Tue 18 Jul 2023 14:00 - 14:15 at Smith Classroom (Gates G10) - ISSTA 4: Static Analysis Chair(s): Christian Hammer

Function entry identification is a crucial yet challenging task for binary disassemblers that has been the focus of research in the past decades. However, recent researches show that call frame information (CFI) provides accurate and almost complete function entries. With the aid of CFI, disassemblers have significant improvements in function entry detection. CFI is specifically designed for efficient stack unwinding, and every function has corresponding CFI in x64 and aarch64 architectures. Nevertheless, not every function and instruction unwinds the stack at runtime, and this observation has led to the development of techniques such as obfuscation to complicate function detection by disassemblers.

We propose a prototype of OCFI to obfuscate CFI based on this observation. The goal of OCFI is to obstruct function detection of popular disassemblers that use CFI as a way to detect function entries. We evaluated OCFI on a large-scale dataset that includes real-world applications and automated generation programs, and found that the obfuscated CFI was able to correctly unwind the stack and make the detection of function entries of popular disassemblers more difficult. Furthermore, on average, OCFI incurs a size overhead of only 4% and nearly zero runtime overhead.

Tue 18 Jul

Displayed time zone: Pacific Time (US & Canada) change

13:30 - 15:00
ISSTA 4: Static AnalysisTechnical Papers at Smith Classroom (Gates G10)
Chair(s): Christian Hammer University of Passau
13:30
15m
Talk
Detecting Vulnerabilities in Linux-Based Embedded Firmware with SSE-Based On-Demand Alias Analysis
Technical Papers
Kai Cheng Shenzhen Institute of Advanced Technology at Chinese Academy of Sciences; Sangfor Technologies, Yaowen Zheng Nanyang Technological University, Tao Liu Pennsylvania State University, Le Guan University of Georgia, Peng Liu Pennsylvania State University, Hong Li Institute of Information Engineering at Chinese Academy of Sciences, Hongsong Zhu Institute of Information Engineering at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Kejiang Ye Shenzhen Institute of Advanced Technology at Chinese Academy of Sciences, Limin Sun Institute of Information Engineering at Chinese Academy of Sciences; University of Chinese Academy of Sciences
DOI
13:45
15m
Talk
Beware of the Unexpected: Bimodal Taint AnalysisACM SIGSOFT Distinguished Paper
Technical Papers
Yiu Wai Chow University of Stuttgart, Max Schaefer GitHub, Michael Pradel University of Stuttgart
DOI
14:00
15m
Talk
OCFI: Make Function Entry Identification Hard Again
Technical Papers
Chengbin Pang Nanjing University, Tiantai Zhang Nanjing University, Xuelan Xu Nanjing University, Linzhang Wang Nanjing University, Bing Mao Nanjing University
DOI
14:15
15m
Talk
Tai-e: A Developer-Friendly Static Analysis Framework for Java by Harnessing the Good Designs of Classics
Technical Papers
Tian Tan Nanjing University, Yue Li Nanjing University
DOI Pre-print
14:30
15m
Talk
That’s a Tough Call: Studying the Challenges of Call Graph Construction for WebAssemblyACM SIGSOFT Distinguished Artifact
Technical Papers
Daniel Lehmann University of Stuttgart, Michelle Thalakottur Northeastern University, Frank Tip Northeastern University, Michael Pradel University of Stuttgart
DOI
14:45
15m
Talk
Eunomia: Enabling User-Specified Fine-Grained Search in Symbolically Executing WebAssembly BinariesACM SIGSOFT Distinguished Paper
Technical Papers
Ningyu He Peking University, Zhehao Zhao Peking University, Jikai Wang Huazhong University of Science and Technology, Yubin Hu Beijing University of Posts and Telecommunications, Shengjian (Daniel) Guo Baidu Security, Haoyu Wang Huazhong University of Science and Technology, Guangtai Liang Huawei Cloud Computing Technologies, Ding Li Peking University, Xiangqun Chen Peking University, Yao Guo Peking University
DOI