Masters Thesis Defense “Static Evaluation of Type Inference and Propagation on Global Variables with Varying Context” By Ivan Frasure

Committee:  Drs. Michelle Cheatham, Advisor, John Gallagher, and Mateen Rizki

ABSTRACT:

Software reverse engineering (SRE) is a broad field with motivations ranging from verifying or documenting gordian source code files to understanding and reimplementing binary object files and executables. SRE of binaries is exceptionally compelling and challenging due to large amounts of information that can be lost in the compilation progress. A central area in SRE is type inference. Type inference is built around a fundamental step in understanding the behavior of a binary, recovering the types of data in the program. Type inference has many unique techniques in both static and dynamic type inference systems that have been implemented in more than forty approaches.

The problem has been noted in literature that evaluation and testing is difficult in software reverse engineering due to various challenges like closed-source tools, commercial fees, inconstancy of data being tested; a 2016 survey noted many of these tools cannot be compared against each other, or introduce techniques that would be beneficial to evaluate in other situations. This survey noted the need for additional work to focus more on specific techniques in the hopes of generating better environments to test approaches in, or compare against, even if there is no access to the tool.

This lightweight configurable approach evaluates the well-known techniques of flow-sensitive, context-sensitive, type inference based on instructions and type propagation, however, it works to isolate these techniques and compares how they changed with additional information. With this in mind, all the indicators are configurable as means to help engineers who are interested in evaluating the effectiveness of an indicator within a configuration or technique.