2013 20th Working Conference on Reverse Engineering (WCRE) (2001)
Oct. 2, 2001 to Oct. 5, 2001
Cristina Cifuentes , Sun Microsystems Labs
Mike Van Emmerik , University of Queensland
Trent Waddington , University of Queensland
The extensive use of computers and networks worldwide has raised the awareness of the need for tools and techniques to aid in computer security analysis of binary code, such as the understanding of viruses, trojans, worms, backdoors and general security flaws, in order to provide immediate solutions with or without the aid of software vendors.This paper is a proposal for a high-level debugging tool to be used by computer security experts, which will reduce the amount of time needed in order to solve security-related problems in executable programs. The current state of the art involves the tracing of thousands of lines of assembly code using a standard debugger.A high-level debugger would be capable of displaying a high-level representation of an executable program in the C language, hence reducing the number of lines that need to be inspected by an order of magnitude (i.e. hundreds instead of thousands of lines). Effecively, these techniques will help in reducing the amount of time needed to trace a security flaw in an executable program, as well as reducing the costs of acquiring or training skilled assembler engineers.
Decompilation, reverse engineering, debugging, security
Cristina Cifuentes, Mike Van Emmerik, Trent Waddington, "Computer Security Analysis through Decompilation and High-Level Debugging", 2013 20th Working Conference on Reverse Engineering (WCRE), vol. 00, no. , pp. 375, 2001, doi:10.1109/WCRE.2001.957846