Events & News
Colloquium
| Category | Lecture |
| Date | Wednesday, May 5, 2010 |
| Time | 2:00 pm |
| Location | GS 942 |
| Details | Committee: Saumya Debray Christian Collberg Ian Fasel |
| Speaker | Nithya Krishnamoorthy |
| Title | MS Thesis Defense |
| Affiliation | Computer Science Department-University of Arizona |
Static Detection of Disassembly Errors
Abstract: The first step in understanding the semantics of a binary executable is to extract the assembly instructions that could get executed if it is allowed to run. This sequence of assembly instructions, typically obtained by static disassembly, is assumed to be correct by many analysis techniques that build on it. However, static disassembly can be incorrect; there can be accidental errors during disassembly or a disassembler can be deliberately misled by binary obfuscation techniques, rendering this assumption invalid. This thesis proposes a machine learning approach to statically identify disassembly errors in a static disassembly, so that such potential errors can be examined more closely, using, for example, dynamic analysis. We show that a decision tree classifier that is built using this approach identifies most known disassembly errors in the malware that we used for evaluation.