國立虎尾科技大學 |

BYTERI : = Byte Resonance Imaging of Binary Executables.

紀錄類型:	書目-語言資料,手稿 : Monograph/item
正題名/作者:	BYTERI :/
其他題名:	Byte Resonance Imaging of Binary Executables.
作者:	Narasimha, Seshagiri Prabhu.
面頁冊數:	1 online resource (218 pages)
附註:	Source: Dissertations Abstracts International, Volume: 85-12, Section: B.
Contained By:	Dissertations Abstracts International85-12B.
標題:	Information technology. -
電子資源:	click for full text (PQDT)
ISBN:	9798383179239

BYTERI : = Byte Resonance Imaging of Binary Executables.
Narasimha, Seshagiri Prabhu.

BYTERI :Byte Resonance Imaging of Binary Executables. - 1 online resource (218 pages)

Source: Dissertations Abstracts International, Volume: 85-12, Section: B.

Thesis (Ph.D.)--University of Louisiana at Lafayette, 2024.

Includes bibliographical references

Knowledge of the input format of binary executables is important for finding bugs and vulnerabilities, such as generating data for fuzzing or manual reverse engineering. This dissertation presents two algorithms that leverage dynamic taint analysis to recover the structure of the input of binary executables.These algorithms improve upon prior work by not just partitioning the input into consecutive bytes representing values but also identifying syntactic components of structures, such as fixed and variable-length fields, nested structures, and simple arrays. Notably, the second algorithm additionally infers different array types, including arrays of atomic fields, arrays of records, arrays with variant records, and even semantic relationships between fields, such as a field specifying the total number of elements of an array.The first algorithm infers a recursive state machine (RSM) representing the syntactic structure, while the second one recovers the structure in a C/C++-like notation capturing both syntactic structure and semantic relations between fields of the input. An additional algorithm is introduced to combine structures from multiple inputs, making it feasible to create an abstract structure that represents a more complete space of input data acceptable to a binary executable.The algorithms were implemented in prototype systems named BYTERI-1.0 and BYTERI-2.0 (Byte Resonance Imaging). The evaluation involved a controlled experiment using synthetic programs mimicking real-world formats (PE, PNG, BMP, and CSV) and real-world programs (parsers for BMP, PNG, GIF, TIFF, ZIP, PDF, XML linter, and a disassembler). Both BYTERI-1.0 and BYTERI-2.0 correctly identified the syntactic structure. Additionally, BYTERI-2.0 successfully inferred semantic relations between fields.Furthermore, the recovered structures were used to generate valid input data. BYTERI-1.0 succeeded when the syntax was not context-sensitive, such as when a field specifies the length of a variable-length field. BYTERI-2.0-generated data was valid for all synthetic programs and some real-world ones.

Electronic reproduction.
Ann Arbor, Mich. :
ProQuest,
2024

Mode of access: World Wide Web

ISBN: 9798383179239Subjects--Topical Terms:

559429
Information technology.
Subjects--Index Terms:

Dynamic taint analysisIndex Terms--Genre/Form:

554714
Electronic books.

BYTERI : = Byte Resonance Imaging of Binary Executables.
LDR:03495ntm a22004097 4500 001 1150191
005 20241022111611.5
006 m o d
007 cr bn ---uuuuu
008 250605s2024 xx obm 000 0 eng d
020 $a 9798383179239
035 $a (MiAaPQ)AAI31244335
035 $a AAI31244335
040 $a MiAaPQ $b eng $c MiAaPQ $d NTU
100 1 $a Narasimha, Seshagiri Prabhu. $3 1476632
245 1 0 $a BYTERI : $b Byte Resonance Imaging of Binary Executables.
264 0 $c 2024
300 $a 1 online resource (218 pages)
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
500 $a Source: Dissertations Abstracts International, Volume: 85-12, Section: B.
500 $a Advisor: Lakhotia, Arun.
502 $a Thesis (Ph.D.)--University of Louisiana at Lafayette, 2024.
504 $a Includes bibliographical references
520 $a Knowledge of the input format of binary executables is important for finding bugs and vulnerabilities, such as generating data for fuzzing or manual reverse engineering. This dissertation presents two algorithms that leverage dynamic taint analysis to recover the structure of the input of binary executables.These algorithms improve upon prior work by not just partitioning the input into consecutive bytes representing values but also identifying syntactic components of structures, such as fixed and variable-length fields, nested structures, and simple arrays. Notably, the second algorithm additionally infers different array types, including arrays of atomic fields, arrays of records, arrays with variant records, and even semantic relationships between fields, such as a field specifying the total number of elements of an array.The first algorithm infers a recursive state machine (RSM) representing the syntactic structure, while the second one recovers the structure in a C/C++-like notation capturing both syntactic structure and semantic relations between fields of the input. An additional algorithm is introduced to combine structures from multiple inputs, making it feasible to create an abstract structure that represents a more complete space of input data acceptable to a binary executable.The algorithms were implemented in prototype systems named BYTERI-1.0 and BYTERI-2.0 (Byte Resonance Imaging). The evaluation involved a controlled experiment using synthetic programs mimicking real-world formats (PE, PNG, BMP, and CSV) and real-world programs (parsers for BMP, PNG, GIF, TIFF, ZIP, PDF, XML linter, and a disassembler). Both BYTERI-1.0 and BYTERI-2.0 correctly identified the syntactic structure. Additionally, BYTERI-2.0 successfully inferred semantic relations between fields.Furthermore, the recovered structures were used to generate valid input data. BYTERI-1.0 succeeded when the syntax was not context-sensitive, such as when a field specifies the length of a variable-length field. BYTERI-2.0-generated data was valid for all synthetic programs and some real-world ones.
533 $a Electronic reproduction. $b Ann Arbor, Mich. : $c ProQuest, $d 2024
538 $a Mode of access: World Wide Web
650 4 $a Information technology. $3 559429
650 4 $a Engineering. $3 561152
650 4 $a Computer science. $3 573171
653 $a Dynamic taint analysis
653 $a Input grammar
653 $a Reverse engineering
653 $a Structure recovery
653 $a Input data
655 7 $a Electronic books. $2 local $3 554714
690 $a 0984
690 $a 0489
690 $a 0800
690 $a 0537
710 2 $a University of Louisiana at Lafayette. $b Computer Science. $3 1195497
710 2 $a ProQuest Information and Learning Co. $3 1178819
773 0 $t Dissertations Abstracts International $g 85-12B.
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=31244335 $z click for full text (PQDT)