Binary analysis security
Projects A list of suggeted projects will be provided. Students may also propose their own projects. Grading Tentative Class participation: Dynamic Binary Translation and Instrumentation Reading materials: How to write a pintool Dynamic Taint Analysis: Whole-System Dynamic Binary Analysis: Whole-System Dynamic Analysis cont'ed: Introduction to symbolic execution Reading materials: Control Flow Integrity Reading materials: Introduction to Program Slicing Reading materials: Program Slicing Dynamic Program Slicing.
If you are interested in collaborating in any of these areas, please contact David Brumley. Much of our research is distilled into our next-generation binary analysis platform, called BAP.
We have two distributions of BAP. First, we give source code access to our latest development version i. There are two ways to become a research partner. First, we can have an active scholarly research collaboration.
Second, you can become a CyLab partner. Unfortunately we are unable to give out access to the latest trunk to others not working directly with us. We also periodically have public releases in the interests of scholarly dissemination.
The open releases tend to be more stable, but have fewer "cutting edge" features. At this time, we retain all copyright and modification rights. If you have a project in mind where this is an issue, please contact David. If you find BAP useful, we would appreciate it if you would email David. Such notes help us secure additional funding, which in turn allows us to add new features and make more releases. The History of BAP: BAP is the successor to the binary analysis techniques developed for Vine the static analysis component of BitBlaze as part of David Brumley work on the BitBlaze project, which is headed up by Dawn Song.
BAP clearly builds upon Vine, and we are indebted to all that worked with us on that project. However, many things changed. For example, the IL now allows us to express endianness explicitly.
We found this necessary in order to fully support bi-endian architectures such as ARM. This change in the IL required changes throughout the code. In addition, we now have well-defined interfaces and utilities. Vine grew organically out of many projects. We took lessons learned from those projects to develop the core API and utilities.