Deakin University
Browse

File(s) under permanent embargo

Wire - a formal intermediate language for binary analysis

conference contribution
posted on 2012-01-01, 00:00 authored by Silvio Cesare, Yang Xiang
Wire is a intermediate language to enable static program analysis on low level objects such as native executables. It has practical benefit in analysing the structure and semantics of malware, or for identifying software defects in closed source software. In this paper we describe how an executable program is disassembled and translated to the Wire intermediate language. We define the formal syntax and operational semantics of Wire and discuss our justifications for its language features. We use Wire in our previous work Malwise, a malware variant detection system. We also examine applications for when a formally defined intermediate language is given. Our results include showing the semantic equivalence between obfuscated and non obfuscated code samples. These examples stem from the obfuscations commonly used by malware.

History

Event

IEEE International Conference on Trust, Security and Privacy in Computing and Communications (11th : 2012 : Liverpool, England)

Pagination

515 - 524

Publisher

IEEE

Location

Liverpool, England

Place of publication

Piscataway, N. J.

Start date

2012-06-25

End date

2012-06-27

ISBN-13

9780769547459

ISBN-10

0769547451

Language

eng

Publication classification

E1 Full written paper - refereed

Copyright notice

2012, IEEE

Editor/Contributor(s)

G Min, Y Wu, L Lei, X Jin, S Jarvis, A Al-Dubai

Title of proceedings

TrustCom 2012 : Proceedings of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC