Walls, Robert Joseph
The idea for this project was to use symbolic execution to create an architecture-agnostic representation of a function to use for matching. Symbolic execution is a dynamic analysis method that provides the reverse engineer with a better understanding of what a binary does during run-time. Using symbolic execution for a function matcher allows for matches based on how they react to symbolic variables. We use symbolic constraints to match functions cross architecture. Our matcher gave us 87% of functions matched when it came to ideal functions for this matcher type. Ideal functions for this matcher are those whose control flow relies on run time data. Our proposed matcher attempts to solve the problem of cross architecture comparisons of binaries while also allowing full code coverage.
Worcester Polytechnic Institute
Major Qualifying Project
Access to this report is limited to members of the WPI community. Please contact a project advisor or their department to request access
Restricted-WPI community only
Your accessibility may vary due to other restrictions.