Dynamic program analysis is extremely successful both in code debugging and in malicious code attacks. Fuzzing, concolic, and monkey testing are instances of the more general problem of analysing programs by dynamically executing their code with selected inputs. While static program analysis has a beautiful and well established theoretical foundation in abstract interpretation, dynamic analysis still lacks such a foundation. In this paper, we introduce a formal model for understanding the notion of precision in dynamic program analysis. It is known that in sound-by-construction static program analysis the precision amounts to completeness. In dynamic analysis, which is inherently unsound, precision boils down to a notion of coverage of exec...
Symbolic and concolic execution find important applications in a number of security-related program ...
Being able to properly represent dynamic code, or the notion of code that is created/modified at run...
Dynamic languages, such as JavaScript, employ string-to-code primitives to turn dynamically generate...
Static and dynamic program analyses attempt to extract useful information on program’s behaviours. S...
Obfuscation is used to protect programs from analysis and reverse engineering. There are theoretical...
Obfuscation is the art of making code hard to reverse engineer and understand. In this paper, we pro...
This report addresses de-obfuscation on programs. The targeted obfuscation scheme is the control flo...
We show that abstract interpretation-based static program analysis can be made ecient and precise en...
In this paper, our aim is to propose a model for code abstraction, based on abstract interpretation,...
This thesis examines code obfuscation techniques to protect software against analysis and unwanted m...
Typically, dynamic-analysis techniques operate on a small subset of all possible program behaviors,...
Control code obfuscation is intended to prevent malicious reverse engineering of software by masking...
textMany challenges in software quality can be tackled with dynamic analysis. However, these techniq...
Automatic malware analysis is an essential part of today's computer security practices. Nearly one m...
Virtually no realistic whole-program static analysis is sound, i.e., guaranteed to over-approximate ...
Symbolic and concolic execution find important applications in a number of security-related program ...
Being able to properly represent dynamic code, or the notion of code that is created/modified at run...
Dynamic languages, such as JavaScript, employ string-to-code primitives to turn dynamically generate...
Static and dynamic program analyses attempt to extract useful information on program’s behaviours. S...
Obfuscation is used to protect programs from analysis and reverse engineering. There are theoretical...
Obfuscation is the art of making code hard to reverse engineer and understand. In this paper, we pro...
This report addresses de-obfuscation on programs. The targeted obfuscation scheme is the control flo...
We show that abstract interpretation-based static program analysis can be made ecient and precise en...
In this paper, our aim is to propose a model for code abstraction, based on abstract interpretation,...
This thesis examines code obfuscation techniques to protect software against analysis and unwanted m...
Typically, dynamic-analysis techniques operate on a small subset of all possible program behaviors,...
Control code obfuscation is intended to prevent malicious reverse engineering of software by masking...
textMany challenges in software quality can be tackled with dynamic analysis. However, these techniq...
Automatic malware analysis is an essential part of today's computer security practices. Nearly one m...
Virtually no realistic whole-program static analysis is sound, i.e., guaranteed to over-approximate ...
Symbolic and concolic execution find important applications in a number of security-related program ...
Being able to properly represent dynamic code, or the notion of code that is created/modified at run...
Dynamic languages, such as JavaScript, employ string-to-code primitives to turn dynamically generate...