CAREER: Re-configurable, Source-Language-Agnostic Decompilation for Binary Programs
Arizona State University, Scottsdale AZ
Investigators
Abstract
Software security is crucial in modern times. With or without people’s awareness, from personal computers to smart phones, from critical infrastructure to cyber-physical systems, software is powering tens of billions of devices and systems. These systems are commonly attacked by an adversarial type of software, malware, which is developed and deployed by cyber criminals. Unfortunately, the inaccessibility of source code of software severely hampers the effort of making software and systems more secure from two aspects: (a) Not having access to source code of common software makes it harder for software auditors to discover and mitigate software defects and backdoors; (b) Not having access to source code of malware makes it harder for security analysts to understand and defeat cyber threats in a timely manner. Despite years of research, modern tools and techniques in the field are insufficient in recovering readable source code from software artifacts. Therefore, developing new technologies and tools to effectively recover source code from software will greatly improve the security of modern software, which will in turn benefit the security of the entire society. Decompilation refers to the process of recovering source code from software that is already compiled into machine code. This research project consists of three major research thrusts with the final goal of developing a set of new techniques to support a purpose-specific and source-language-agnostic binary decompiler. First, recognizing different tasks in security analysis may have different end goals (e.g., the readability of a single function versus the understandability of program-level data flows), this project will systematically study common security-specific purposes for decompilation. For each purpose, this project will develop specific decompilation and optimization techniques. Second, this research project will generate new theories and methods to transform monolithic binary decompilation practices into modular, pluggable, and configurable techniques and steps. Finally, the crux of this project will be studying the automated generation of compiler-specific models and techniques for transforming binaries compiled in high-level languages (e.g., Visual Basic 6, C++, Go, and Rust) into high-quality pseudo-source code output that exhibits features in the original high-level programming languages. Besides research publications, this project will produce a fully open-sourced, source-language-agnostic binary decompilation framework, which will facilitate activities in security industry, research, education, and among enthusiasts. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →