| The micro-processor of ARM architecture is widely used in embedded systems. Binary reverse analysis is of significance on the dissection and security vulnerability analysis of embedded devices which use ARM processor. This thesis focuses on reverse analysis of the binaries for ARM architecture.Firstly, a binary parsing model based on the analysis of code semantics attributes is proposed and then a method of extracting code semantics attributes is discussed from two granularity levels that one is inside a single instruction and the other is among instruction sequence according to the characteristics of ARM instruction set and compiled code. Secondly, an intermediate language based on Static Single Assignment (SSA) is designed, which is named BRIL representing Binary Reverse Intermediate Language, and also the denotation semantics of BRIL is introduced. Thirdly, after analyzing the factors which affect ARM instruction's semantics, a descriptive model of instruction semantics dictionary is constructed and a core code transformation arithmetic based on semantics dictionary is designed aiming at the code semantics abstract from assembly representation to intermediate representation. Then three methods of code transformation based on SSA are proposed to solve the redundancy of the intermediate code represented by BRIL, including expression propagation, dead code elimination and expression algebraic simplification. Finally the dissertation implements a prototype tool called CodeSemantics Frontier.The prototype tool is tested and the results are presented. The results indicate that the tool can generate the input binary's BRIL representation which is independent of ARM instruction set effectively and the following analysis on high level code semantics abstract is well supported by BRIL code representation. |
PDF Full Text Request