A Novel Approach to Online Retargetable Machine-Code Decompilation

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F14%3APU112028" target="_blank" >RIV/00216305:26230/14:PU112028 - isvavai.cz</a>

Výsledek na webu

<a href="http://www.mirlabs.net/jnic/secured/Volume2-Issue1/Paper24/JNIC_Paper24.pdf" target="_blank" >http://www.mirlabs.net/jnic/secured/Volume2-Issue1/Paper24/JNIC_Paper24.pdf</a>

DOI - Digital Object Identifier

—

Jazyk výsledku

angličtina

Název v původním jazyce

A Novel Approach to Online Retargetable Machine-Code Decompilation

Popis výsledku v původním jazyce

Machine-code decompilation, belonging to the area of reverse engineering, has found its applications in many real-world areas. Analysis of malicious software, search for vulnerabilities, and source-code recovery are some of the most important uses. As there exists a diversity of different platforms on which software can be run, an existence of a generic decompiler would be highly appreciated. This paper presents an extended version of our retargetable decompiler that also allows decompilation of raw binary code, such as firmware or code snippets. More specifically, in the present paper, we provide a description of a retargetable decompiler that is being developed within the Lissom project. First, we give an introduction into the area of machine-code decompilation, including a brief discussion of existing tools. Then, we describe the concept and architecture of the decompiler. As it is available in the form of a web service, we also provide its description. Finally, we summarise our results, present a case study of using the tool for analysing malicious software, and conclude the paper by several remarks on future research.

Název v anglickém jazyce

A Novel Approach to Online Retargetable Machine-Code Decompilation

Popis výsledku anglicky

Machine-code decompilation, belonging to the area of reverse engineering, has found its applications in many real-world areas. Analysis of malicious software, search for vulnerabilities, and source-code recovery are some of the most important uses. As there exists a diversity of different platforms on which software can be run, an existence of a generic decompiler would be highly appreciated. This paper presents an extended version of our retargetable decompiler that also allows decompilation of raw binary code, such as firmware or code snippets. More specifically, in the present paper, we provide a description of a retargetable decompiler that is being developed within the Lissom project. First, we give an introduction into the area of machine-code decompilation, including a brief discussion of existing tools. Then, we describe the concept and architecture of the decompiler. As it is available in the form of a web service, we also provide its description. Finally, we summarise our results, present a case study of using the tool for analysing malicious software, and conclude the paper by several remarks on future research.

Druh

J_ost - Ostatní články v recenzovaných periodicích

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/ED1.1.00%2F02.0070" target="_blank" >ED1.1.00/02.0070: Centrum excelence IT4Innovations</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2014

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Journal of Network and Innovative Computing (JNIC)

ISSN

2160-2174

e-ISSN

—

Svazek periodika

2

Číslo periodika v rámci svazku

1

Stát vydavatele periodika

US - Spojené státy americké

Počet stran výsledku

9

Strana od-do

224-232

Kód UT WoS článku

—

EID výsledku v databázi Scopus

—