Deakin home > Deakin University Library > Deakin Research Online > Wire - a formal intermediate language for binary analysis

Wire - a formal intermediate language for binary analysis

Cesare, Silvio and Xiang, Yang 2012, Wire - a formal intermediate language for binary analysis, in TrustCom 2012 : Proceedings of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, IEEE, Piscataway, N. J., pp. 515-524.

Attached Files (Some files may be inaccessible until you login with your Deakin Research Online credentials)
Name Description MIMEType Size Downloads

Title Wire - a formal intermediate language for binary analysis
Author(s) Cesare, Silvio
Xiang, Yang
Conference name IEEE International Conference on Trust, Security and Privacy in Computing and Communications (11th : 2012 : Liverpool, England)
Conference location Liverpool, England
Conference dates 25-27 Jun. 2012
Title of proceedings TrustCom 2012 : Proceedings of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
Editor(s) Min, Geyong
Wu, Yulei
Lei, Liu (Chris)
Jin, Xiaolong
Jarvis, Stephen
Al-Dubai, Ahmed Y.
Publication date 2012
Conference series IEEE International Conference on Trust, Security and Privacy in Computing and Communications
Start page 515
End page 524
Total pages 10
Publisher IEEE
Place of publication Piscataway, N. J.
Keyword(s) binary analysis
intermediate language
semantics
Summary Wire is a intermediate language to enable static program analysis on low level objects such as native executables. It has practical benefit in analysing the structure and semantics of malware, or for identifying software defects in closed source software. In this paper we describe how an executable program is disassembled and translated to the Wire intermediate language. We define the formal syntax and operational semantics of Wire and discuss our justifications for its language features. We use Wire in our previous work Malwise, a malware variant detection system. We also examine applications for when a formally defined intermediate language is given. Our results include showing the semantic equivalence between obfuscated and non obfuscated code samples. These examples stem from the obfuscations commonly used by malware.
ISBN 9781467321723
9780769547459
Language eng
Field of Research 109999 Technology not elsewhere classified
Socio Economic Objective 970110 Expanding Knowledge in Technology
HERDC Research category E1 Full written paper - refereed
Persistent URL http://hdl.handle.net/10536/DRO/DU:30049570

Document type: Conference Paper
Collection: School of Information Technology
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in Deakin Research Online is owned by the author, with all rights reserved.

Versions
Version Filter Type
Access Statistics: 11 Abstract Views, 3 File Downloads  -  Detailed Statistics
Created: Thu, 29 Nov 2012, 08:00:00 EST