A Control Flow Reconstruction Algorithm for Binary Code with Mixed Codec Mode
Control flow is the basis of program analysis and comprehension, and the reconstruction of control flow is the start and sticking point in Firm-Code Reversing Analysis. By contrast with structured binary executable file (PE, ELF, etc.), firm-code is unstructured and mixed-coded, which makes it unsuitable to use traditional control flow reconstruction algorithm in the control flow reconstruction of it. Reversing researchers have been working on Firm-Code Reversing Analysis for a long time and solved many problems such as distinction between instructions and data in binary code, calculus of destination address in transform instruction using indirect addressing mode, recovery of jump table and so on, whereas the problem of reconstructing control flow from binary code with mixed codec mode is rarely studied. In this paper, we study binary code with mixed codec mode, present a control flow reconstruction algorithm for it and then analyze the time complexity of the algorithm.
control flow control flow graph mixed codec mode reverse engineering control flow reconstruction
ZHAO Yuan ZENG Guangyu HU Gang
Department of Computer Science and Technology Zhengzhou Institute of Information Science and Technology Zhengzhou, China
国际会议
桂林
英文
61-64
2010-11-17(万方平台首次上网日期,不代表论文的发表时间)