272 Hits in 3.3 sec

Approaching Retargetable Static, Dynamic, and Hybrid Executable-Code Analysis

Jakub Křoustek, Dušan Kolář
2013 Acta Informatica Pragensia  
In this paper, we present a complex platform independent toolchain for executable-code analysis that supports both static and dynamic analysis.  ...  This toolchain, developed within the Lissom project, exploits several previously designed methods and it can be used for debugging user's applications as well as malware analysis, etc.  ...  Code for Industrial Automation Devices using Decompilation, BUT FIT grant FIT-S-11-2,  ... 
doi:10.18267/j.aip.10 fatcat:zzrkfqsg6ngp5oyac2ngdkttua


Luke Deshotels, Razvan Deaconescu, Mihai Chiroiu, Lucas Davi, William Enck, Ahmad-Reza Sadeghi
2016 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16  
We propose the SandScout framework to extract, decompile, formally model, and analyze iOS sandbox profiles as logic-based programs.  ...  We use our Prologbased queries to evaluate file-based security properties of the container sandbox profile for iOS 9.0.2 and discover seven classes of exploitable vulnerabilities.  ...  We also thank Dino Dai Zovi for his advice on reverse engineering iOS sandbox profiles.  ... 
doi:10.1145/2976749.2978336 dblp:conf/ccs/DeshotelsDCDES16 fatcat:u6bcwcwcavbqbituckjahcz6si

When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries [article]

Aylin Caliskan, Fabian Yamaguchi, Edwin Dauber, Richard Harang, Konrad Rieck, Rachel Greenstadt, Arvind Narayanan
2016 arXiv   pre-print
The ability to identify authors of computer programs based on their coding style is a direct threat to the privacy and anonymity of programmers.  ...  We examine programmer de-anonymization from the standpoint of machine learning, using a novel set of features that include ones obtained by decompiling the executable binary to source code.  ...  Government is authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notice herein. This material is based on work supported by the ARO (U.S.  ... 
arXiv:1512.08546v2 fatcat:xpqswbzugnae3lg5kiq3k7vkgu

Hijacking .NET to Defend PowerShell [article]

Amanda Rousseau
2017 arXiv   pre-print
, and C based function hooking.  ...  PowerShell, followed by a deeper explanation of various attacker techniques, which is explained from the perspective of the defender, including assembly modification, class and method injection, compiler profiling  ...  A decompiler can reconstruct the source code based on the object information's original function names, function offsets, and membership to the parent classes.  ... 
arXiv:1709.07508v1 fatcat:ggs4wvcok5brbabk4gwi5y7squ

Digital Forensic Practices and Methodologies for AI Speaker Ecosystems

Wooyeon Jo, Yeonghun Shin, Hyungchan Kim, Dongkyun Yoo, Donghyun Kim, Cheulhoon Kang, Jongmin Jin, Jungkyung Oh, Bitna Na, Taeshik Shon
2019 Digital Investigation. The International Journal of Digital Forensics and Incident Response  
APK decompilation analysis The static analysis and dynamic analysis processes are used for decompilation-based forensic analysis of an Android mobile app.  ...  Decompilation-based forensic analysis techniques are divided into six analysis techniques, such as call-hierarchy analysis, stringbased search analysis, obfuscated class/method reconstruction, Dalvik bytecode  ...  A digital forensics tool for NAVER Clova. Wooyeon Jo Wooyeon Jo received the B.S. degree in computer engineering from Ajou University, Suwon, Republic of Korea, in 2015.  ... 
doi:10.1016/j.diin.2019.04.013 fatcat:ilzpkpi3cbbo5fx7v6vqxhqx6m

Reverse Engineering Java Card Applets Using Power Analysis [chapter]

Dennis Vermoen, Marc Witteman, Georgi N. Gaydadjiev
2007 Lecture Notes in Computer Science  
We propose similar methodology for Java Card applets reverse engineering.  ...  Execution Trace Decompilation When the structured bytecode is available, it is relatively easy to reconstruct source-level expressions.  ...  Based on the elements on top of the operand type stack, some bytecodes can be excluded from the set of possible follow-up bytecodes. Note that this approach will greatly reduce the search space.  ... 
doi:10.1007/978-3-540-72354-7_12 fatcat:z4tui7aexbdd3d7shszviqzkha

A Power-efficient Approach to Detect Mobile Threats on the Emergent Network Environment

Chia-Mei Chen, Yi-Hung Liu, Zheng-Xun Cai, Gu-Hsin Lai
2020 IEEE Access  
The code reconstruction is to disassemble a given mobile application into java source code. Several open source solutions can be applied such as apktool, dex2jar, and java decompiler.  ...  JDCore, or JAD, decompiles java bytecode to source code.  ... 
doi:10.1109/access.2020.3035192 fatcat:m4xq5rqdcjbj5nb2cltie7vasm

When Harry Met Tinder: Security Analysis of Dating Apps on Android [chapter]

Kuyju Kim, Taeyun Kim, Seungjin Lee, Soolin Kim, Hyoungshick Kim
2018 Lecture Notes in Computer Science  
We carefully analyze the possibility of software vulnerabilities on the five most popular dating apps on Android through network traffic analyses and reverse engineering techniques for each dating app.  ...  Our experiment results demonstrate that user credential data can be stolen from all five applications; three apps may lead to the disclosure of user profiles, and one app may lead to the disclosure of  ...  To perform static analysis, we extracted the storage of the apps from the device and also decompiled the APK file to analyze the reconstructed source code.  ... 
doi:10.1007/978-3-030-03638-6_28 fatcat:x36kpkusqvhepmtmyw2bcek6c4

Drawing the Boundary between Copyright and Contract: Copyright Preemption of Software License Terms

Maureen A. O'Rourke
1995 Duke law journal  
For the fiscal year ending June  ...  See, e.g., Joel Dreyfuss, Struggle for Dominance: Operating Systems: Software's Crucible, INFORMATION WEEK, Oct. 24, 1994, at 2 (stating that IBM spent at least $1 billion developing OS/2).  ...  that time and effort to decompile object code and reconstruct source code approaches investment of copyright owner).  ... 
doi:10.2307/1372890 fatcat:xfb2bnpqmngefgp2ffvah7rkpa

A Study on Software Reverse Engineering-An Overview of its Applications

Akanksha Jha, Rachana K, Ilango Paramasivam
2017 International Journal of Software Engineering and Its Applications  
Initially, it was introduced and used just for the modernization of old legacy systems. With time, the usage of software reverse engineering has become more extensive.  ...  Ilango P. for his exemplary guidance, valuable feedback and constant encouragement throughout the duration of the project.  ...  The reconstructed models are then checked against the original software architecture profiles to find the flaws and violations in them.  ... 
doi:10.14257/ijseia.2017.11.5.03 fatcat:666c5gpxzfbxjgtee65tsukixa

Efficient Fuzz Testing for Apache Spark Using Framework Abstraction [article]

Qian Zhang, Jiyuan Wang, Muhammad Ali Gulzar, Rohan Padhye, Miryung Kim
2021 arXiv   pre-print
The key essence of our approach is that we abstract the dataflow behavior of the DISC framework with executable specifications and we design schema-aware mutations based on common error types in DISC applications  ...  We devise a novel fuzz testing tool called BigFuzz that automatically generates concrete data for an input Apache Spark program.  ...  Next, BIGFUZZ reconstructs her program with these Java classes using the executable specifications and automatically generates a test driver for her program.  ... 
arXiv:2103.05118v1 fatcat:w4exupqkbrge7iyjx3nbzgprr4

Reconstruction Attacks Against Mobile-Based Continuous Authentication Systems in the Cloud

Mohammad Al-Rubaie, J. Morris Chang
2016 IEEE Transactions on Information Forensics and Security  
We propose two types of reconstruction attacks based on whether actual user samples are available to the adversary (as in SVM profiles) or not.  ...  Finally, we analyze the results, and provide recommendations for building active authentication systems that could resist reconstruction attacks.  ...  Neil Gong for insightful discussion.  ... 
doi:10.1109/tifs.2016.2594132 fatcat:apszymdebrdejpxcgbzzgp3cfu

Effective Enhancement of Loop Versioning in Java [chapter]

Vitaly V. Mikheev, Stanislav A. Fedoseev, Vladimir V. Sukharev, Nikita V. Lipsky
2002 Lecture Notes in Computer Science  
Basing upon the Java Memory Model precisely defined in JLS, the work proposes a set of sufficient conditions for applicability of loop versioning.  ...  Implemented in Excelsior JET, an ahead-of-time compiler for Java, the developed technique results in significant performance improvements on some computational benchmarks.  ...  Osbourne for his support.  ... 
doi:10.1007/3-540-45937-5_21 fatcat:s6m4g2fp6feznmhtei7ljtmgxy

Checking App Behavior Against App Descriptions: What If There are No App Descriptions? [article]

Md. Shamsujjoha, John Grundy, Li Li, Hourieh Khalajzadeh, Qinghua Lu
2021 arXiv   pre-print
However, our analysis shows some limitations in REACT procedure and implementation, especially for similar feature based app grouping.  ...  Classifying mobile apps based on their description is beneficial for several purposes. However, many app descriptions do not reflect app functionalities, whether accidentally or on purpose.  ...  A completely different approach than CHABADA to profile apps based on static information is presented in [8] . Here, potential malicious activity is detected via changes in intensity level.  ... 
arXiv:2103.11668v1 fatcat:xdztg7lsffcqlmjvm3vi7ukgca

Helium: lifting high-performance stencil kernels from stripped x86 binaries to halide DSL code

Charith Mendis, Jeffrey Bosboom, Kevin Wu, Shoaib Kamil, Jonathan Ragan-Kelley, Sylvain Paris, Qin Zhao, Saman Amarasinghe
2015 SIGPLAN notices  
We perform buffer structure reconstruction to identify input, intermediate and output buffer shapes.  ...  This is done by canonicalizing trees, clustering them based on structure, inferring higher-dimensional buffer accesses and finally by solving a set of linear equations based on buffer accesses to lift  ...  , and Jeff Chien of the Photoshop team for their helpful input.  ... 
doi:10.1145/2813885.2737974 fatcat:apti6ahwtvh4laxjjvschayrl4
« Previous Showing results 1 — 15 out of 272 results