survey

Public Access

Type Inference on Executables

Authors:

Juan Caballero,

Zhiqiang LinAuthors Info & Claims

ACM Computing Surveys (CSUR), Volume 48, Issue 4

Article No.: 65, Pages 1 - 35

https://doi.org/10.1145/2896499

Published: 02 May 2016 Publication History

Abstract

In many applications, source code and debugging symbols of a target program are not available, and the only thing that we can access is the program executable. A fundamental challenge with executables is that, during compilation, critical information such as variables and types is lost. Given that typed variables provide fundamental semantics of a program, for the last 16 years, a large amount of research has been carried out on binary code type inference, a challenging task that aims to infer typed variables from executables (also referred to as binary code). In this article, we systematize the area of binary code type inference according to its most important dimensions: the applications that motivate its importance, the approaches used, the types that those approaches infer, the implementation of those approaches, and how the inference results are evaluated. We also discuss limitations, underdeveloped problems and open challenges, and propose further applications.

References

[1]

Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. 2009. Control-flow integrity principles, implementations, and applications. ACM Transactions on Information and System Security 13, 1, 4:1--4:40.

Digital Library

[2]

Andrea Allievi. 2014. Understanding and Defeating Windows 8.1 Kernel Patch Protection. Retrieved March 9, 2016 from http://www.nosuchcon.org/talks/2014/D2_01_Andrea_Allievi_Win8.1_Patch_protections.pdf.

[3]

Gogul Balakrishnan, Radu Gruian, Thomas Reps, and Tim Teitelbaum. 2005. Codesurfer/x86—A platform for analyzing X86 executables. In Compiler Construction.

Digital Library

[4]

Gogul Balakrishnan and Thomas Reps. 2004. Analyzing memory accesses in X86 executables. In Compiler Construction.

[5]

G. Balakrishnan and T. Reps. 2007. DIVINE: Discovering variables in executables. In International Conference on Verification, Model Checking, and Abstract Interpretation.

Digital Library

[6]

Tiffany Bao, Jonathan Burket, Maverick Woo, Rafael Turner, and David Brumley. 2014. BYTEWEIGHT: Learning to recognize functions in binary code. In USENIX Security Symposium.

Digital Library

[7]

BAP 2011. Binary Analysis Platform. Retrieved March 9, 2016 from https://github.com/BinaryAnalysisPlatform.

[8]

Fabrice Bellard. 2005. QEMU, a fast and portable dynamic translator. In USENIX Annual Technical Conference.

Digital Library

[9]

Josh Berdine, Cristiano Calcagno, Byron Cook, Dino Distefano, Peter W. O’Hearn, Thomas Wies, and Hongseok Yang. 2007. Shape analysis for composite data structures. In International Conference on Computer Aided Verification.

Digital Library

[10]

Sanjay Bhansali, Wen-Ke Chen, Stuart de Jong, Andrew Edwards, Ron Murray, Milenko Drinić, Darek Mihočka, and Joe Chau. 2006. Framework for instruction-level tracing and analysis of program executions. In International Conference on Virtual Execution Environments.

Digital Library

[11]

Bitblaze 2008. Bitblaze: Binary Analysis For Computer Security. Retrieved March 9, 2016 from http://bitblaze.cs.berkeley.edu/.

[12]

Boomerang 2004. Boomerang decompiler. Retrieved March 9, 2016 from http://boomerang.sourceforge.net/.

[13]

Peter T. Breuer and Jonathan P. Bowen. 1994. Decompilation: The enumeration of types and grammars. ACM Transactions on Programming Languages and Systems 16, 5, 1613--1647.

Digital Library

[14]

Elie Bursztein, Mike Hamburg, Jocelyn Lagarenn, and Dan Boneh. 2011. OpenConflict: Preventing real time map hacks in online games. In IEEE Symposium on Security and Privacy.

