Conference paper

KŘOUSTEK Jakub and KOLÁŘ Dušan. Preprocessing of Binary Executable Files Towards Retargetable Decompilation. In: 8th International Multi-Conference on Computing in the Global Information Technology (ICCGI'13). Nice: International Academy, Research, and Industry Association, 2013, pp. 259-264. ISBN 978-1-61208-283-7. Available from: http://www.thinkmind.org/index.php?view=article&articleid=iccgi_2013_13_10_10061
Publication language:english
Original title:Preprocessing of Binary Executable Files Towards Retargetable Decompilation
Title (cs):Předzpracování binárních spustitelných souborů za účelem rekonfigurovatelného zpětného překladu
Pages:259-264
Proceedings:8th International Multi-Conference on Computing in the Global Information Technology (ICCGI'13)
Conference:ICCGI 2013, The Eighth International Multi-Conference on Computing in the Global Information Technology
Place:Nice, FR
Year:2013
URL:http://www.thinkmind.org/index.php?view=article&articleid=iccgi_2013_13_10_10061
ISBN:978-1-61208-283-7
Publisher:International Academy, Research, and Industry Association
Keywords
reverse engineering, decompilation, packer detection, unpacking, executable file, Lissom
Annotation
The goal of retargetable machine-code decompilation is to analyze and reversely translate platform-dependent executable files into a high level language (HLL) representation. This process can be used for many different purposes, such as legacy code reengineering, malware analysis, etc. Retargetable decompilation is a complex task that must deal with a lot of different platform-specific features and missing information. Moreover, input files are often compressed or protected from any kind of analysis (up to 80% of malware samples). Therefore, accurate preprocessing of input files is one of the necessary prerequisites in order to achieve the best results. This paper presents a concept of a generic preprocessing system that consists of a precise signature-based compiler and packer detector, plugin-based unpacker, and converter into an internal platform-independent file format. This approach has been adopted and tested in an existing retargetable decompiler. According to our experimental results, the proposed retargetable solution is fully competitive with existing platform-dependent tools.
BibTeX:
@INPROCEEDINGS{
   author = {Jakub K{\v{r}}oustek and Du{\v{s}}an Kol{\'{a}}{\v{r}}},
   title = {Preprocessing of Binary Executable Files Towards
	Retargetable Decompilation},
   pages = {259--264},
   booktitle = {8th International Multi-Conference on Computing in the
	Global Information Technology (ICCGI'13)},
   year = {2013},
   location = {Nice, FR},
   publisher = {International Academy, Research, and Industry Association},
   ISBN = {978-1-61208-283-7},
   language = {english},
   url = {http://www.fit.vutbr.cz/research/view_pub.php?id=10200}
}

Your IPv4 address: 54.224.68.56
Switch to IPv6 connection

DNSSEC [dnssec]