Declarative Analysis of Binary Code with G. Gary Tan
The ability to analyze binary code without access to source code has always been a highly sought-after goal for computer-security practitioners. Unfortunately, despite intensive research, most binary-analysis techniques are based on heuristics, make heavy assumptions about compilation toolchains, and/or have limited coverage. In this talk, we present a generic binary-level pointer analysis called BPA, which is based on a novel block memory model and implemented as declarative Datalog rules that can be efficiently solved. Experimental results demonstrate that BPA produces relatively precise results, and is much more scalable than value-set analysis (VSA), the state-of-the-art binary-level pointer analysis. We will present applying BPA to binary reverse engineering and discuss our ongoing effort of building a precise, robust, and scalable binaryanalysis framework, by combining binary analysis with machine learning and by building efficient solvers of declarative binary-analysis rules.
Bio: Dr. G. Gary Tan is a Professor in the Computer Science and Engineering Department of the Pennsylvania State University. He leads Penn State's Security of Software (SOS) Group, which is broadly interested in applying formal method, compiler, and programming language techniques to improving computer security. He currently serves on the DARPA ISAT study group, an advisory group for DARPA. His research group has made substantial contributions to software security, especially in control-flow integrity, software-based fault isolation, automatic privilege separation of software, and interface safety in multilingual software. He received a James F. Will Career Development Professorship, an NSF CAREER Award, two Google Research Awards, a Ruth and Joel Spira Excellence in Teaching Award at Penn State, a Distinguished Reviewer Award at 2018 IEEE Symposium on Security and Privacy, and some best paper awards at academic conferences.