Digital Library

[15]

Juan Caballero, Gustavo Grieco, Mark Marron, Zhiqiang Lin, and David Urbina. 2012b. ARTISTE: Automatic Generation of Hybrid Data Structure Signatures from Binary Code Executions. Technical Report TR-IMDEA-SW-2012-001. IMDEA Software Institute, Madrid, Spain.

[16]

Juan Caballero, Gustavo Grieco, Mark Marron, and Antonio Nappa. 2012a. Undangle: Early detection of dangling pointers in use-after-free and double-free vulnerabilities. In International Symposium on Software Testing and Analysis.

Digital Library

[17]

Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson. 2011. Measuring pay-per-install: The commoditization of malware distribution. In USENIX Security Symposium.

Digital Library

[18]

Juan Caballero, Noah M. Johnson, Stephen McCamant, and Dawn Song. 2010. Binary code extraction and interface identification for security applications. In Network and Distributed System Security Symposium.

[19]

Juan Caballero, Pongsin Poosankam, Christian Kreibich, and Dawn Song. 2009. Dispatcher: Enabling active botnet infiltration using automatic protocol reverse-engineering. In ACM Conference on Computer and Communications Security.

Digital Library

[20]

Juan Caballero, Heng Yin, Zhenkai Liang, and Dawn Song. 2007. Polyglot: Automatic extraction of protocol message format using dynamic binary analysis. In ACM Conference on Computer and Communications Security.

Digital Library

[21]

Martim Carbone, Weidong Cui, Long Lu, Wenke Lee, Marcus Peinado, and Xuxian Jiang. 2009. Mapping kernel objects to enable systematic integrity checking. In ACM Conference on Computer and Communications Security.

Digital Library

[22]

David R. Chase, Mark N. Wegman, and F. Kenneth Zadeck. 1990. Analysis of pointers and structures. In ACM SIGPLAN Conference on Programming Language Design and Implementation.

Digital Library

[23]

Xi Chen, Asia Slowinska, and Herbert Bos. 2013. Who allocated my memory? Detecting custom memory allocators in C binaries. In Working Conference on Reverse Engineering.

[24]

Mihai Christodorescu, Nicholas Kidd, and Wen-Han Goh. 2005. String analysis for X86 binaries. In ACM Workshop on Program Analysis for Software Tools and Engineering.

Digital Library

[25]

Cristina Cifuentes. 1994. Reverse Compilation Techniques. Ph.D. Dissertation. Queensland University of Technology, Brisbane, Australia.

[26]

Cristina Cifuentes and Mike Van Emmerik. 1999. Recovery of jump table case statements from binary code. In International Workshop on Program Comprehension.

Digital Library

[27]

CodeSurfer 2005. CodeSurfer. Retrieved March 9, 2016 from http://www.grammatech.com/research/technologies/codesurfer.

[28]

Andrei Costin, Jonas Zaddach, Aurelien Francillon, and Davide Balzarotti. 2014. A large scale analysis of the security of embedded firmwares. In USENIX Security Symposium.

Digital Library

[29]

Anthony Cozzie, Frank Stratton, Hui Xue, and Samuel T. King. 2008. Digging for data structures. In USENIX Symposium on Operating Systems Design and Implementation.

Digital Library

[30]

Ang Cui, Michael Costello, and Salvatore J. Stolfo. 2013. When firmware modifications attack: A case study of embedded exploitation. In Network and Distributed System Security Symposium.

[31]

Weidong Cui, Marcus Peinado, Karl Chen, Helen J. Wang, and Luis Irun-Briz. 2008. Tupni: Automatic reverse engineering of input formats. In ACM Conference on Computer and Communications Security.

Digital Library

[32]

R. Dekker and F. Ververs. 1994. Abstract data structure recognition. In Knowledge-Based Software Engineering Conference.

[33]

David Dewey and Jonathon T. Giffin. 2012. Static detection of C++ vtable escape vulnerabilities in binary code. In Network and Distributed System Security Symposium.

