开云官方网站软件与理论研究所
杰出专家学者系列学术报告
报告题目:BinGo: Cross-Architecture Cross-OS Binary Search
报告人:Liu Yang ,phD ,professor
时间:2016年6月3日(星期四)上午10:00
地点:10号楼420 信息公司会议室
摘要:Binary code search has received much attention recently due to its
impactful applications, e.g., plagiarism detection, malware detection and software vulnerability auditing. However, developing an effective binary code search tool is challenging due to the gigantic syntax and structural differences in binaries resulted from different compilers, architectures and OSs. In this paper, we propose BINGO: a scalable and robust binary search engine supporting various architectures and OSs. The key contribution is a selective inlining technique to capture the complete function semantics by inlining
relevant library and user-defined functions. In addition, architecture and OS neutral function filtering is proposed to dramatically reduce the irrelevant target functions. Besides, we introduce length variant partial traces to model binary functions in a program structure agnostic fashion. The experimental results show that BINGO can find semantic similar functions across architecture and OS boundaries, even with the presence of program structure distortion, in a scalable manner. Using BINGO, we have discovered a zero-day vulnerability
in Adobe PDF Reader, a COTS binary.
报告人简介:
Dr Liu Yang graduated in 2005 with a Bachelor of Computing
(Honours) in the National University of Singapore (NUS). In 2010, he obtained his PhD and started his post doctoral work in NUS, MIT and SUTD. In 2011, Dr Liu is awarded the Temasek Research Fellowship at NUS to be the Principal Investigator in the area of Cyber Security. In 2012 fall, he joined Nanyang Technological University as a Nanyang Assistant professor.
Dr. Liu specializes in software verification, security and software engineering. His research has bridged the gap between the theory and practical usage of formal methods and program analysis to evaluate the design and implementation of software for high assurance and security. His work led to the development of a state-of-the-art model checker, Process Analysis Toolkit (PAT). This tool is used by research institutions in over 80 countries for research and education. By now, he has more than 150 publications and leading the cybersecurity lab in NTU.