The University of Arizona
banner image

lynx: Analysis of Hard-to-analyze Code

lynx-logo The lynx project aims to develop principled and general techniques and tools to automate the analysis of code that is hard to analyze. Here, "principled" refers to techniques that are based on the program's behavior, i.e., its semantics; and "general" means that we try to make as few assumptions as possible, and avoid the use of ad hoc or system-specific tricks.

Our current research has two foci:

Publications

  1. Representing and Reasoning about Dynamic Code, with Jesse Bartels and Jon Stephens.
    Proc. 35th. IEEE/ACM International Conference on Automated Software Engineering (ASE), Sept. 2020.
    Abstract  |  Paper (PDF)  |  Code (zip): Github or UArizona  |  Data
  2. Probabilistic Obfuscation through Covert Channels, Jon Stephens, Babak Yadegari, Christian Collberg, Saumya Debray, and Carlos Scheidegger.
    Proc. Third IEEE European Symposium on Security and Privacy (EuroS&P), April 2018.
    Abstract
    Paper: PDF
  3. Babak Yadegari and Saumya Debray. Control Dependencies in Interpretive Systems.
    Proc. 17th International Conference on Runtime Verification (RV 2017), Sept. 2017.
    Abstract
    Paper: PDF
  4. Babak Yadegari, Jon Stephens, and Saumya Debray. Analysis of Exception-Based Control Transfers.
    Proc. 7th ACM Conference on Data and Application Security and Privacy (CODASPY), March 2017.
    Abstract
    Paper: PDF
  5. Babak Yadegari and Saumya Debray. Symbolic Execution of Obfuscated Code.
    Proc. 22nd ACM Conference on Computer and Communications Security (CCS), Oct. 2015.
    Abstract
    Paper: PDF
  6. Babak Yadegari, Brian Johannesmeyer, Benjamin Whitely, and Saumya Debray. A Generic Approach to Automatic Deobfuscation of Executable Code.
    Proc. 36th IEEE Symposium on Security and Privacy, May 2015.
    Abstract
    Paper: PDF
    Source code (tar.gz, 2.3 MB)   |   Input programs   |   Traces (tar.gz, 6.0 GB)
  7. Jing Qiu, Babak Yadegari, Brian Johannesmeyer, Saumya Debray, and Xiaohong Su. Identifying and Understanding Self-Checksumming Defenses in Software.
    Proc. Fifth ACM Conference on Data and Application Security and Privacy (CODASPY), March 2015.
    Abstract
    Paper: PDF
  8. Babak Yadegari and Saumya Debray. Bit-Level Taint Analysis.
    Proc. 14th IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM), Sept. 2014.
    Abstract
    Paper: PDF

  9. Gen Lu and Saumya Debray. Weaknesses in Defenses Against Web-Borne Malware (Extended Abstract).
    10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), July 2013.
    Abstract
    Paper: PDF

  10. Gen Lu and Saumya Debray. Automatic Simplification of Obfuscated JavaScript Code: A Semantics-Based Approach.
    Proc. Sixth IEEE International Conference on Software Security and Reliability (SERE), pages 31–40. June 2012.
    Abstract
    Paper: PDF

  11. Gen Lu, Kevin Coogan, and Saumya Debray. Automatic Simplification of Obfuscated JavaScript Code (Extended Abstract).
    Proc. ICISTM-12 Workshop on Program Protection and Reverse Engineering (PPREW). March 2012.
    Abstract
    Paper: PDF

  12. Kevin Coogan, Gen Lu, and Saumya Debray. Deobfuscating Virtualization-Obfuscated Software: A Semantics-Based Approach.
    Proc. ACM Conference on Computer and Communications Security (CCS) Oct. 2011, pages 275-284.
    Abstract
    Paper: PDF

  13. Kevin Coogan and Saumya Debray. Equational Reasoning on x86 Assembly Code.
    Proc. Eleventh IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM), Sept. 2011.
    Abstract
    Paper: PDF

  14. Jay Patel and Saumya Debray. Reverse Engineering Self-Modifying Code: Unpacker Extraction.
    Proc. 17th. IEEE Working Conference on Reverse Engineering, October 2010, pages 131-140.
    Abstract
    Paper: Postscript   |   PDF

  15. Mila Dalla Preda, Roberto Giacobazzi, Saumya Debray, Kevin Coogan, and Gregg Townsend. Modelling Metamorphism by Abstract Interpretation.
    Proc. 17th. International Static Analysis Symposium (SAS), Sept. 2010, pages 218–235.
    Abstract
    Paper: Postscript   |   PDF

  16. Kevin Coogan, Saumya Debray, Tasneem Kaochar, and Gregg Townsend. Automatic Static Unpacking of Malware Binaries.
    Proc. 16th. IEEE Working Conference on Reverse Engineering, October 2009, pp. 167-176.
    Abstract
    Paper: Postscript   |   PDF

  17. Nithya Krishnamoorthy, Saumya Debray, and Keith Fligg. Static Detection of Disassembly Errors.
    Proc. 16th. IEEE Working Conference on Reverse Engineering, October 2009, pp. 259-268.
    Abstract
    Paper: Postscript   |   PDF

  18. Saumya Debray, Kevin Coogan and Gregg Townsend. On the Semantics of Self-Unpacking Malware Code.
    Draft, July 2008.
    Abstract
    Paper: Postscript  |  PDF