[34]

Brendan Dolan-Gavitt, Tim Leek, Michael Zhivich, Jonathon Giffin, and Wenke Lee. 2011. Virtuoso: Narrowing the semantic gap in virtual machine introspection. In IEEE Symposium on Security and Privacy.

Digital Library

[35]

E. N. Dolgova and A. V. Chernov. 2009. Automatic reconstruction of data types in the decompilation problem. Programming and Computer Software 35, 2, 105--119.

Digital Library

[36]

Katerina Dolgova and Alexander Chernov. 2008. Automatic type reconstruction in disassembled C programs. In Working Conference on Reverse Engineering.

Digital Library

[37]

Dyninst 2009. Dyninst: Putting the Performance in High Performance Computing. Retrieved March 9, 2016 from http://www.dyninst.org/.

[38]

Khaled ElWazeer, Kapil Anand, Aparna Kotha, Matthew Smithson, and Rajeev Barua. 2013. Scalable variable and data type detection in a binary rewriter. In ACM SIGPLAN Conference on Programming Language Design and Implementation.

Digital Library

[39]

Mike Van Emmerik and Trent Waddington. 2004. Using a decompiler for real-world source recovery. In Working Conference on Reverse Engineering.

Digital Library

[40]

Úlfar Erlingsson, Martín Abadi, Michael Vrable, Mihai Budiu, and George C. Necula. 2006. XFI: Software guards for system address spaces. In USENIX Symposium on Operating Systems Design and Implementation.

Digital Library

[41]

Alexander Fokin, Yegor Derevenets, Alexander Chernov, and Katerina Troshina. 2011. SmartDec: Approaching C++ decompilation. In Working Conference on Reverse Engineering.

Digital Library

[42]

Alexander Fokin, Katerina Troshina, and Alexander Chernov. 2010. Reconstruction of class hierarchies for decompilation of C++ programs. In European Conference on Software Maintenance and Reengineering.

Digital Library

[43]

Yangchun Fu and Zhiqiang Lin. 2012. Space traveling across VM: Automatically bridging the semantic-gap in virtual machine introspection via online kernel data redirection. In IEEE Symposium on Security and Privacy.

Digital Library

[44]

Tal Garfinkel and Mendel Rosenblum. 2003. A virtual machine introspection based architecture for intrusion detection. In Network and Distributed Systems Security Symposium.

[45]

Rakesh Ghiya and Laurie J. Hendren. 1996. Is it a tree, a dag, or a cyclic graph? A shape analysis for heap-directed pointers in C. In ACM SIGPLAN Symposium on Principles of Programming Languages.

Digital Library

[46]

Cristiano Giuffrida, Anton Kuijsten, and Andrew S. Tanenbaum. 2012. Enhanced operating system security through efficient and fine-grained address space randomization. In USENIX Security Symposium.

Digital Library

[47]

Yufei Gu, Yangchun Fu, Aravind Prakash, Zhiqiang Lin, and Heng Yin. 2012. OS-Sommelier: Memory-only operating system fingerprinting in the cloud. In ACM Symposium on Cloud Computing.

Digital Library

[48]

Yufei Gu, Yangchun Fu, Aravind Prakash, Zhiqiang Lin, and Heng Yin. 2014. Multi-aspect, robust, and memory exclusive guest OS fingerprinting. IEEE Transactions on Cloud Computing.

[49]

I. Guilfanov. 2001. A simple type system for program reengineering. In Working Conference on Reverse Engineering.

Digital Library

[50]

Philip J. Guo, Jeff H. Perkins, Stephen McCamant, and Michael D. Ernst. 2006. Dynamic inference of abstract types. In International Symposium on Software Testing and Analysis.

Digital Library

[51]

István Haller, Asia Slowinska, and Herbert Bos. 2013. MemPick: High-level data structure detection in C/C++ binaries. In Working Conference on Reverse Engineering.

