Accurate Recovery of Functions in a Retargetable Decompiler(Poster Abstract)

  • Lukáš Ďurfina
  • Jakub Křoustek
  • Petr Zemek
  • Břetislav Kábele
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7462)

Abstract

Introduction. Decompilation is used for translation of executable files into a high-level language (HLL) representation. It is an important mechanism for information forensics and malware analysis. Retargetable decompilation represents a very difficult task because it must handle all the specific features of the target platform. Nevertheless, a retargetable decompiler can be used for any particular target platform and the resulting code is represented in a uniform way.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Kästner, D., Wilhelm, S.: Generic control flow reconstruction from assembly code. ACM SIGPLAN Notices 37(7) (July 2002)Google Scholar
  2. 2.
    Theiling, H.: Extracting safe and precise control flow from binaries. In: Proceedings of the 7th Conference on Real-Tim Computing Systems and Applications (2000)Google Scholar
  3. 3.
    Balakrishnan, G., Reps, T.: Analyzing Memory Accesses in x86 Executables. In: Duesterwald, E. (ed.) CC 2004. LNCS, vol. 2985, pp. 5–23. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Ďurfina, L., Křoustek, J., Zemek, P., Kolář, D., Masařík, K., Hruška, T., Meduna, A.: Design of a retargetable decompiler for a static platform-independent malware analysis. International Journal of Security and Its Applications 5(4), 91–106 (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Lukáš Ďurfina
    • 1
  • Jakub Křoustek
    • 1
  • Petr Zemek
    • 1
  • Břetislav Kábele
    • 1
  1. 1.Faculty of Information Technology, IT4Innovations Centre of ExcellenceBrno University of TechnologyBrnoCzech Republic

Personalised recommendations