YoVDO

Aiding Static Analysis - Discovering Vulnerabilities in Binary Targets through Knowledge Graph

Offered By: YouTube

Tags

Conference Talks Courses Assembly Language Courses Ontology Courses Inference Courses Knowledge Graphs Courses Static Analysis Courses Binary Analysis Courses

Course Description

Overview

Explore advanced techniques for discovering vulnerabilities in binary targets using knowledge graphs and static analysis. Learn about the workflow involving Assembly, SSA, Binary Ninja, and the Binary Ninja Plugin. Dive into the Kraken system, ontology, inference, and query language for hunting undefined behaviors. Examine the DARPA Cyber Grand Challenge, buffer overflow challenges, and source code analysis. Understand function nodes, running Kraken, tool sets, PM Analyze, and output interpretation. Discover the importance of CWE scripts and migration in vulnerability detection. This 48-minute conference talk from Derbycon 7 (2017) provides valuable insights into cutting-edge methods for enhancing binary security analysis.

Syllabus

Introduction
Overview
Workflow
Assembly
SSA
Binary Ninja
Binary Ninja Plugin
Kraken
Walks
Ontology
Inference
Query Language
Hunting
Undefined
Binary Ninja Image
Union
Comments
DARPA CyberGrand Challenge
DARPA
Buffer Overflow
Challenges
Source Code
Function Node
Running Kraken
Tool Set
PM Analyze
PM Analyze Output
Migration
CWE Scripts
What does this mean
What does this tell us
What I want out of this


Related Courses

Threat Hunting with Yara
Pluralsight Reverse Engineering 3201: Symbolic Analysis
OpenSecurityTraining2 via Independent Firing Rounds at the Analysis Shooting Gallery - CSAW'16 Security Workshop
New York University (NYU) via YouTube angr: Binary Analysis Framework - Demonstration and Analysis
New York University (NYU) via YouTube Debin: Predicting Debug Information in Stripped Binaries
Association for Computing Machinery (ACM) via YouTube