Skip to main content
SpringerLink
Log in

An Out-of-the-Box Dynamic Binary Analysis Tool for ARM-Based Linux

  • Conference paper
Book cover Cyberspace Safety and Security (CSS 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8300))

Included in the following conference series:

  • 2551 Accesses

Abstract

Dynamic binary analysis has demonstrated its strength in solving a wide-spectrum of computer security problems. However, existing DBA tools don’t support ARM-based OS. The latest version of Valgrind can support ARM executable, but it can’t perform the whole-system analysis. The other DBA/DBI frameworks, such as TEMU, PIN and DynamoRIO, do not support ARM architecture. This paper presents a dynamic analysis tool that can extract the whole- system view and analyze the behaviors in ARM-based OS in a whole-system out-of-the-box way. An exploitation analysis module is given to demonstrate how to develop an application module based on this DBA tools. The application example shows this DBA tool has the features of good feasibility and scalability.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Avraham, (Zuk) I.: Non-Executable Stack ARM Exploitation Research Paper. Blackhat (2011)

    Google Scholar 

  2. Ridley, S.A.: ARM exploitation and Hardware Hacking convergence memoirs. NoSuchCon 2013, Paris (2013)

    Google Scholar 

  3. Luk, C.-K., et al.: Pin: building customized program analysis tools with dynamic instrumentation. ACM Sigplan Notices 40(6) (2005)

    Google Scholar 

  4. Nethercote, N., Seward, J.: Valgrind: a framework for heavyweight dynamic binary instrumentation. ACM Sigplan Notices 42(6), 89–100 (2007)

    Article  Google Scholar 

  5. Yin, H., Song, D.: Temu: Binary code analysis via whole-system layered annotative execution. Submitted to VEE 10 (2010)

    Google Scholar 

  6. DynamoRIO: Dynamic Instrumentation Tool Platform, http://dynamorio.org/

  7. Bellard, F.: QEMU, A Fast and Portable Dynamic Translator. In: USENIX Annual Technical Conference, FREENIX Track (2005)

    Google Scholar 

  8. Garfinkel, T., Rosenblum, M.: A Virtual Machine Introspection Based Architecture for Intrusion Detection. In: NDSS (2003)

    Google Scholar 

  9. Liu, L., et al.: Exploitation and threat analysis of open mobile devices. In: Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems. ACM (2009)

    Google Scholar 

  10. Aafer, Y., Du, W., Yin, H.: DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android. In: SecureComm 2013 (in press, September 2013)

    Google Scholar 

  11. Yan, L.K., Yin, H.: Droidscope: seamlessly reconstructing the os and dalvik semantic views for dynamic android malware analysis. In: Proceedings of the 21st USENIX Security Symposium (2012)

    Google Scholar 

  12. Felt, A.P., et al.: A survey of mobile malware in the wild. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, ACM (2011)

    Google Scholar 

  13. Newsome, J., Song, D.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In: Proceedings of the 12th Annual Network and Distributed System Security Symposium, NDSS 2005 (2005)

    Google Scholar 

  14. Chen, S., et al.: Defeating memory corruption attacks via pointer taintedness detection. In: Proceedings of the International Conference on Dependable Systems and Networks, DSN 2005. IEEE (2005)

    Google Scholar 

  15. Yin, H., Song, D., Manuel, E., Kruegel, C., Kirda, E.: Panorama: capturing system-wide information flow for malware detection and analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM (2007)

    Google Scholar 

  16. Zhang, M., Prakash, A., Li, X., Liang, Z., Yin, H.: Identifying and analyzing pointer misuses for sophisticated memory-corruption exploit diagnosis. In: Proceedings of 19th Annual Network & Distributed System Security Symposium (2012)

    Google Scholar 

  17. Prakash, A., Yin, H., Liang, Z.: Enforcing system-wide control flow integrity for exploit detection and diagnosis. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security. ACM (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Zhengzhou Institute of Information Science and Technology, Zhengzhou, China

    Zhenyu Wang

  2. State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, China

    Yanqiu Ye & Ruimin Wang

Authors
  1. Zhenyu Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yanqiu Ye
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ruimin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Science and Engineering, Central South University, 410083, Changsha, Hunan, P.R. China

    Guojun Wang

  2. Computer Science Department, Colorado State University, 1873 Campus Delivery, 80523-1873, Fort Collins, CO, USA

    Indrakshi Ray

  3. Chinese Academy of Sciences, Institute of Software, 100190, Beijing, P.R. China

    Dengguo Feng

  4. information Security Group, City University London, EC1V 0HB, London, UK

    Muttukrishnan Rajarajan

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this paper

Cite this paper

Wang, Z., Ye, Y., Wang, R. (2013). An Out-of-the-Box Dynamic Binary Analysis Tool for ARM-Based Linux. In: Wang, G., Ray, I., Feng, D., Rajarajan, M. (eds) Cyberspace Safety and Security. CSS 2013. Lecture Notes in Computer Science, vol 8300. Springer, Cham. https://doi.org/10.1007/978-3-319-03584-0_34

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-03584-0_34

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-03583-3

  • Online ISBN: 978-3-319-03584-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation