Upload File

reassembleable disassembly shuai wang, pei wang, dinghao wu presented by chuong ngo

  • Home
  • Documents
  • Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo
29
Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Upload: morgan-shields

Post on 02-Jan-2016

215 views

Category:

Documents


0 download

Report

Tags:

TRANSCRIPT

Page 1: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Reassembleable Disassembly

Shuai Wang, Pei Wang, Dinghao Wu

Presented by Chuong Ngo

Page 2: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

What’s in Your Dependency?

http://youtube.com/v/xpht2R_0cEg
Page 3: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

What’s in Your Dependency?

http://youtube.com/v/3olXUbS-prU
Page 4: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

What’s in Your Dependency?

http://youtube.com/v/QJ4t1qP4xvw
Page 5: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Identifying Bugs, Flaws, and Exploits

Study the specifications/papers detailing the techniques and algorithms.

Penetration test the implementation.

Study the implementation.

Get lucky.

Page 6: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Identifying Bugs, Flaws, and Exploits

Study the specifications/papers detailing the techniques and algorithms.

Penetration test the implementation.

Study the implementation.

Get lucky.

Page 7: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Identifying Bugs, Flaws, and Exploits

Study the specifications/papers detailing the techniques and algorithms.

Penetration test the implementation.

Study the implementation.

Get lucky.

But what if you don’t have the source code?

Page 8: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Back to the Source

Page 9: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Review of Compilation Process

Stripped Binary

Page 10: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Disassemblers

IDA Pro-best commercial

EXE to assembly to C.

Not reassembleable.

MC-Semantics

Object to binary only

Reassembleable

Lower performance

Page 11: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Binary Rewriting Tools

Specific compiler or non-stripped binary.

Re-compiled binary bloat.

Large execution overhead.

Not reassembleable.

Page 12: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Code Relocatability is Key to Reassembility

Page 13: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Problem of Relocatability - Data or Reference?

Page 14: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Problem of Relocatability - Data or Reference?

Disassembler needs to symbolize references

Page 15: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Types of Symbol References

Page 16: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Methodology

Simple filter for c2X.4/8 byte aligned.d2d irrelevant.Find jump tables.

Page 17: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Enter Oroboros

Page 18: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Architecture of Uroboros

Page 19: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Architecture of Uroboros

Page 20: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Architecture of Uroboros

Page 21: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Oroboros Evaluation

Page 22: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Evaluation Corpora

Page 23: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Evaluation Corpora

224 total

A1: Coreutils (103)

A2: Real (7)

A3: SPEC2006 C

Page 24: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

32-bit Binary Accuracies

Page 25: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

64-bit Binary Accuracies

Page 26: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

32-bit Binary Execution Overhead

Page 27: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

32-bit Binary Processing Times

Page 28: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Summary

Reassembeable disassembly needed

Symbolization solves code relocatability

Uroboros comprised of Disassembly and Analysis module

Compiler independent

No C++ support

Page 29: Reassembleable Disassembly Shuai Wang, Pei Wang, Dinghao Wu Presented by Chuong Ngo

Questions

Why did the authors choose to report false positives and false negatives?

Was reporting on the first and last 10 programs, arranged alphabetically, a good idea?

What could explain the outliers in the reported processing times and execution overhead?


STAGES SHUAI JIAO WUSHU JIN BAOSHENG - … DE SHUAI JIAO WUSHU JIN BAOSHENG LUTTE CHINOISE de PEKIN EVENEMENT EXCEPTIONNEL Le grand maître Wang Wenyong sera en France à partir du

High Mobility, Printable, and Solution-Processed Graphene ... files/E-publications... · High Mobility, Printable, and Solution-Processed Graphene Electronics Shuai Wang,†, |Priscilla

Development of 4G-based power quality monitoring system · Development of 4G-based power quality monitoring system. Liu Junyu, Wang Shuai, Wang Jiaying, Xu Haihang, Xiao Fang, Yang

Computer Architecture Spring 2016 - Nanjing Universitycs.nju.edu.cn/_upload/tpl/00/e0/224/template224/CA_16S/Lec10_OoO... · Computer Architecture Spring 2016 Shuai Wang Department

1 st Oct 2013 1 CorLayer: A Transparent Link Correlation Layer for Energy Efficient Broadcast Shuai Wang, Song Min Kim, Yunhuai Liu, Guang Tan, and Tian

A novel solidification technology for heavy metals in ... · A novel solidification technology for heavy metals in electrolytic manganese residue Zhong Hong*, Li Changxin, Wang Shuai,

Ping Shuai

LOOP: Logic-Oriented Opaque Predicate Detection in ...LOOP: Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code Jiang Ming, Dongpeng Xu, Li Wang, and Dinghao Wu College

Abstract - 北海道大学 · Abstract Shuai Wang Candidate for the degree of Philosophy Doctor (PhD) Supervisor: Naoyuki Hashimoto Division of Materials Science, Graduate School