[52]

Raymond J. Hookway and Mark A. Herdeg. 1997. DIGITAL FX!32: Combining emulation and binary translation. Digital Tech. J. 9, 1, 3--12.

Digital Library

[53]

IDA 2005. IDA. Retrieved March 9, 2016 from https://www.hex-rays.com/products/ida/.

[54]

Emily R. Jacobson, Nathan Rosenblum, and Barton P. Miller. 2011. Labeling library functions in stripped binaries. In ACM Workshop on Program Analysis for Software Tools and Engineering.

Digital Library

[55]

Xuxian Jiang, Xinyuan Wang, and Dongyan Xu. 2007. Stealthy malware detection through VMM-based out-of-the-box semantic view reconstruction. In ACM Conference on Computer and Communications Security.

Digital Library

[56]

Wesley Jin, Cory Cohen, Jeffrey Gennari, Charles Hines, Sagar Chaki, Arie Gurfinkel, Jeffrey Havrilla, and Priya Narasimhan. 2014. Recovering C++ objects from binaries using inter-procedural data-flow analysis. In ACM Workshop on Program Protection and Reverse Engineering.

Digital Library

[57]

Changhee Jung and Nathan Clark. 2009. DDT: Design and evaluation of a dynamic program analysis for optimizing data structure usage. In IEEE/ACM International Symposium on Microarchitecture.

Digital Library

[58]

Clemens Kolbitsch, Thorsten Holz, Christopher Kruegel, and Engin Kirda. 2010. Inspector gadget: Automated extraction of proprietary gadgets from malware binaries. In IEEE Symposium on Security and Privacy.

Digital Library

[59]

Christopher Kruegel, William Robertson, Fredrik Valeur, and Giovanni Vigna. 2004. Static disassembly of obfuscated binaries. In USENIX Security Symposium.

Digital Library

[60]

James R. Larus and Thomas Ball. 1994. Rewriting executable files to measure program behavior. Software Practice and Experience 2, 197--218.

Digital Library

[61]

JongHyup Lee, Thanassis Avgerinos, and David Brumley. 2011. TIE: Principled reverse engineering of types in binary programs. In Network and Distributed System Security Symposium.

[62]

Junghee Lim, Thomas Reps, and Ben Liblit. 2006. Extracting output formats from executables. In Working Conference on Reverse Engineering.

Digital Library

[63]

Zhiqiang Lin, Xuxian Jiang, Dongyan Xu, and Xiangyu Zhang. 2008. Automatic protocol format reverse engineering through context-aware monitored execution. In Network and Distributed System Security Symposium.

[64]

Zhiqiang Lin, Junghwan Rhee, Chao Wu, Xiangyu Zhang, and Dongyan Xu. 2012. Dimsum: Discovering semantic data of interest from un-mappable memory with confidence. In Network and Distributed System Security Symposium.

[65]

Zhiqiang Lin, Junghwan Rhee, Xiangyu Zhang, Dongyan Xu, and Xuxian Jiang. 2011. SIGGRAPH: Brute force scanning of kernel data structure instances using graph-based signatures. In Network and Distributed System Security Symposium.

[66]

Zhiqiang Lin, Ryan D. Riley, and Dongyan Xu. 2009. Polymorphing software by randomizing data structure layout. In SIG SIDAR Conference on Detection of Intrusions and Malware and Vulnerability Assessment.

Digital Library

[67]

Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. 2010. Automatic reverse engineering of data structures from binary execution. In Network and Distributed System Security Symposium.

[68]

LLVM 2004. The LLVM Compiler Infrastructure. Retrieved March 9, 2016 from http://llvm.org/.

[69]

Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, Geoff Lowney, Steven Wallace, Vijay Janapa Reddi, and Kim Hazelwood. 2005. Pin: Building customized program analysis tools with dynamic instrumentation. In ACM SIGPLAN Conference on Programming Language Design and Implementation.

Digital Library

[70]

Roman Manevich, Eran Yahav, G. Ramalingam, and Mooly Sagiv. 2005. Predicate abstraction and canonical abstraction for singly-linked lists. In International Conference on Verification, Model Checking and Abstract Interpretation.

