http://www.dagstuhl.de/12051

29. Januar – 03. Februar 2012, Dagstuhl Seminar 12051

Analysis of Executables: Benefits and Challenges

Organisatoren

Andy M. King (University of Kent, GB)
Alan Mycroft (University of Cambridge, GB)
Thomas W. Reps (University of Wisconsin – Madison, US)
Axel Simon (TU München, DE)

Koordinatoren

Andrea Flexeder (TWT GmbH – München, DE)

Auskunft zu diesem Dagstuhl Seminar erteilt

Dagstuhl Service Team

Dokumente

Dagstuhl Report, Volume 2, Issue 1 Dagstuhl Report
Teilnehmerliste
Gemeinsame Dokumente
Dagstuhl's Impact: Dokumente verfügbar

Summary

The analysis of executables is concerned with extracting information from a binary program typically, though not exclusively, with program analysis techniques based on abstract interpretation. This topic has risen to prominence due to the need to audit code, developed by third parties for which the source is unavailable. Moreover, compilers are themselves a source of bugs, hence the need to scrutinise and systematically examine executables.

Seminar topics

The theme of the analysis of executables is an umbrella term adopted for this seminar, covers, among other things, the following topics:

  • specifying the semantics of native instructions, intermediate languages and the synthesis of transfer functions from blocks of instructions;
  • abstract domains for binary analysis and how to combine them; type synthesis;
  • control-flow graph (CFG) reconstruction, which is a prerequisite for many program analysis, and CFG matching, which is useful for detecting piracy;
  • self-modifying code, characterising its semantics and detecting malware.

In all, 42 researchers, both senior and more junior, from 10 countries attended the meeting. This high number shows the strong interest in this emerging field. The feedback from the participants was also very positive.

Thus, one of the tangible outcomes is that the community set out to create a common piece of infrastructure. Beyond this, it was agreed that another seminar about the analysis of executables in two years time would be most welcome. We discussed what topics this new seminar should focus on and we distilled that malware, obfuscation, interpreters and self-modifying code should be major topics, as these constitute challenges that the community needs to address.

Dagstuhl Seminar Series

Classification

  • Semantics / Formal Methods
  • Verification /logic
  • Programming Languages / Compiler
  • Optimization / Scheduling

Keywords

  • Executable analysis
  • Reverse engineering
  • Malware detection
  • Control ow reconstruction

Buchausstellung

Bücher der Teilnehmer 

Buchausstellung im Erdgeschoss der Bibliothek

(nur in der Veranstaltungswoche).

Dokumentation

In der Reihe Dagstuhl Reports werden alle Dagstuhl-Seminare und Dagstuhl-Perspektiven-Workshops dokumentiert. Die Organisatoren stellen zusammen mit dem Collector des Seminars einen Bericht zusammen, der die Beiträge der Autoren zusammenfasst und um eine Zusammenfassung ergänzt.

 

Download Übersichtsflyer (PDF).

Publikationen

Es besteht weiterhin die Möglichkeit, eine umfassende Kollektion begutachteter Arbeiten in der Reihe Dagstuhl Follow-Ups zu publizieren.

Dagstuhl's Impact

Bitte informieren Sie uns, wenn eine Veröffentlichung ausgehend von
Ihrem Seminar entsteht. Derartige Veröffentlichungen werden von uns in der Rubrik Dagstuhl's Impact separat aufgelistet  und im Erdgeschoss der Bibliothek präsentiert.