The first steps in analyzing defensive malware are understanding what obfuscations are
present in real-world malware binaries, how these obfuscations hinder analysis, and how …

Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-
level, semantically rich information about data structures and control constructs makes the …

In many applications, source code and debugging symbols of a target program are not
available, and the only thing that we can access is the program executable. A fundamental …

Analyzing the security of closed source binaries is currently impractical for end-users, or
even developers who rely on third-party libraries. Such analysis relies on automatic …

Control Flow Integrity (CFI) provides a strong protection against modern control-flow
hijacking attacks. However, performance and compatibility issues limit its adoption. We …

A great deal of software is distributed in the form of executable code. The ability to reverse
engineer such executables can create opportunities for theft of intellectual property via …

Disassembly of binary code is hard, but necessary for improving the security of binary
software. Over the past few decades, research in binary disassembly has produced many …

" Modern Compiler Design" makes the topic of compiler design more accessible by focusing
on principles and techniques of wide application. By carefully distinguishing between the …

Machine code disassembly routines form a fundamental component of software systems that
statically analyze or modify executable programs, eg, reverse engineering systems, static …

Binary code analysis is an enabling technique for many applications. Modern compilers and
run-time libraries have introduced significant complexities to binary code, which negatively …