Digital Library

[71]

Mark Marron, Deepak Kapur, and Manuel Hermenegildo. 2009. Identification of logically related heap regions. In International Symposium on Memory Management.

Digital Library

[72]

Stephen McCamant and Greg Morrisett. 2006. Evaluating SFI for a CISC architecture. In USENIX Security Symposium.

Digital Library

[73]

Robin Milner. 1978. A theory of type polymorphism in programming. Journal of Computer and System Sciences 17, 3, 348--375.

[74]

Alan Mycroft. 1999. Type-based decompilation (or program reconstruction via type reconstruction). In European Symposium on Programming Languages and Systems.

Digital Library

[75]

Nicholas Nethercote and Julian Seward. 2007. Valgrind: A framework for heavyweight dynamic binary instrumentation. In ACM SIGPLAN Conference on Programming Language Design and Implementation.

Digital Library

[76]

Robert O’Callahan and Daniel Jackson. 1997. Lackwit: A program understanding tool based on type inference. In International Conference on Software Engineering.

Digital Library

[77]

Bryan D. Payne, Martim Carbone, Monirul I. Sharif, and Wenke Lee. 2008. Lares: An architecture for secure active monitoring using virtualization. In IEEE Symposium on Security and Privacy.

Digital Library

[78]

N. Petroni, A. Walters, T. Fraser, and W. Arbaugh. 2006. Fatkit: A framework for the extraction and analysis of digital forensic data from volatile system memory. Digital Investigation Journal 3, 4, (December 2006).

Digital Library

[79]

PIN 2005. Pin - A Dynamic Binary Instrumentation Tool. Retrieved March 9, 2016 from https://software.intel. com/en-us/articles/pin-a-dynamic-binary-instrumentation-tool.

[80]

Aravind Prakash, Xunchao Hu, and Heng Yin. 2015. vfGuard: Strict protection for virtual function calls in COTS C++ binaries. In Network and Distributed Systems Security Symposium.

[81]

Qemu 2006. QEMU: An open source processor emulator. Retrieved March 9, 2016 from http://www.qemu.org/.

[82]

G. Ramalingam, John Field, and Frank Tip. 1999. Aggregate structure identification and its application to program analysis. In ACM SIGPLAN Symposium on Principles of Programming Languages.

Digital Library

[83]

Easwaran Raman and David I. August. 2005. Recursive data structure profiling. In Workshop on Memory System Performance.

Digital Library

[84]

Edward Robbins, Jacob M. Howe, and Andy King. 2013. Theory propagation and rational-trees. In International Symposium on Principles and Practice of Declarative Programming.

Digital Library

[85]

Rose 2000. ROSE compiler infrastructure. Retrieved March 9, 2016 from http://www.rosecompiler.org/.

[86]

Mooly Sagiv, Thomas Reps, and Reinhard Wilhelm. 1999. Parametric shape analysis via 3-valued logic. In ACM SIGPLAN Symposium on Principles of Programming Languages.

Digital Library

[87]

Edward J. Schwartz, JongHyup Lee, Maverick Woo, and David Brumley. 2013. Native X86 decompilation using semantics-preserving structural analysis and iterative control-flow structuring. In USENIX Security Symposium.

Digital Library

[88]

Benjamin Schwarz, Saumya Debray, and Gregory Andrews. 2002. Disassembly of executable code revisited. In Working Conference on Reverse Engineering.

Digital Library

[89]

Benjamin Schwarz, Saumya Debray, Gregory Andrews, and Matthew Legendre. 2001. PLTO: A link-time optimizer for the Intel IA-32 architecture. In Workshop on Binary Translation.

[90]

SecondWrite. 2013. SecondWrite. Retrieved March 9, 2016 from http://www.secondwrite.com/.

