Blogs (1) >>
ASE 2019
Sun 10 - Fri 15 November 2019 San Diego, California, United States
Thu 14 Nov 2019 14:20 - 14:40 at Cortez 1 - Program Analysis Chair(s): Coen De Roover

Reverse execution and coredump analysis have long been used to diagnose the root cause of software crashes. Each of these techniques, however, face inherent challenges, such as insufficient capability when handling memory aliases. Recent works have used hypothesis testing to address this drawback, albeit with high computational complexity, making them impractical for real world applications. To address this issue, we propose a new deep neural architecture, which could significantly improve memory alias resolution. At the high level, our approach employs a recurrent neural network (RNN) to learn the binary code pattern pertaining to memory accesses. It then infers the memory region accessed by memory references. Since memory references to different regions naturally indicate a non-alias relationship, our neural architecture can greatly reduce the burden of doing hypothesis testing to track down non-alias relation in binary code.

Different from previous researches that have utilized deep learning for other binary analysis tasks, the neural network proposed in this work is fundamentally novel. Instead of simply using off-the-shelf neural networks, we designed a new recurrent neural architecture that could capture the data dependency between machine code segments.

To demonstrate the utility of our deep neural architecture, we implement it as RENN, a neural network-assisted reverse execution system. We utilize this tool to analyze software crashes corresponding to 40 memory corruption vulnerabilities from the real world. Our experiments show that RENN can significantly improve the efficiency of locating the root cause for the crashes. Compared to a state-of-the-art technique, RENN has 36.25% faster execution time on average, detects an average of 21.35% more non-alias pairs, and successfully identified the root cause of 12.5% more cases.

Thu 14 Nov
Times are displayed in time zone: Tijuana, Baja California change

13:40 - 15:20: Program AnalysisPapers / Research Papers / Demonstrations at Cortez 1
Chair(s): Coen De RooverVrije Universiteit Brussel
13:40 - 14:00
Talk
Debreach: Mitigating Compression Side Channels via Static Analysis and Transformation
Research Papers
Brandon PaulsenUniversity of Southern California, Chungha SungUniversity of Southern California, Peter PetersonUniversity of Minnesota Duluth, Chao WangUSC
14:00 - 14:20
Talk
Fine-grain memory object representation in symbolic execution
Research Papers
Martin NowackImperial College London
14:20 - 14:40
Talk
RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis
Research Papers
Dongliang MuNanjing University, Wenbo GuoThe Pennsylvania State University, Alejandro CuevasThe Pennsylvania State University, Yueqi ChenThe Pennsylvania State University, Jinxuan GaiThe Pennsylvania State University, Xinyu XingThe Pennsylvania State University, Bing MaoNanjing University, Chengyu SongUC Riverside
14:40 - 15:00
Talk
Batch Alias Analysis
Research Papers
Pre-print
15:00 - 15:10
Demonstration
Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts
Demonstrations
Mark MossbergTrail of Bits, Felipe ManzanoTrail of Bits, Eric HennenfentTrail of Bits, Alex GroceTrail of Bits, Gustavo GriecoTrail of Bits, Josselin FeistTrail of Bits, Trent BrunsonTrail of Bits, Artem DinaburgTrail of Bits
Media Attached
15:10 - 15:20
Demonstration
BuRRiTo: A Framework to Extract, Specify, Verify and Analyze Business Rules
Demonstrations
Pavan ChittimalliTCS Research, Kritika AnandTCS Research, Shrishti PradhanTCS Research, Sayandeep MitraTCS Research, Chandan PrakashTCS Research, Rohit ShereTCS Research, Ravindra NaikTCS Research, TRDDC, India