Backward-Bounded DSE - Targeting Infeasibility Questions on Obfuscated Codes

Explore a 22-minute IEEE conference talk on Backward-bounded DSE, a novel approach for addressing infeasibility questions in software deobfuscation and malware analysis. Learn how this method complements existing Dynamic Symbolic Execution techniques by offering a precise, efficient, and robust solution for detecting protection schemes like opaque predicates and call stack tampering. Discover the successful application of Backward-bounded DSE on state-of-the-art packers and the government-grade X-Tunnel malware, leading to complete deobfuscation. Gain insights into sparse disassembly, a combination of Backward-bounded DSE and static disassembly that enhances dynamic disassembly capabilities for heavily-obfuscated binaries. Understand the potential impact of this research on developing more robust, efficient, and precise disassembly tools for security analysis.

Introduction
Why Manual Duplication
Control Flow Graph Recovery
Binary Code
Attack Predicate
Tag Tampering
Small Graph
Dynamic Analysis
Dynamic Symbolic Execution
Challenge
Experimental Evaluation
Control Experiments
Conclusion