Design of a Retargetable Decompiler for a Static Platform-Independent Malware Analysis
| Autor: | Petr Zemek, Dušan Kolář, Alexander Meduna, Jakub Křoustek, Lukáš Ďurfina, Karel Masařík, Tomáš Hruška |
|---|---|
| Rok vydání: | 2011 |
| Předmět: | |
| Zdroj: | Communications in Computer and Information Science ISBN: 9783642231407 ISA |
| DOI: | 10.1007/978-3-642-23141-4_8 |
| Popis: | Together with the massive expansion of smartphones, tablets, and other smart devices, we can notice a growing number of malware threats targeting these platforms. Software security companies are not prepared for such diversity of target platforms and there are only few techniques for platform-independent malware analysis. This is a major security issue these days. In this paper, we propose a concept of a retargetable reverse compiler (i.e. a decompiler), which is in an early stage of development. The retargetable decompiler transforms platform-specific binary applications into a high-level language (HLL) representation, which can be further analyzed in a uniform way. This tool will help with a static platform-independent malware analysis. Our unique solution is based on an exploitation of two systems that were originally not intended for such an application—the architecture description language (ADL) ISAC for a platform description and the LLVM Compiler System as the core of the decompiler. In this study, we show that our tool can produce highly readable HLL code. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|