TY - GEN
T1 - Angr - The Next Generation of Binary Analysis
AU - Wang, Fish
AU - Shoshitaishvili, Yan
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/10/20
Y1 - 2017/10/20
N2 - Software is becoming increasingly more complex, and vul-nerabilities more subtle Better approaches are required to effectively analyze modern binaries, efficiently identify deeply buried defects, and intelligently assist human analysts with specific software reversing tasks Tons of good techniques and approaches regarding binary analysis have recently emerged from both academia and industry, many of which are fairly applicable to real-world binary research tasks However, due to the lack of a flexible and approachable binary analysis platform, testing and applying these techniques becomes a difficult job. angr is the next-generation binary analysis platform devel-oped by the SecLab of University of California, Santa Barbara It is flexible, easy to work with, cross-platform and cross-architecture, and has many techniques from academia already implemented and embedded inside In this course, we will start about the fundamental underpinnings of angr, dynamic symbolic execution, and static binary analysis We will then demonstrate best practices in doing symbolic execution and data dependence tracking in angr In the end, we will show how angr can assist in bug hunting All demos will be performed on CTF challenges and real-world programs.
AB - Software is becoming increasingly more complex, and vul-nerabilities more subtle Better approaches are required to effectively analyze modern binaries, efficiently identify deeply buried defects, and intelligently assist human analysts with specific software reversing tasks Tons of good techniques and approaches regarding binary analysis have recently emerged from both academia and industry, many of which are fairly applicable to real-world binary research tasks However, due to the lack of a flexible and approachable binary analysis platform, testing and applying these techniques becomes a difficult job. angr is the next-generation binary analysis platform devel-oped by the SecLab of University of California, Santa Barbara It is flexible, easy to work with, cross-platform and cross-architecture, and has many techniques from academia already implemented and embedded inside In this course, we will start about the fundamental underpinnings of angr, dynamic symbolic execution, and static binary analysis We will then demonstrate best practices in doing symbolic execution and data dependence tracking in angr In the end, we will show how angr can assist in bug hunting All demos will be performed on CTF challenges and real-world programs.
UR - http://www.scopus.com/inward/record.url?scp=85035781340&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85035781340&partnerID=8YFLogxK
U2 - 10.1109/SecDev.2017.14
DO - 10.1109/SecDev.2017.14
M3 - Conference contribution
AN - SCOPUS:85035781340
T3 - Proceedings - 2017 IEEE Cybersecurity Development Conference, SecDev 2017
SP - 8
EP - 9
BT - Proceedings - 2017 IEEE Cybersecurity Development Conference, SecDev 2017
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2017 IEEE Cybersecurity Development Conference, SecDev 2017
Y2 - 24 September 2017 through 26 September 2017
ER -