Neural Reverse Engineering of Stripped Binaries

02/25/2019
by   Yaniv David, et al.
0

We address the problem of predicting procedure names in stripped executables which contain no debug information. Predicting procedure names can dramatically ease the task of reverse engineering, saving precious time and human effort. We present a novel approach that leverages static analysis of binaries with encoder-decoder-based neural networks. The main idea is to use static analysis to obtain enriched representations of API call sites; encode a set of sequences of these call sites; and finally, attend to the encoded sequences while decoding the target name token-by-token. We evaluate our model by predicting procedure names over 60,000 procedures in 10,000 stripped executables. Our model achieves 81.70 precision and 80.12 recall in predicting procedure names within GNU packages, and 55.48 precision and 51.31 recall in a diverse, cross-package, dataset. Comparing to previous approaches, the predictions made by our model are much more accurate and informative.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
09/19/2021

Rethnicity: Predicting Ethnicity from Names

I provide an R package, , for predicting ethnicity from names. I use the...
research
08/31/2018

Context2Name: A Deep Learning-Based Approach to Infer Natural Variable Names from Usage Contexts

Most of the JavaScript code deployed in the wild has been minified, a pr...
research
02/27/2021

A Context-based Automated Approach for Method Name Consistency Checking and Suggestion

Misleading method names in software projects can confuse developers, whi...
research
05/06/2019

Anonymized BERT: An Augmentation Approach to the Gendered Pronoun Resolution Challenge

We present our 7th place solution to the Gendered Pronoun Resolution cha...
research
06/18/2021

Predicting gender of Brazilian names using deep learning

Predicting gender by the name is not a simple task. In many applications...

Please sign up or login with your details

Forgot password? Click here to reset