Skip to main content
SpringerLink
Log in

Raising MIPS Binaries to LLVM IR

  • Conference paper
  • First Online:
Information Systems Security (ICISS 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13146))

Included in the following conference series:

Abstract

The need for automated, scalable and machine speed analysis is significant with the ever-increasing quantity of code that requires security analysis. Recent advancements in technology demonstrate the possibility of automated analysis of binaries by raising/lifting/translating them to an intermediate representation. This paper describes the efforts towards developing utilities for raising MIPS binaries to an intermediate representation (IR) of LLVM. Using LLVM-IR, one can leverage the existing utilities built over LLVM for performing automated analysis of lifted code. The implemented utilities extend open-source tools McSema and Remill for MIPS ISA. The paper presents the methodology of raising the MIPS binaries as a systematically arranged step by step procedure. While presenting the procedure, the text highlights the challenges faced during each of these translation steps. The results from the two test suites demonstrate that the implemented static binary translation (SBT) utilities can produce the LLVM-IR that can be analysed or recompiled back to an executable form.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Arm exploration tools. https://developer.arm.com/architectures/cpu-architecture/a-profile/exploration-tools. Accessed 10 Aug 2021

  2. Elf handling for thread local storage. https://uclibc.org/docs/tls.pdf. Accessed 10 Aug 2021

  3. Mcsema - trail of bits. https://github.com/lifting-bits/mcsema. Accessed 10 Aug 2021

  4. Openwrt. https://openwrt.org. Accessed 10 Aug 2021

  5. Remill - trail of bits. https://github.com/lifting-bits/remill. Accessed 10 Aug 2021

  6. The system V application binary interface: MIPS RISC processor supplement (1996)

    Google Scholar 

  7. J.H., et al.: reopt. https://github.com/GaloisInc/reopt. Accessed 10 Aug 2021

  8. Barbalace, A., Karaoui, M.L., Wang, W., Xing, T., Olivier, P., Ravindran, B.: Edge computing: the case for heterogeneous-ISA container migration. In: Proceedings of the 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, pp. 73–87 (2020)

    Google Scholar 

  9. Bougacha, A., Aubey, G., Collet, P., Coudray, T., de la Vieuville, A.: Dagger (2016)

    Google Scholar 

  10. Charney, M.: Intel xed (2017). https://github.com/intelxed/xed

  11. Chipounov, V., Candea, G.: Enabling sophisticated analyses of \(\times \)86 binaries with RevGen. In: 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W), pp. 211–216. IEEE (2011)

    Google Scholar 

  12. Cloutier, F.: https://github.com/zneak/fcd. Accessed 10 Aug 2021

  13. da Costa, N., Doria, F.A.: On an extension of Rice’s theorem and its applications in mathematical economics dedicated to the memory of professor Saul Fuks (1929–2012). In: Entangled Political Economy. Emerald Group Publishing Limited (2014)

    Google Scholar 

  14. Di Federico, A., Agosta, G.: A jump-target identification method for multi-architecture static binary translation. In: Proceedings of the International Conference on Compilers, Architectures and Synthesis for Embedded Systems, pp. 1–10 (2016)

    Google Scholar 

  15. Di Federico, A., Fezzardi, P., Agosta, G.: rev.ng: a multi-architecture framework for reverse engineering and vulnerability discovery. In: 2018 International Carnahan Conference on Security Technology (ICCST), pp. 1–5. IEEE (2018)

    Google Scholar 

  16. Di Federico, A., Payer, M., Agosta, G.: rev.ng: a unified binary analysis framework to recover CFGs and function boundaries. In: Proceedings of the 26th International Conference on Compiler Construction, pp. 131–141 (2017)

    Google Scholar 

  17. RTC draper: fracture. https://github.com/draperlaboratory/fracture. Accessed 10 Aug 2021

  18. Ellson, J., Gansner, E., Koutsofios, L., North, S.C., Woodhull, G.: Graphviz— open source graph drawing tools. In: Mutzel, P., Jünger, M., Leipert, S. (eds.) GD 2001. LNCS, vol. 2265, pp. 483–484. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45848-4_57

    Chapter  MATH  Google Scholar 

  19. Engelke, A., Schulz, M.: Instrew: leveraging LLVM for high performance dynamic binary instrumentation. In: Proceedings of the 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, pp. 172–184 (2020)

    Google Scholar 

  20. Fraze, D.: Cyber grand challenge (CGC). Defense Advanced Research Projects Agency (2016). https://wwwdarpa.mil/program/cyber-grand-challenge

  21. Holub, J.J.: Decompilation of specialized and advanced instruction sets

    Google Scholar 

  22. Kirchner, K., Rosenthaler, S.: bin2llvm: analysis of binary programs using LLVM intermediate representation. In: Proceedings of the 12th International Conference on Availability, Reliability and Security, pp. 1–7 (2017)

    Google Scholar 

  23. Korenčik, L.: Decompiling binaries into LLVM IR using McSema and Dyninst. Ph.D. thesis, Masarykova univerzita, Fakulta informatiky (2019)

    Google Scholar 

  24. Křoustek, J., Matula, P.: RetDec: an open-source machine-code decompiler [talk], July 2018. Presented at Pass the SALT 2018, Lille

    Google Scholar 

  25. Pietrek, M.: Peering inside the PE: a tour of the Win32 portable executable file format (1994)

    Google Scholar 

  26. Quynh, N.A.: Capstone: next-gen disassembly framework, 5(2), 3–8. Black Hat USA (2014)

    Google Scholar 

  27. raxen: Libbeauty. https://github.com/raxen/libbeauty. Accessed 10 Aug 2021

  28. Yadavalli, S.B., Smith, A.: Raising binaries to LLVM IR with MCTOLL (WIP paper). In: Proceedings of the 20th ACM SIGPLAN/SIGBED International Conference on Languages, Compilers, and Tools for Embedded Systems, pp. 213–218 (2019)

    Google Scholar 

Download references

Acknowledgements

We want to thank the Ministry of Electronics and Information Technology (MeitY) Govt. of India for funding this research work. Any views, opinions, and findings made in this paper are only of the authors and do not reflect the opinions of MeitY.

We would like to acknowledge the developer community of McSema & Remill from TrailOfBits for providing insights on the working of these tools.

Author information

Authors and Affiliations

  1. Centre for Development of Advanced Computing (C-DAC), Hyderabad, India

    Sandeep Romana, Anil D. Bandgar, Mohit Kumar, Mahesh U. Patil & P. R. Lakshmi Eswari

Authors
  1. Sandeep Romana
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anil D. Bandgar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mohit Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mahesh U. Patil
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. P. R. Lakshmi Eswari
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sandeep Romana .

Editor information

Editors and Affiliations

  1. Indian Institute of Technology Patna, Patna, India

    Somanath Tripathy

  2. Indian Institute of Technology Bombay, Mumbai, India

    Rudrapatna K. Shyamasundar

  3. Newcastle University, Newcastle upon Tyne, UK

    Rajiv Ranjan

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Romana, S., Bandgar, A.D., Kumar, M., Patil, M.U., Lakshmi Eswari, P.R. (2021). Raising MIPS Binaries to LLVM IR. In: Tripathy, S., Shyamasundar, R.K., Ranjan, R. (eds) Information Systems Security. ICISS 2021. Lecture Notes in Computer Science(), vol 13146. Springer, Cham. https://doi.org/10.1007/978-3-030-92571-0_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-92571-0_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-92570-3

  • Online ISBN: 978-3-030-92571-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation