Call graph discovery in binary programs from unknown instruction set architectures

Authors

  • Håvard Pettersen NTNU
  • Donn Morrison NTNU

Keywords:

reverse engineering, unknown CPU architecture, program call graph, binary analysis

Abstract

This study addresses the challenge of reverse engineering binaries from unknown instruction set architectures, a complex task with potential implications for software maintenance and cyber-security.We focus on the tasks of detecting candidate call and return opcodes for automatic extraction of call graphs in order to simplify the reverse engineering process. Empirical testing on a small dataset of binary files from different architectures demonstrates that the approach can accurately detect specific opcodes under conditions of noisy data. The method lays the groundwork for a valuable tool for reverse engineering where the reverse engineer has minimal a priori knowledge of the underlying instruction set architecture.

Downloads

Download data is not yet available.
A viking ship where the sail is a Linear Feedback Shift Register, and teh shields are zeros and ones, sailing on a sea that is NISK

Downloads

Published

2023-11-28

How to Cite

[1]
H. Pettersen and D. Morrison, “Call graph discovery in binary programs from unknown instruction set architectures”, NIKT, no. 3, Nov. 2023.

Issue

No. 3 (2023): NISK Norsk informasjonssikkerhets-konferanse

Section

Regular papers

License

Copyright (c) 2023 CC BY 4.0 Deed

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.