Towards Industrial-Scale Software Binary Analysis
Spremljeno u:
| Izdano u: | PQDT - Global (2025) |
|---|---|
| Glavni autor: | |
| Izdano: |
ProQuest Dissertations & Theses
|
| Teme: | |
| Online pristup: | Citation/Abstract Full Text - PDF Full text outside of ProQuest |
| Oznake: |
Bez oznaka, Budi prvi tko označuje ovaj zapis!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 3288202058 | ||
| 003 | UK-CbPIL | ||
| 020 | |a 9798265488381 | ||
| 035 | |a 3288202058 | ||
| 045 | 2 | |b d20250101 |b d20251231 | |
| 084 | |a 189128 |2 nlm | ||
| 100 | 1 | |a Zhou, Anshunkang | |
| 245 | 1 | |a Towards Industrial-Scale Software Binary Analysis | |
| 260 | |b ProQuest Dissertations & Theses |c 2025 | ||
| 513 | |a Dissertation/Thesis | ||
| 520 | 3 | |a Computers play an indispensable role in our daily lives, providing a multitude of critical functions and services across areas such as communication, transportation, finance, and beyond. At the heart of modern computing lies a fundamental component: the software binary, a complex sequence of ones and zeroes that determines how specific tasks are executed on a computer. Ensuring the security and correctness of software binaries is of paramount importance, as vulnerabilities can have far-reaching consequences, potentially affecting financial systems and even human lives. However, analyzing software binaries at an industrial scale remains a significant challenge, primarily due to the difficulty of meeting three essential design requirements: rigor, non-intrusiveness, and scalability.This dissertation proposes a binary-centric solution to enhance industrial-scale software binary analysis, addressing these three requirements by contributing to several fundamental binary analysis techniques: binary lifting, binary similarity analysis, and fuzzing.First, we introduce a novel binary lifter, which translates software binaries directly into high-quality compiler-level intermediate representations (IRs) compatible with existing static analyzers, thereby enabling rigorous bug detection. Second, we propose a parallel binary lifting technique to address the scalability limitations of traditional lifters, allowing more efficient utilization of multi-core computers and scaling to extremely large binaries. Building on the IR code obtained through binary lifting, our third contribution is a binary similarity analysis technique that identifies third-party code within software binaries, enabling the reuse of existing knowledge and identification of zero-day vulnerabilities. Finally, extending beyond static analysis, our fourth contribution explores dynamic approaches by proposing a program-adaptive parallel fuzzer, which efficiently generates exploitable bugs with very low false-positive rates through runtime execution.Together, these contributions constitute a systematic solution for software binary analysis, capable of seamless integration into modern software development lifecycles to detect and prevent defects at an early stage. Our approaches have demonstrated tangible real-world impact, being deployed in CI/CD pipelines at major organizations to perform daily software quality checks. Using these techniques, we have successfully identified hundreds of high-risk defects in both industrial software products and open-source projects. Furthermore, our advancements in fundamental binary analysis techniques open avenues for exploration and innovation in related areas of research. | |
| 653 | |a Software quality | ||
| 653 | |a Plankton | ||
| 653 | |a Programming languages | ||
| 653 | |a Accuracy | ||
| 653 | |a Software development | ||
| 653 | |a Software reliability | ||
| 653 | |a Success | ||
| 653 | |a C plus plus | ||
| 653 | |a Open source software | ||
| 653 | |a Experiments | ||
| 653 | |a Optimization | ||
| 653 | |a Dissertations & theses | ||
| 653 | |a Breakdowns | ||
| 653 | |a Third party | ||
| 653 | |a Algorithms | ||
| 653 | |a Libraries | ||
| 653 | |a Ablation | ||
| 653 | |a Efficiency | ||
| 653 | |a Semantics | ||
| 653 | |a Biological oceanography | ||
| 653 | |a Computer science | ||
| 653 | |a Microbiology | ||
| 773 | 0 | |t PQDT - Global |g (2025) | |
| 786 | 0 | |d ProQuest |t ProQuest Dissertations & Theses Global | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/3288202058/abstract/embedded/6A8EOT78XXH2IG52?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/3288202058/fulltextPDF/embedded/6A8EOT78XXH2IG52?source=fedsrch |
| 856 | 4 | 0 | |3 Full text outside of ProQuest |u https://doi.org/10.14711/thesis-hdl152695 |