNCS, vol. 4134, pp. 318–335. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  10. 10.
    Cifuentes, C., Sendall, S.: Specifying the semantics of machine instructions. In: International Workshop on Program Comprehension (IWPC 1998), pp. 126–133. IEEE Computer Society, Los Alamitos (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Johannes Kinder
    • 1
  • Helmut Veith
    • 1
  1. 1.Technische Universität DarmstadtDarmstadtGermany

Personalised recommendations

Cite paper