Symbolic Execution for Function Matching
PublicDownloadable Content
open in viewerThe idea for this project was to use symbolic execution to create an architecture-agnostic representation of a function to use for matching. Symbolic execution is a dynamic analysis method that provides the reverse engineer with a better understanding of what a binary does during run-time. Using symbolic execution for a function matcher allows for matches based on how they react to symbolic variables. We use symbolic constraints to match functions cross architecture. Our matcher gave us 87% of functions matched when it came to ideal functions for this matcher type. Ideal functions for this matcher are those whose control flow relies on run time data. Our proposed matcher attempts to solve the problem of cross architecture comparisons of binaries while also allowing full code coverage.
- This report represents the work of one or more WPI undergraduate students submitted to the faculty as evidence of completion of a degree requirement. WPI routinely publishes these reports on its website without editorial or peer review.
- Creator
- Publisher
- Identifier
- E-project-101217-110947
- Advisor
- Year
- 2017
- Center
- Sponsor
- Date created
- 2017-10-12
- Resource type
- Major
- Rights statement
Relations
- In Collection:
Items
Permanent link to this page: https://digital.wpi.edu/show/pn89d8101