Article

Disassembly of Executable Code Revisited

Authors:

B. Schwarz,

S. Debray,

G. AndrewsAuthors Info & Claims

WCRE '02: Proceedings of the Ninth Working Conference on Reverse Engineering (WCRE'02)

Page 45

Published: 29 October 2002 Publication History

Publisher Site

Abstract

Machine code disassembly routines form a fundamentalcomponent of software systems that statically analyze ormodify executable programs, e.g., reverse engineering systems,static binary translators, and link-time optimizers.The task of disassembly is complicated by indirect jumpsand the presence of non-executable data--jump tables,alignment bytes, etc.--in the instruction stream. Existingdisassembly algorithms are not always able to copesuccessfully with executable files containing such features,and they fail silently--i.e., produce incorrect disassemblieswithout any indication that the results they are producingare incorrect. In this paper we examine two commonly-useddisassembly algorithms and illustrate their shortcomings.We propose a hybrid approach that performs betterthan these algorithms in the sense that it is able to detect situationswhere the disassembly may be incorrect and limitthe extent of such disassembly errors. Experimental resultsindicate that the algorithm is quite effective: the amountof code flagged as incurring disassembly errors is usuallyquite small.

Cited By

View all

Priyadarshan SNguyen HSekar RAamodt TSwift MJerger N(2023)Accurate Disassembly of Complex Binaries Without Use of Compiler MetadataProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 410.1145/3623278.3624766(1-18)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3623278.3624766
Li KWoo MJia LHamlen KLu L(2020)On the Generation of Disassembly Ground Truth and the Evaluation of DisassemblersProceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation10.1145/3411502.3418429(9-14)Online publication date: 13-Nov-2020
https://dl.acm.org/doi/10.1145/3411502.3418429
Yao PShi QHuang HZhang CKhurshid SPăsăreanu C(2020)Fast bit-vector satisfiabilityProceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3395363.3397378(38-50)Online publication date: 18-Jul-2020
https://dl.acm.org/doi/10.1145/3395363.3397378
Show More Cited By

Index Terms

Disassembly of Executable Code Revisited
1. Mathematics of computing
  1. Mathematical software

Index terms have been assigned to the content through auto-classification.

Recommendations

Code Smells Revisited: A Variability Perspective
VaMoS '15: Proceedings of the 9th International Workshop on Variability Modelling of Software-Intensive Systems

Highly-configurable software systems (also called software product lines) gain momentum in both, academia and industry. For instance, the Linux kernel comes with over 12 000 configuration options and thus, can be customized to run on nearly every kind ...
Code Disassembly Technology Based on Concolic Symbolic Execution
MINES '13: Proceedings of the 2013 Fifth International Conference on Multimedia Information Networking and Security

Disassembly technology is the foundation of reverse engineering and code analysis, but code and data elements are mixed in code section and indirect jump instructions make disassembly a challenge. In this paper, we propose a disassembly method based on ...
Obfuscation of executable code to improve resistance to static disassembly
CCS '03: Proceedings of the 10th ACM conference on Computer and communications security

A great deal of software is distributed in the form of executable code. The ability to reverse engineer such executables can create opportunities for theft of intellectual property via software piracy, as well as security breaches by allowing attackers ...

Comments

Information & Contributors

Information

Published In

WCRE '02: Proceedings of the Ninth Working Conference on Reverse Engineering (WCRE'02)

October 2002

Publisher

IEEE Computer Society

United States

Publication History

Published: 29 October 2002

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

51
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Priyadarshan SNguyen HSekar RAamodt TSwift MJerger N(2023)Accurate Disassembly of Complex Binaries Without Use of Compiler MetadataProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 410.1145/3623278.3624766(1-18)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3623278.3624766
Li KWoo MJia LHamlen KLu L(2020)On the Generation of Disassembly Ground Truth and the Evaluation of DisassemblersProceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation10.1145/3411502.3418429(9-14)Online publication date: 13-Nov-2020
https://dl.acm.org/doi/10.1145/3411502.3418429
Yao PShi QHuang HZhang CKhurshid SPăsăreanu C(2020)Fast bit-vector satisfiabilityProceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3395363.3397378(38-50)Online publication date: 18-Jul-2020
https://dl.acm.org/doi/10.1145/3395363.3397378
Rimsa AAmaral JQuintão F(2019)Efficient and Precise Dynamic Construction of Control Flow GraphsProceedings of the XXIII Brazilian Symposium on Programming Languages10.1145/3355378.3355383(19-26)Online publication date: 23-Sep-2019
https://dl.acm.org/doi/10.1145/3355378.3355383
Wenzl MMerzdovnik GUllrich JWeippl E(2019)From Hack to Elaborate Technique—A Survey on Binary RewritingACM Computing Surveys10.1145/331641552:3(1-37)Online publication date: 18-Jun-2019
https://dl.acm.org/doi/10.1145/3316415
Mesbah ALanet JMezghiche M(2019)Reverse engineering Java Card and vulnerability exploitationInternational Journal of Information Security10.1007/s10207-018-0401-918:1(85-100)Online publication date: 1-Feb-2019
https://dl.acm.org/doi/10.1007/s10207-018-0401-9
Salls CShoshitaishvili YStephens NKruegel CVigna G(2017)PistonProceedings of the 33rd Annual Computer Security Applications Conference10.1145/3134600.3134611(141-153)Online publication date: 4-Dec-2017
https://dl.acm.org/doi/10.1145/3134600.3134611
Chen JYang WHsu WShen BOu Q(2017)On Static Binary Translation of ARM/Thumb Mixed ISA BinariesACM Transactions on Embedded Computing Systems10.1145/299645816:3(1-25)Online publication date: 28-Mar-2017
https://dl.acm.org/doi/10.1145/2996458
Mesbah ALanet JMezghiche M(2017)Reverse engineering a Java Card memory management algorithmComputers and Security10.1016/j.cose.2017.01.00566:C(97-114)Online publication date: 1-May-2017
https://dl.acm.org/doi/10.1016/j.cose.2017.01.005
Alam SQu ZRiley RChen YRastogi V(2017)DroidNativeComputers and Security10.1016/j.cose.2016.11.01165:C(230-246)Online publication date: 1-Mar-2017
https://dl.acm.org/doi/10.1016/j.cose.2016.11.011
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

Code Smells Revisited: A Variability Perspective

Code Disassembly Technology Based on Concolic Symbolic Execution

Obfuscation of executable code to improve resistance to static disassembly

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations