Accession Number : ADA540141


Title :   Automated Analysis of ARM Binaries using the Low-Level Virtual Machine Compiler Framework


Descriptive Note : Master's thesis


Corporate Author : AIR FORCE INST OF TECH WRIGHT-PATTERSON AFB OH SCHOOL OF ENGINEERING AND MANAGEMENT


Personal Author(s) : Scott, Jeffery


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a540141.pdf


Report Date : Mar 2011


Pagination or Media Count : 103


Abstract : Binary program analysis is a critical capability for offensive and defensive operations in Cyberspace. However, many current techniques are ineffective or time-consuming and few tools can analyze code compiled for embedded processors such as those used in network interface cards, control systems and mobile phones. This research designs and implements a binary analysis system, called the Architecture-independent Binary Abstracting Code Analysis System (ABACAS), which reverses the normal program compilation process, lifting binary machine code to the Low-Level Virtual Machine (LLVM) compiler?s intermediate representation, thereby enabling existing security-related analyses to be applied to binary programs. The prototype targets ARM binaries but can be extended to support other architectures. Several programs are translated from ARM binaries and analyzed with existing analysis tools. Programs lifted from ARM binaries are an average of 3.73 times larger than the same programs compiled from a high-level language (HLL). Analysis results are equivalent regardless of whether the HLL source or ARM binary version of the program is submitted to the system, confirming the hypothesis that LLVM is effective for binary analysis.


Descriptors :   *BINARY PROCESSORS , *SECURITY , *RADIOTELEPHONES , NETWORKS , INTERFACES , ATTACK , THESES , PROCESSING EQUIPMENT , MOBILE , EMBEDDING , HYPOTHESES , COMPILERS , HIGH LEVEL LANGUAGES , DEFENSE SYSTEMS , AUTOMATION , MILITARY OPERATIONS , CONTROL SYSTEMS


Subject Categories : Computer Programming and Software
      Computer Hardware
      Radio Communications


Distribution Statement : APPROVED FOR PUBLIC RELEASE