Analyzing Memory Accesses in x86 Binary Executables

Autor: Balakrishnan, Gogul, Reps, Thomas
Rok vydání: 2003
Zdroj: IndraStra Global.
ISSN: 2381-3652
Popis: This paper concerns static analysis algorithms for analyzing x86 executables. The aim of the work is to recover intermediate representations that are similar to those that can be created for a program written in a high-level language. Our goal is to perform this task for programs such as plugins, mobile code, worms, and virus-infected code. For such programs, symbol-table and debugging information is either entirely absent, or cannot be relied upon if present; hence, the technique described in the paper makes no use of symbol-table/debugging information. Instead, an analysis is carried out to recover information about the contents of memory locations and how they are manipulated. The analysis, called value-set analysis, tracks address-valued and integer-valued quantities simultaneously.
Databáze: OpenAIRE