Yu Liu

DOI: https://doi.org/10.48550/arXiv.2308.06615

2023-08-13

Abstract:To refactor already working code while keeping reliability, compatibility and perhaps security, we can borrow ideas from micropass/nanopass compilers. By treating the procedure of software refactoring as composing code transformations, and compressing repetitive transformations with automation tools, we can often obtain representations of refactoring processes short enough that their correctness can be analysed manually. Unlike in compilers, in refactoring we usually only need to consider the codebase in question, so regular text processing can be extensively used, fully exploiting patterns only present in the codebase. Aside from the direct application of code transformations from compilers, many other kinds of equivalence properties may also be exploited. In this paper, two refactoring projects are given as the main examples, where 10-100 times simplification has been achieved with the application of a few kinds of useful transformations.

Software Engineering

Lixin Li,Chao Wang

DOI: https://doi.org/10.1007/978-3-642-40787-1_31

2013-01-01

Abstract:Dynamic analysis techniques have made a significant impact in security practice, e.g. by automating some of the most tedious processes in detecting vulnerabilities. However, a significant gap remains between existing software tools and what many security applications demand. In this paper, we present our work on developing a cross-platform interactive analysis tool, which leverages techniques such as symbolic execution and taint tracking to analyze binary code on a range of platforms. The tool builds upon IDA, a popular reverse engineering platform, and provides a unified analysis engine to handle various instruction sets and operating systems. We have evaluated the tool on a set of real-world applications and shown that it can help identify the root causes of security vulnerabilities quickly.

黄海,蒋烈辉,何红旗,尹青,方霞

DOI: https://doi.org/10.16208/j.issn1000-7024.2009.20.040

2009-01-01

Abstract:In the process of decompiling based on IDA, the IDA is used as the disassembly front, and the connector which is the form of IDA plug-in exports the reference disassembly result. Then, the rest process of decompilation is translating the disassembly language to the intermediate language, process recovering, data flow analysis, control flow analysis and so on. How to design and implement the intermediate language is introduced, which is based on the exported disassembly result by using the IDA connector.

Teng Long,Lin Liu,Yijun Yu,Zhiguo Wan

DOI: https://doi.org/10.1109/FCST.2010.85

2010-01-01

Abstract:Nowadays, software refactoring techniques are widely adopted to enhance the quality of software by improving its understandability, performance, as well as other quality related design attributes. On the other hand, various kinds of software obfuscation methods have been proposed to protect security-sensitive information involved in software implementations. This paper analyzes how refactoring and obfuscation use reverse transformations to improve quality and security of software code, and proposes a systematic modeling approach based on i* to support the selection of refactoring techniques and obfuscation methods under different social, environmental and operational situations. First, top-level softgoals guiding designer's decision making are identified and analyzed; next accidental programming “bad smells” and intentional code cracker's threats to these softgoals are identified and analyzed; then refactoring and obfuscation transformations are modeled as countermeasures for these threats; eventually their reversal relations and counteracting patterns are examined using example code segments.

Kang Zhao,Jinian Bian,Qiang Wu,Xianlong Hong

DOI: https://doi.org/10.1109/cesa.2006.4281702

2006-01-01

Abstract:A particular pre-processing framework for embedded system design automation is presented in this paper. The main motivation of this framework is to construct a unified internal platform that bridges the gap from the original system application input to the intermediate kernel representation in hardware/software (HW/SW) co-design. To cope with this issue, novel algorithms for the transformation from C specification to hierarchical control data flow graph (HCDFG) and parallelism optimization are employed in this paper, which satisfy the front-end requirements of HW/SW partitioning in the whole design. In particular, a novel model named abstract parallel tree (APT) is emphatically presented in detail to offer a theoretic support for the implementation of parallelism optimization. Finally, the summary of experimental implementations is presented and the feasibility of this framework is validated

Elliot Varoy,John Burrows,Jing Sun,Sathiamoorthy Manoharan

DOI: https://doi.org/10.1109/iceccs.2016.030

2016-01-01

Abstract:Understanding existing pieces of software is a challenge faced by many software developers regardless of their experience. This project researches into existing reverse engineering tools used for code comprehension and identifies the limitations of the current approaches. Furthermore, a prototype implementation was developed to extract design models from available source code in order to achieve better program comprehension. The design and implementation of the model extraction tool were defined, with a focus on Java systems and an agile methodology. This tool was realised by extending the existing open source diagrammatic software, UMLet, with a set of features to aid in code comprehension. Finally, the prototype implementation was evaluated against the related tools in the field as well as by a group of professional experts.

