Publication Details
Advanced Preprocessing of Binary Executable Files and its Usage in Retargetable Decompilation
reverse engineering, decompilation, packer detection, unpacking, executable file, Lissom
Retargetable machine-code decompilation is used for a platform-independent transformation of executable files into a high level language (HLL) representation (e.g., C language). It is a complex task that must deal with a lot of different platform-specific features and missing information. Accurate preprocessing of input executable files is one of the necessary prerequisites in order to achieve the best results. Furthermore, we can use gathered information to achieve higher quality of decompilation. This paper presents an extended version of our previous system for an accurate code preprocessing. It is implemented as a generic preprocessing system that consists of a precise compiler and packer detector, plugin-based unpacker, converter into an internal platform-independent file format, and debugging information gathering library. We also describe an utilization of the collected information in a problem of automatic data-type reconstruction. This system has been adopted and tested in an existing retargetable decompiler. According to our experimental results, the proposed retargetable solution is fully competitive with existing platform-dependent tools.
@article{BUT111534,
author="Jakub {Křoustek} and Peter {Matula} and Dušan {Kolář} and Milan {Zavoral}",
title="Advanced Preprocessing of Binary Executable Files and its Usage in Retargetable Decompilation",
journal="International Journal on Advances in Software",
year="2014",
volume="7",
number="1",
pages="112--122",
issn="1942-2628",
url="http://www.iariajournals.org/software/tocv7n12.html"
}