[91]

Eui Chul Richard Shin, Dawn Song, and Reza Moazzezi. 2015. Recognizing functions in binaries with neural networks. In USENIX Security Symposium.

Digital Library

[92]

Gabriel M. Silberman and Kemal Ebcioglu. 1993. An architectural framework for supporting heterogeneous instruction-set architectures. IEEE Computer 26, 6, 39--56.

Digital Library

[93]

Richard L. Sites, Anton Chernoff, Matthew B. Kirk, Maurice P. Marks, and Scott G. Robinson. 1993. Binary translation. Communications of the ACM 36, 2, 69--81.

Digital Library

[94]

Asia Slowinska, Istvan Haller, Andrei Bacs, Silviu Baranga, and Herbert Bos. 2014. Data structure archaeology: Scrape away the dirt and glue back the pieces!. In SIG SIDAR Conference on Detection of Intrusions and Malware, and Vulnerability Assessment.

[95]

Asia Slowinska, Traian Stancescu, and Herbert Bos. 2010. DDE: Dynamic data structure excavation. In ACM SIGCOMM Asia-Pacific Workshop on Systems.

Digital Library

[96]

Asia Slowinska, Traian Stancescu, and Herbert Bos. 2011. Howard: A dynamic excavator for reverse engineering data structures. In Network and Distributed System Security Symposium.

[97]

Asia Slowinska, Traian Stancescu, and Herbert Bos. 2012. Body armor for binaries: Preventing buffer overflows without recompilation. In USENIX Annual Technical Conference.

Digital Library

[98]

SmartDec. 2011. SmartDec decompiler. Retrieved March 9, 2016 from http://github.com/smartdec/smartdec.

[99]

Venkatesh Srinivasan and Thomas Reps. 2014. Recovery of class hierarchies and composition relationships from machine code. In Compiler Construction.

[100]

Katerina Troshina, Yegor Derevenets, and Alexander Chernov. 2010. Reconstruction of composite types for decompilation. In IEEE Working Conference on Source Code Analysis and Manipulation.

Digital Library

[101]

Udis. 2009. Udis86 Disassembler. Retrieved March 9, 2016 from https://github.com/vmt/udis86.

[102]

David Urbina, Yufei Gu, Juan Caballero, and Zhiqiang Lin. 2014. SigPath: A memory graph based approach for program data introspection and modification. In European Symposium on Research in Computer Security.

Digital Library

[103]

Valgrind. 2007. Valgrind. Retrieved March 9, 2016 from http://valgrind.org/.

[104]

Sebastian Vogl, Robert Gawlik, Behrad Garmany, Thomas Kittel, Jonas Pfoh, Claudia Eckert, and Thorsten Holz. 2014. Dynamic hooks: Hiding control flow changes within non-control data. In USENIX Security Symposium.

Digital Library

[105]

Robert Wahbe, Steven Lucco, Thomas E. Anderson, and Susan L. Graham. 1993. Efficient software-based fault isolation. In ACM Symposium on Operating Systems Principles.

Digital Library

[106]

Gilbert Wondracek, Paolo Milani Comparetti, Christopher Kruegel, and Engin Kirda. 2008. Automatic network protocol analysis. In Network and Distributed System Security Symposium.

[107]

Eran Yahav and Mooly Sagiv. 2008. Verifying safety properties of concurrent heap-manipulating programs. ACM Transactions on Programming Languages and Systems 32, 5, 18:1--18:50.

Digital Library

[108]

Qiuchen Yan and Stephen McCamant. 2014. Conservative Signed/Unsigned Type Inference for Binaries using Minimum Cut. Technical Report 14-006. Department of Computer Science and Engineering, University of Minnesota.

[109]

Heng Yin, Zhenkai Liang, and Dawn Song. 2008. HookFinder: Identifying and understanding malware hooking behaviors. In Network and Distributed System Security Symposium.

[110]

Heng Yin and Dawn Song. 2010. TEMU: Binary Code Analysis via Whole-System Layered Annotative Execution. Technical Report UCB/EECS-2010-3. EECS Department, University of California, Berkeley.

