Crosys: Cross Architectural Dynamic Analysis
Though there was a surge in the production of IoT devices, IoT malware analysis has remained a problem wanting for a clever solution. However, unlike PC and mobile, whose running environment is relatively standardized, IoT malware is rooted in Linux binary so that it can be built for various CPUs and with multiple libraries. For that, developing an effective dynamic analysis tool can be a challenging task.
In this paper, we present Crosys, a method for dynamic analysis of multi-architectural binaries in a single analysis host through intermediate language interpretation and binary rewriting. We explain how we elaborate binary lifting to assure both accuracy and stability. Then we propose cross-architectural dynamic analysis enabled by our work. In the end, we evaluated the stability of rewritten binary and the efficiency of dynamic analysis using technology.
Sat 17 JunDisplayed time zone: Eastern Time (US & Canada) change
16:00 - 17:50 | SOAP: Session 4 - Program Verification and Dynamic AnalysisSOAP at Magnolia 18 Chair(s): Liana Hadarean Amazon Web Services | ||
16:00 35mKeynote | Applications of Symbolic ExecutionInvited Talk SOAP William Hallahan Binghamton | ||
16:35 25mTalk | Completeness Thresholds for Memory Safety of Array Traversing Programs SOAP DOI | ||
17:00 25mTalk | Crosys: Cross Architectural Dynamic Analysis SOAP Sangrok Lee The Affiliated Institute of ETRI, Jieun Lee The Affiliated Institute of ETRI, Jaeyong Ko The Affiliated Institute of ETRI, Jaewoo Shim The Affiliated Institute of ETRI DOI | ||
17:25 25mTalk | RaceInjector: Injecting Races to Evaluate and Learn Dynamic Race Detection Algorithms (Virtual) SOAP Michael Wang Massachusetts Institute of Technology, Shashank Srikant MIT, Malavika Samak CSAIL, MIT, Una-May O’Reilly Massachusetts Institute of Technology DOI |