  • 程凯,宋站威,刘明东,于楠,朱红松,孙利民.二进制程序静态分析技术研究综述[J].信息安全学报,已采用    [点击复制]
  • Cheng Kai,Song Zhanwei,Liu Mingdong,Yu Nan,Zhu Hongsong,Sun Limin.A Survey of Static Analysis Techniques of Binary Code[J].Journal of Cyber Security,Accept   [点击复制]
程凯, 宋站威, 刘明东, 于楠, 朱红松, 孙利民
关键词:  二进制程序静态分析  数据流分析  别名分析  符号执行  静态污点分析  物联网设备
A Survey of Static Analysis Techniques of Binary Code
Cheng Kai, Song Zhanwei, Liu Mingdong, Yu Nan, Zhu Hongsong, Sun Limin
(Institute of Information Engineering, Chinese Academy of Sciences)
Static analysis techniques, as an important part of the program analysis, has developed very maturely in source code analysis, however, is developing slowly in binary program analysis. With the widespread use of the Internet of Things (IoT), many characteristics of IoT devices, including diverse instruction architectures, different operating systems, limited hardware resources, most C-based development, and closed source code, bring new challenges and demands to binary static analysis. In recent years, vulnerability discovery on IoT firmware images through bi-nary static analysis techniques has gradually attracted researchers’ attention. Based on the basic principles of static analysis, we will introduce and summarize the binary static analysis techniques from aspects of data-flow analysis, alias analysis, symbolic execution, and static taint analysis. Finally, we will discuss the research focus and direction in the future.
Key words:  binary static analysis  data-flow analysis  alias analysis  symbolic execution  static taint analysis  Internet of Things devices