Antonio Flores-Montoya,Eric Schulte

DOI: https://doi.org/10.48550/arXiv.1906.03969

2019-06-07

Programming Languages

Abstract:Disassembly is fundamental to binary analysis and rewriting. We present a novel disassembly technique that takes a stripped binary and produces reassembleable assembly code. The resulting assembly code has accurate symbolic information, providing cross-references for analysis and to enable adjustment of code and data pointers to accommodate rewriting. Our technique features multiple static analyses and heuristics in a combined Datalog implementation. We argue that Datalog's inference process is particularly well suited for disassembly and the required analyses. Our implementation and experiments support this claim. We have implemented our approach into an open-source tool called Ddisasm. In extensive experiments in which we rewrite thousands of x64 binaries we find Ddisasm is both faster and more accurate than the current state-of-the-art binary reassembling tool, Ramblr.

SCOTT R. TILLEY,KENNY WONG,MARGARET-ANNE D. STOREY,HAUSI A. MÜLLER

DOI: https://doi.org/10.1142/s0218194094000246

IF: 1.007

1994-12-01

International Journal of Software Engineering and Knowledge Engineering

Abstract:Program understanding can be enhanced using reverse engineering technologies. The understanding process is heavily dependent on both individuals and their specific cognitive abilities, and on the set of facilities provided by the program understanding environment. Unfortunately, most reverse engineering tools provide a fixed palette of extraction, selection, and organization techniques. This paper describes a programmable approach to reverse engineering. The approach uses a scripting language that enables users to write their own routines for common reverse engineering activities, such as graph layout, metrics, and subsystem decomposition, thereby extending the capabilities of the reverse engineering toolset to better suit their needs. A programmable environment supported by this approach subsumes existing reverse engineering systems by being able to simulate facets of each one.

computer science, artificial intelligence,engineering, electrical & electronic, software engineering

Ali Reza Ibrahimzada

DOI: https://doi.org/10.1145/3639478.3641226

2024-01-23

Abstract:The rising popularity of Large Language Models (LLMs) has motivated exploring their use in code-related tasks. Code LLMs with more than millions of parameters are trained on a massive amount of code in different Programming Languages (PLs). Such models are used for automating various Software Engineering (SE) tasks using prompt engineering. However, given the very large size of industry-scale project files, a major issue of these LLMs is their limited context window size, motivating the question of "Can these LLMs process very large files and can we effectively perform prompt engineering?". Code translation aims to convert source code from one PL to another. In this work, we assess the effect of method-level program decomposition on context window of LLMs and investigate how this approach can enable translation of very large files which originally could not be done due to out-of-context issue. Our observations from 20 well-known java projects and approximately 60K methods suggest that method-level program decomposition significantly improves the limited context window problem of LLMs by 99.5%. Furthermore, our empirical analysis indicate that with method-level decomposition, each input fragment on average only consumes 5% of the context window, leaving more context space for prompt engineering and the output. Finally, we investigate the effectiveness of a Call Graph (CG) approach for translating very large files when doing method-level program decomposition.

Software Engineering

Weiping WEN,Han ZHANG,Xianglei CAO

DOI: https://doi.org/10.3969/j.issn.1671-1122.2016.05.011

2016-01-01

Abstract:With the rapid development of mobile intelligent terminals, Android operating system has become one of the most widely used mobile intelligent operating systems in the world. Java is famous for its features of good cross-platform, high efficiency and a large amount of developers, therefore the designers of Android choose Java as the system development language. The characteristics of the Java language make Java program easy be decompiled by decompilation tools and be analyzed, which makes Android applications face great risks. This paper focuses on the study of code obfuscation technology for the purpose of protecting Android applications, improving the dififculty of the attacker's reverse analysis and adding no extra time cost for the execution of the program. Based on Android executable ifle reorganization, this paper designs and implements a kind of Android obfuscation tool and carries out test and performances analysis. This Android obfuscation tool enhances the security of Android applications, protects Android applications developers' intellectual property rights, and avoids reverse analysis, piracy and malicious tampering to Android applications to a certain extent.

