SPLASH 2020
Sun 15 - Sat 21 November 2020 Online Conference
Fri 20 Nov 2020 13:40 - 14:00 at SPLASH-III - F-4B Chair(s): Aviral Goel, Ton Chanh Le
Sat 21 Nov 2020 01:40 - 02:00 at SPLASH-III - F-4B

We address the problem of reverse engineering of stripped executables, which contain no debug information.
This is a challenging problem because of the low amount of syntactic information available in stripped
executables, and the diverse assembly code patterns arising from compiler optimizations.
We present a novel approach for predicting procedure names in stripped executables. Our approach combines
static analysis with neural models. The main idea is to use static analysis to obtain augmented representations
of call sites; encode the structure of these call sites using the control-flow graph (CFG) and finally, generate a
target name while attending to these call sites. We use our representation to drive graph-based, LSTM-based
and Transformer-based architectures.
Our evaluation shows that our models produce predictions that are difficult and time consuming for humans,
while improving on existing methods by 28% and by 100% over state-of-the-art neural textual models that do
not use any static analysis. Code and data for this evaluation are available at https://github.com/tech-srl/Nero.

Conference Day
Fri 20 Nov

Displayed time zone: Central Time (US & Canada) change

Conference Day
Sat 21 Nov

Displayed time zone: Central Time (US & Canada) change