Angr - The Next Generation of Binary Analysis

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Software is becoming increasingly more complex, and vul-nerabilities more subtle Better approaches are required to effectively analyze modern binaries, efficiently identify deeply buried defects, and intelligently assist human analysts with specific software reversing tasks Tons of good techniques and approaches regarding binary analysis have recently emerged from both academia and industry, many of which are fairly applicable to real-world binary research tasks However, due to the lack of a flexible and approachable binary analysis platform, testing and applying these techniques becomes a difficult job. angr is the next-generation binary analysis platform devel-oped by the SecLab of University of California, Santa Barbara It is flexible, easy to work with, cross-platform and cross-architecture, and has many techniques from academia already implemented and embedded inside In this course, we will start about the fundamental underpinnings of angr, dynamic symbolic execution, and static binary analysis We will then demonstrate best practices in doing symbolic execution and data dependence tracking in angr In the end, we will show how angr can assist in bug hunting All demos will be performed on CTF challenges and real-world programs.

Original languageEnglish (US)
Title of host publicationProceedings - 2017 IEEE Cybersecurity Development Conference, SecDev 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages8-9
Number of pages2
ISBN (Electronic)9781538634677
DOIs
StatePublished - Oct 20 2017
Event2017 IEEE Cybersecurity Development Conference, SecDev 2017 - Cambridge, United States
Duration: Sep 24 2017Sep 26 2017

Other

Other2017 IEEE Cybersecurity Development Conference, SecDev 2017
CountryUnited States
CityCambridge
Period9/24/179/26/17

Fingerprint

Defects
Testing
Industry

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Cite this

Wang, F., & Shoshitaishvili, Y. (2017). Angr - The Next Generation of Binary Analysis. In Proceedings - 2017 IEEE Cybersecurity Development Conference, SecDev 2017 (pp. 8-9). [8077799] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SecDev.2017.14

Angr - The Next Generation of Binary Analysis. / Wang, Fish; Shoshitaishvili, Yan.

Proceedings - 2017 IEEE Cybersecurity Development Conference, SecDev 2017. Institute of Electrical and Electronics Engineers Inc., 2017. p. 8-9 8077799.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Wang, F & Shoshitaishvili, Y 2017, Angr - The Next Generation of Binary Analysis. in Proceedings - 2017 IEEE Cybersecurity Development Conference, SecDev 2017., 8077799, Institute of Electrical and Electronics Engineers Inc., pp. 8-9, 2017 IEEE Cybersecurity Development Conference, SecDev 2017, Cambridge, United States, 9/24/17. https://doi.org/10.1109/SecDev.2017.14
Wang F, Shoshitaishvili Y. Angr - The Next Generation of Binary Analysis. In Proceedings - 2017 IEEE Cybersecurity Development Conference, SecDev 2017. Institute of Electrical and Electronics Engineers Inc. 2017. p. 8-9. 8077799 https://doi.org/10.1109/SecDev.2017.14
Wang, Fish ; Shoshitaishvili, Yan. / Angr - The Next Generation of Binary Analysis. Proceedings - 2017 IEEE Cybersecurity Development Conference, SecDev 2017. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 8-9
@inproceedings{ca096ed8641f4a04a56f3f9281376b57,
title = "Angr - The Next Generation of Binary Analysis",
abstract = "Software is becoming increasingly more complex, and vul-nerabilities more subtle Better approaches are required to effectively analyze modern binaries, efficiently identify deeply buried defects, and intelligently assist human analysts with specific software reversing tasks Tons of good techniques and approaches regarding binary analysis have recently emerged from both academia and industry, many of which are fairly applicable to real-world binary research tasks However, due to the lack of a flexible and approachable binary analysis platform, testing and applying these techniques becomes a difficult job. angr is the next-generation binary analysis platform devel-oped by the SecLab of University of California, Santa Barbara It is flexible, easy to work with, cross-platform and cross-architecture, and has many techniques from academia already implemented and embedded inside In this course, we will start about the fundamental underpinnings of angr, dynamic symbolic execution, and static binary analysis We will then demonstrate best practices in doing symbolic execution and data dependence tracking in angr In the end, we will show how angr can assist in bug hunting All demos will be performed on CTF challenges and real-world programs.",
author = "Fish Wang and Yan Shoshitaishvili",
year = "2017",
month = "10",
day = "20",
doi = "10.1109/SecDev.2017.14",
language = "English (US)",
pages = "8--9",
booktitle = "Proceedings - 2017 IEEE Cybersecurity Development Conference, SecDev 2017",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Angr - The Next Generation of Binary Analysis

AU - Wang, Fish

AU - Shoshitaishvili, Yan

PY - 2017/10/20

Y1 - 2017/10/20

N2 - Software is becoming increasingly more complex, and vul-nerabilities more subtle Better approaches are required to effectively analyze modern binaries, efficiently identify deeply buried defects, and intelligently assist human analysts with specific software reversing tasks Tons of good techniques and approaches regarding binary analysis have recently emerged from both academia and industry, many of which are fairly applicable to real-world binary research tasks However, due to the lack of a flexible and approachable binary analysis platform, testing and applying these techniques becomes a difficult job. angr is the next-generation binary analysis platform devel-oped by the SecLab of University of California, Santa Barbara It is flexible, easy to work with, cross-platform and cross-architecture, and has many techniques from academia already implemented and embedded inside In this course, we will start about the fundamental underpinnings of angr, dynamic symbolic execution, and static binary analysis We will then demonstrate best practices in doing symbolic execution and data dependence tracking in angr In the end, we will show how angr can assist in bug hunting All demos will be performed on CTF challenges and real-world programs.

AB - Software is becoming increasingly more complex, and vul-nerabilities more subtle Better approaches are required to effectively analyze modern binaries, efficiently identify deeply buried defects, and intelligently assist human analysts with specific software reversing tasks Tons of good techniques and approaches regarding binary analysis have recently emerged from both academia and industry, many of which are fairly applicable to real-world binary research tasks However, due to the lack of a flexible and approachable binary analysis platform, testing and applying these techniques becomes a difficult job. angr is the next-generation binary analysis platform devel-oped by the SecLab of University of California, Santa Barbara It is flexible, easy to work with, cross-platform and cross-architecture, and has many techniques from academia already implemented and embedded inside In this course, we will start about the fundamental underpinnings of angr, dynamic symbolic execution, and static binary analysis We will then demonstrate best practices in doing symbolic execution and data dependence tracking in angr In the end, we will show how angr can assist in bug hunting All demos will be performed on CTF challenges and real-world programs.

UR - http://www.scopus.com/inward/record.url?scp=85035781340&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85035781340&partnerID=8YFLogxK

U2 - 10.1109/SecDev.2017.14

DO - 10.1109/SecDev.2017.14

M3 - Conference contribution

SP - 8

EP - 9

BT - Proceedings - 2017 IEEE Cybersecurity Development Conference, SecDev 2017

PB - Institute of Electrical and Electronics Engineers Inc.

ER -