[111]

Kyungjin Yoo and Rajeev Barua. 2014. Recovery of object oriented features from C++ binaries. In Asia-Pacific Software Engineering Conference.

Digital Library

[112]

Jonas Zaddach, Luca Bruno, Aurelien Francillon, and Davide Balzarotti. 2014. Avatar: A framework to support dynamic security analysis of embedded systems’ firmwares. In Network and Distributed System Security Symposium.

[113]

Junyuan Zeng, Yangchun Fu, Kenneth Miller, Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. 2013. Obfuscation-resilient binary code reuse through trace-oriented programming. In ACM Conference on Computer and Communications Security.

Digital Library

[114]

Junyuan Zeng and Zhiqiang Lin. 2015. Towards automatic inference of kernel object semantics from binary code. In International Symposium on Research in Attacks, Intrusions and Defenses. Kyoto, Japan.

Digital Library

[115]

Chao Zhang, Chengyu Song, Kevin Zhijie Chen, Zhaofeng Chen, and Dawn Song. 2015. VTint: Defending virtual function tables’ integrity. In Network and Distributed Systems Security Symposium.

[116]

Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Laszlo Szekeres, Stephen McCamant, Dawn Song, and Wei Zou. 2013. Practical control flow integrity and randomization for binary executables. In IEEE Symposium on Security and Privacy.

Digital Library

[117]

Jingbo Zhang, Rongcai Zhao, and Jianmin Pang. 2007. Parameter and return-value analysis of binary executables. In Computer Software and Applications Conference.

Digital Library

[118]

Mingwei Zhang, Aravind Prakash, Xiaolei Li, Zhenkai Liang, and Heng Yin. 2012. Identifying and analysing pointer misuses for sophisticated memory-corruption exploit diagnosis. In Network and Distributed System Security Symposium.

Cited By

Lin JWang DChang RWu LZhou YRen K(2023)EnBinDiff: Identifying Data-Only Patches for BinariesIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.313350020:1(343-359)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TDSC.2021.3133500
Al-Kaswan AAhmed TIzadi MSawant ADevanbu Pvan Deursen A(2023)Extending Source Code Pre-Trained Language Models to Summarise Decompiled Binaries2023 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)10.1109/SANER56733.2023.00033(260-271)Online publication date: Mar-2023
https://doi.org/10.1109/SANER56733.2023.00033
Guo SWan XYou WLiang BShi WZhang YHuang JZhang JGrundy JPollock LPenta M(2023)Operand-Variation-Oriented Differential Analysis for Fuzzing Binding Calls in PDF ReadersProceedings of the 45th International Conference on Software Engineering10.1109/ICSE48619.2023.00020(95-107)Online publication date: 14-May-2023
https://dl.acm.org/doi/10.1109/ICSE48619.2023.00020
Show More Cited By

Index Terms

Type Inference on Executables
1. Security and privacy
  1. Systems security
    1. Operating systems security
2. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language features

Recommendations

Type checking and inference for polymorphic and existential types
CATS '09: Proceedings of the Fifteenth Australasian Symposium on Computing: The Australasian Theory - Volume 94

This paper proves undecidability of type checking and type inference problems in some variants of typed lambda calculi with polymorphic and existential types. First, type inference in the domain-free polymorphic lambda calculus is proved to be ...
Deriving a complete type inference for Hindley-Milner and vector sizes using expansion

Type inference and program analysis both infer static properties about a program. Yet, they are constructed using very different techniques. We reconcile both approaches by deriving a type inference from a denotational semantics using abstract ...
Polymorphic type inference and abstract data types

Many statically typed programming languages provide an abstract data type construct, such as the module in Modula-2. However, in most of these languages, implementations of abstract data types are not first-class values. Thus, they cannot be assigned to ...

