| Decompilation is a ProgramTransformation by which a high-level source code for an executable program is discovered. Decompilation is the inverse of Program Compilation. It plays an essential role in the process of software porting, program comprehension, and code maintenance. There are many applications for decompiled source code, including inspections for malware, bugs, and vulnerabilities. It is also useful for revealing program interoperability. Existing static machine code decompiles have significant deficiencies, such as poor handling of indirect jumps and calls, none exact means dealing with pointer alias, and many assumptions required for the target program. All of these problems rise from the static analysis method. The decompilation base system described in this thesis use a dynamic binary translation method to overcome these problems by recording the real execution path and variable releationship during the runtime.The mainly contributions of this thesis are as follows:1. Designed Decompilation Base Platform Dynamic Analyzer, proved the effectiveness of dynamic decompilation..2. Used Dynamic construction of Control Flow Graph algorithm to overcome obfuscation problems.3. Proposed Dynamic Pointer Alias Analysis method, which can make the decompiled result more exact.4. Improved shadow stack method, which can be used to identification fake call subroutines. |
PDF Full Text Request