M. P. Ward

DOI: https://doi.org/10.48550/arXiv.cs/0105006

2001-05-04

Software Engineering

Abstract:The FermaT transformation system, based on research carried out over the last sixteen years at Durham University, De Montfort University and Software Migrations Ltd., is an industrial-strength formal transformation engine with many applications in program comprehension and language migration. This paper is a case study which uses automated plus manually-directed transformations and abstractions to convert an IBM 370 Assembler code program into a very high-level abstract specification.

LIU Hui-ming,ZHUGE Jian-wei

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2016.10.013

2016-01-01

Abstract:We propose an alternative way and implement the demo system that translates the key code into native code and obfuscates it automatically.The resulting obfuscated code is immune to existing automatic reverse techniques.Our evaluation shows that this system is of both high harden strength and good compatibility,and it will be an effective protector for millions of apps’developers and users.

Baisu Huang,Bo Qian,Wanghong Yuan,Hong Mei,Fuqing Yang

1999-01-01

Abstract:Research on reverse engineering is a focal point in the software engineering field, and it is the basis for software understanding and reengineering, but explorations of object-oriented reverse engineering are still at a starting phase. In this paper, an automatic approach to engineering the C++ programs in reverse is presented through introducing JBOORET, JBOORET is an object-oriented reverse engineering tool for C++. This approach is based on program analysis, extracting program information from source code and recovering the OOD diagram of the objective system. JBOORET may be used to recapture the system design, aid the system documentation and understanding, restructure the system, and so on. In addition, the design idea and some key techniques employed in the design and implementation of JBOORET are described, including information extracting, incremental parsing, ambiguity handling in parser, automatic layout, etc.

ZENG Zeng,ZHAO Jian-hua

DOI: https://doi.org/10.3969/j.issn.1002-137x.2012.02.034

2012-01-01

Computer Science

Abstract:A new code query technology based on program analysis was presented.It gives aid in several scenarios of software engineering and research,such as code review,program automated instrumentation and so on.By means of static analysis,program elements is gathered by an extractor,which is responsible for mapping sources to an intermediate structure used in process of query.Query language proposed in this paper depicts query condition in the formalism of predicate logic expression.On the basis of this technology,a tool for querying code in C/C++ language was implemented as an Eclipse plug-in.

Jiaqi Xiong,Guoqiang Chen,Kejiang Chen,Han Gao,Shaoyin Cheng,Weiming Zhang

DOI: https://doi.org/10.1109/ase56229.2023.00099

2024-01-01

Abstract:Decompilation is a widely used process for reverse engineers to significantly enhance code readability by lifting assembly code to a higher-level C-like language, pseudo-code. Nevertheless, the process of compilation and stripping irreversibly discards high-level semantic information that is crucial to code comprehension, such as comments, identifier names, and types. Existing approaches typically recover only one type of information, making them suboptimal for semantic inference. In this paper, we treat pseudo-code as a special programming language, then present a unified pre-trained model, HexT5, that is trained on vast amounts of natural language comments, source identifiers, and pseudo-code using novel pseudo-code-based pre-training objectives. We fine-tune HexT5 on various downstream tasks, including code summarization, variable name recovery, function name recovery, and similarity detection. Comprehensive experiments show that HexT5 achieves state-of-the-art performance on four downstream tasks, and it demonstrates the robust effectiveness and generalizability of HexT5 for binary-related tasks.

