Publication Details

Accurate Retargetable Decompilation Using Debug Information

KŘOUSTEK, J.; MATULA, P.; KONČICKÝ, J.; KOLÁŘ, D. Accurate Retargetable Decompilation Using Debug Information. Proceedings of the Sixth International Conference on Emerging Security Information, Systems and Technologies (SECURWARE'12). Rome: International Academy, Research, and Industry Association, 2012. p. 79-84. ISBN: 978-1-61208-209-7.
Czech title
Přesný rekonfigurovatelný zpětný překlad pomocí ladicích informací
Type
conference paper
Language
English
Authors
Křoustek Jakub, Ing., Ph.D.
Matula Peter, Ing.
Končický Jaromír, Ing.
Kolář Dušan, doc. Dr. Ing. (DIFS)
Keywords

decompilation, debugging information, PDB, DWARF, Lissom

Abstract

In this paper, we present an extension of an existing automatically generated retargetable decompiler that is capable to parse, process, and utilize compiler-generated debugging information. This tool can be used for dealing with several security-related issues (e.g., forensics, malware analysis, vulnerability detection). Additional debugging information is used for an accurate reconstruction of platform-dependent binary applications into a well-readable high-level-language representation. The proposed solution is platform and debugging-format independent. In present, two major debugging formats - DWARF and Microsoft PDB - are supported; the extracted information is used for a  recovery of several high-level constructions (e.g., variables, functions and their arguments). The proposed concept was validated by experimental results.

Published
2012
Pages
79–84
Proceedings
Proceedings of the Sixth International Conference on Emerging Security Information, Systems and Technologies (SECURWARE'12)
ISBN
978-1-61208-209-7
Publisher
International Academy, Research, and Industry Association
Place
Rome
BibTeX
@inproceedings{BUT96959,
  author="Jakub {Křoustek} and Peter {Matula} and Jaromír {Končický} and Dušan {Kolář}",
  title="Accurate Retargetable Decompilation Using Debug Information",
  booktitle="Proceedings of the Sixth International Conference on Emerging Security Information, Systems and Technologies (SECURWARE'12)",
  year="2012",
  pages="79--84",
  publisher="International Academy, Research, and Industry Association",
  address="Rome",
  isbn="978-1-61208-209-7"
}
Back to top