SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis

TLDR

Binary vulnerability discovery is difficult due to limited high‑level semantic information, yet its importance is growing as binary analysis often remains the sole means to verify executed code properties. The authors introduce a unified binary analysis framework that implements and systematizes existing techniques, enabling researchers to compose and extend them. The framework integrates multiple techniques into a single platform, facilitating direct comparison and evaluation against a DARPA dataset of binary vulnerability analysis. The framework has been open‑source and released to the security community.

Abstract

Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level, semantically rich information about data structures and control constructs makes the analysis of program properties harder to scale. However, the importance of binary analysis is on the rise. In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed. In this paper, we present a binary analysis framework that implements a number of analysis techniques that have been proposed in the past. We present a systematized implementation of these techniques, which allows other researchers to compose them and develop new approaches. In addition, the implementation of these techniques in a unifying framework allows for the direct comparison of these apporaches and the identification of their advantages and disadvantages. The evaluation included in this paper is performed using a recent dataset created by DARPA for evaluating the effectiveness of binary vulnerability analysis techniques. Our framework has been open-sourced and is available to the security community.

References

Page 1

	Year	Citations

Page 1