Xiaoyaoshuai (2000) by Shou-Yu Liang - Shuai Jiao - Shuai Ch

Risk Assessment of Buffer “Heartbleed” Over-read ...Vulnerabilities (Practical Experience Report) Jun Wang, Mingyi Zhao, Qiang Zengy, Dinghao Wu, Peng Liu The Pennsylvania State

Xiaoyaoshuai-2000 by Shou-Yu Liang Shuai Jiao-Shuai Ch

MODIS Anisotropy and Albedo Product Crystal Schaaf Alan Strahler, Jicheng Liu, Ziti Jiao, Yanmin Shuai, Miguel Roman, Qingling Zhang, Zhuosen Wang Boston

Taikiken (1976) by Kenichi Sawai - Shuai Jiao - Shuai Chiao - Yi Quan - Xing Yi - Hsing I - Ba Gu

16TH ANNUAL GREAT LAKES KUNG FU SHUAI CHIAO & …osukungfu.com/UssaNews/ussa151.pdf · 16TH ANNUAL GREAT LAKES KUNG FU SHUAI CHIAO & SAN SHOU ... But in Shuai Chiao, ... The 2007

Yue Huang , Shuai Yang - Atlantis Press

Encode When Necessary: Correlated Network Coding …song/paper/TOSN17_Shuai.pdf · Encode When Necessary: Correlated Network Coding Under Unreliable Wireless Links SHUAI WANG, ZHIMENG

Indiana v. Shuai

Supporting Information · 1 Supporting Information Vertically Oriented Growth of MoO3 Nanosheets on Graphene for Superior Lithium Storage Shuai Wang, a Huijuan Zhang, a Di Zhang,

International Shuai Chiao Association

Computer Architecture Spring 2016 - Nanjing University · Computer Architecture Spring 2016 Shuai Wang Department of Computer Science and Technology Nanjing University ... insn0.fetch

Turing Obfuscationshuaiw/papers/TO.pdf · 2019-02-17 · Turing Obfuscation Yan Wang, Shuai Wang, Pei Wang, and Dinghao Wu College of Information Sciences and Technology The Pennsylvania

Author Template - gpps.global · HIGH SUBSONIC TURBINE CASCADE Shuai Wang School of Energy Science and Engineering, Harbin Institute of Technology [email protected] Harbin, Heilongjiang

fileTitle: BML: A High-performance, Low-cost Gradient Synchronization Algorithm for DML Training Author: Songtao Wang, Dan Li, Yang Cheng, Jinkun Geng,Yanshu Wang, Shuai Wang, Shutao

Academic Advice - Nanjing University · 2016-05-10 · Academic Advice by Shuai Wang Department of Computer Science and Technology Nanjing University. Outline Paper Writing Presentation

D Z C V Desheng Zhangdz220/DeshengZhangCV102020.pdf · [C05] Guang Wang*, Shuxin Zhong, Shuai Wang, Fei Miao, Zheng Dong, Desheng Zhang Data-Driven Fairness-Aware Vehicle Displacement

Herpes Simplex Virus 1 Ubiquitin-Specific Protease UL36 ...ibms.suda.edu.cn/_upload/article/files/2f/b0/b4... · Beta Interferon Production by Deubiquitinating TRAF3 Shuai Wang,

Yun-Chung Yang TRB: Tag Replication Buffer for Enhancing the Reliability of the Cache Tag Array Shuai Wang; Jie Hu; Ziavras S.G; Dept. of Electr. & Comput

Scaling Multicore Databases via Constrained Parallel Executionjinyang/pub/ic3-sigmod16.pdf · Scaling Multicore Databases via Constrained Parallel Execution Zhaoguo Wang, Shuai Mu,

Anomalous α-Mg Dendrite Growth During …Communication Anomalous a-Mg Dendrite Growth During Directional Solidification of a Mg-Zn Alloy SANSAN SHUAI, ENYU GUO, MINGYUE WANG, MARK

SIGKDD 2016 - SHUAI LI

Gang Zhao, Jing Peng, Hong Zhong *, Shuai Wang * …...Minerals 2016, 6, 97 3 of 16 2.1.1. Synthesis of Ethoxycarbonyl Isothiocyanate In this procedure, ethyl chloroformate was added

A Lithography-Free and Field-Programmable Photonic Metacanvas · 2018-02-21 · Kaichen Dong, Sukjoon Hong, Yang Deng, He Ma, Jiachen Li, Xi Wang, Junyeob Yeo, Letian Wang, Shuai

Enhancing Reliability to Boost the Throughput over Screen-Camera Links Anran Wang, Shuai Ma, Chunming Hu, Jinpeng Huai, Chunyi Peng, Guobin Shen

STAGES SHUAI JIAO WUSHU JIN BAOSHENGddata.over-blog.com/xxxyyy/2/54/95/88/STAGES-SHUAI-JIAO...Microsoft Word - STAGES SHUAI JIAO WUSHU JIN BAOSHENG.docx Author Hadrien Lesueur Created