Pei Wang,Shuai Wang,Jiang Ming,Yufei Jiang,Dinghao Wu

DOI: https://doi.org/10.1109/eurosp.2016.21

2016-03-01

Abstract:Program obfuscation is an important software protection technique that prevents attackers from revealing the programming logic and design of the software. We introduce translingual obfuscation, a new software obfuscation scheme which makes programs obscure by "misusing" the unique features of certain programming languages. Translingual obfuscation translates part of a program from its original language to another language which has a different programming paradigm and execution model, thus increasing program complexity and impeding reverse engineering. In this paper, we investigate the feasibility and effectiveness of translingual obfuscation with Prolog, a logic programming language. We implement translingual obfuscation in a tool called BABEL, which can selectively translate C functions into Prolog predicates. By leveraging two important features of the Prolog language, i.e., unification and backtracking, BABEL obfuscates both the data layout and control flow of C programs, making them much more difficult to reverse engineer. Our experiments show that BABEL provides effective and stealthy software obfuscation, while the cost is only modest compared to one of the most popular commercial obfuscators on the market. With BABEL, we verified the feasibility of translingual obfuscation, which we consider to be a promising new direction for software obfuscation.

于冬琦,彭鑫,赵文耘

2009-01-01

Abstract:Code clone in single software system or several similar systems makes software maintenance very difficult.This paper offers an automatic refactoring method of detected cloned code based on abstract syntax tree and static analysis.At first,this method builds abstract syntax trees for cloned code separately.Then the difference between statements is used to establish the relationship between flow control statements in abstract syntax trees.Based on these steps,this method analyses the difference between flow control statements and the difference between simple statement blocks,and finally combines the cloned code through extracting the variation points in source code.We have developed a prototype tool which supports refatoring of cloned code of Java.And experiments on automatic refactoring are taken on JDK1.5 and a business system.The initial result shows that this method can assist developer achieve the goal of automatically refatoring of cloned code both accurately and effectively.

Lei Yu,Yucong Duan

DOI: https://doi.org/10.3390/s22207714

2022-10-11

Abstract:This paper reveals the hidden dangers of reverse data modifications on distributed software with network synchronization, during the era of 5G, which may occur in more important domains, such as telemedicine and automatic driving. We used pseudo-codes to formally elaborate the distributed software architectures and design patterns. It is necessary to deal with three challenges for the modification of binary code and data in the distributed software architectures: (1) the base virtual addresses of software objects are changed frequently for safety; (2) prior knowledge of the reverse is not considered; (3) system memory values of some target objects are changed with extreme speed. For this purpose, a novel reverse modification method for binary code and data is proposed. According to the knowledge-based rules, our method can manipulate physical data, sight data, animation data, etc., while the game synchronization mechanism cannot detect the changes. The implementation details of our method are presented using high-level programming languages (C++) and low-level programming languages (assembly), based on multiple snippets, so that readers can understand both the overall distributed software developments and the corresponding reverse processes. In particular, two network games are used for the demonstrations in this paper. The demonstration results show that our proposed methodology is efficient (as proved by formulas and practices) to manipulate the codes and data of distributed software using a synchronization mechanism.

汤志忠,李文龙,苏伯珙

2004-01-01

Ruan Jian Xue Bao/Journal of Software

Abstract:Software pipelining is a loop optimization technique that is widely implemented in modern optimizing compilers. In order to fully utilize the instruction level parallelism of the recent VLIW DSP processors, DSP programs have to be optimized by software pipelining. However, because of the transformation of the original sequential code, a software-pipelined loop is often difficult to understand, test, and debug. It is also very difficult to reuse and port a software-pipelined loop to other processors, especially when the original sequential code is unavailable. We propose a de-pipelining algorithm which converts the optimized assembly code of a software-pipelined loop back to a semantically equivalent sequential counterpart. Preliminary experiments on 20 programs verify the validity of the proposed de-pipelining algorithm.

Sandrine Blazy,Vincent Laporte,David Pichardie

DOI: https://doi.org/10.1007/s10817-015-9359-8

2016-01-25

Journal of Automated Reasoning

Abstract:Static analysis of binary code is challenging for several reasons. In particular, standard static analysis techniques operate over control-flow graphs, which are not available when dealing with self-modifying programs which can modify their own code at runtime. We formalize in the Coq proof assistant some key abstract interpretation techniques that automatically extract memory safety properties from binary code. Our analyzer is formally proved correct and has been run on several self-modifying challenges, provided by Cai et al. in their PLDI 2007 article.

computer science, artificial intelligence