Comments

Information & Contributors

Information

Published In

cover image ACM Computing Surveys

ACM Computing Surveys Volume 48, Issue 4

May 2016

605 pages

ISSN:0360-0300

EISSN:1557-7341

DOI:10.1145/2891449

Editor:
Sartaj Sahni
Department of Computer and Information Science and Engineering/University of Florida/Gainesville, FL

Issue’s Table of Contents

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 May 2016

Accepted: 01 January 2016

Revised: 01 November 2015

Received: 01 April 2015

Published in CSUR Volume 48, Issue 4

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Survey
Research
Refereed

Funding Sources

NSF
Regional Government of Madrid
AFOSR
Spanish Government

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

40
Total Citations
View Citations
1,743
Total Downloads

Downloads (Last 12 months)310
Downloads (Last 6 weeks)41

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lin JWang DChang RWu LZhou YRen K(2023)EnBinDiff: Identifying Data-Only Patches for BinariesIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.313350020:1(343-359)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TDSC.2021.3133500
Al-Kaswan AAhmed TIzadi MSawant ADevanbu Pvan Deursen A(2023)Extending Source Code Pre-Trained Language Models to Summarise Decompiled Binaries2023 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)10.1109/SANER56733.2023.00033(260-271)Online publication date: Mar-2023
https://doi.org/10.1109/SANER56733.2023.00033
Guo SWan XYou WLiang BShi WZhang YHuang JZhang JGrundy JPollock LPenta M(2023)Operand-Variation-Oriented Differential Analysis for Fuzzing Binding Calls in PDF ReadersProceedings of the 45th International Conference on Software Engineering10.1109/ICSE48619.2023.00020(95-107)Online publication date: 14-May-2023
https://dl.acm.org/doi/10.1109/ICSE48619.2023.00020
Yajie JXiaojuan ZLei MYayun ZQing LJingyi CShuang YMenglin L(2023)Integrating Flow and Program Analysis for Enhanced Protocol Reverse Engineering2023 20th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP)10.1109/ICCWAMTIP60502.2023.10387148(1-4)Online publication date: 15-Dec-2023
https://doi.org/10.1109/ICCWAMTIP60502.2023.10387148
Singhal VPillai ASaumya CKulkarni MMachiry A(2022)Cornucopia : A Framework for Feedback Guided Generation of BinariesProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3561152(1-13)Online publication date: 10-Oct-2022
https://dl.acm.org/doi/10.1145/3551349.3561152
Tian LChen LKong DShi G(2022)GRIN: Make Rewriting More Precise2022 3rd Asia Service Sciences and Software Engineering Conference10.1145/3523181.3523207(180-188)Online publication date: 24-Feb-2022
https://dl.acm.org/doi/10.1145/3523181.3523207
Lehmann DPradel MJhala RDillig I(2022)Finding the Dwarf: Recovering Precise Types from WebAssembly BinariesProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3519939.3523449(410-425)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1145/3519939.3523449
Alrabaee SDebbabi MWang L(2022)A Survey of Binary Code Fingerprinting Approaches: Taxonomy, Methodologies, and FeaturesACM Computing Surveys10.1145/348686055:1(1-41)Online publication date: 17-Jan-2022
https://dl.acm.org/doi/10.1145/3486860
Shao WYang QGuo XCai R(2022)A Survey of Available Information Recovery of Binary Programs Based on Machine Learning2022 5th International Conference on Artificial Intelligence and Big Data (ICAIBD)10.1109/ICAIBD55127.2022.9820045(125-132)Online publication date: 27-May-2022
https://doi.org/10.1109/ICAIBD55127.2022.9820045
Wang XXu XLi QYuan MXue JLee J(2022)Recovering container class types in C++ binariesProceedings of the 20th IEEE/ACM International Symposium on Code Generation and Optimization10.1109/CGO53902.2022.9741274(131-143)Online publication date: 2-Apr-2022
https://dl.acm.org/doi/10.1109/CGO53902.2022.9741274
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents