BAR 2023 Program

Abstract: Binary analysis is a fundamental technique in computer security, but applying it to IoT binaries is challenging due to the heterogeneity of IoT platforms. In this talk, Dr. Lin will highlight a line of recent efforts to enable binary analysis in IoTs using domain-specific insights. In particular, he will first discuss QtRE, a framework for analyzing Qt binaries that leverages Qt's unique signals and slots and dynamic introspection for control flow recovery and semantic inference. He will also showcase FirmXRay, a tool that uncovers link layer vulnerabilities from configurations in bare-metal firmware of Bluetooth Low Energy devices by exploiting point-to relations to recover the firmware's base address. Finally, he will explain how AutoMap unveils hidden memory mappings in peripheral registers, a unique problem in MCU firmware, through dynamic analysis. Dr. Lin will share his experiences of leveraging domain insights to solve specific binary analysis problems, offering insights into how domain-specific knowledge can unlock the potential of domain-aware binary analysis in the era of IoT.

Bio: Zhiqiang Lin is a Distinguished Professor of Engineering, and the director of Institute for Cybersecurity and Digital Trust at The Ohio State University. His research focuses on developing automated program analysis techniques for vulnerability discovery and malware analysis, as well as hardening systems and software using binary code rewriting, virtualization, and trusted execution environments. He has published over 140 papers on these and related topics. He is an ACM Distinguished Member and has received numerous awards, including the NSF CAREER award and the AFOSR YIP award. He received his Ph.D. in Computer Science from Purdue University.

Abstract: My career as a reverse engineer began in late 1990-x, when academic programs did not include program analysis yet. Program analysis was at that time a pure state of the art, and a knowledge base had been created by the security research community on the Internet on private and public forums. In the modern cybersecurity industry, program analysis has found a lot of applications. Program analysis and its automation have become the main driver for the research community to identify threats and find vulnerabilities. But in many cases we still use the same approaches which were developed in early 2000-x, so the industry has been slow to adopt the new techniques, and the program analysis tooling has been slow to evolve. While at the same time, we have made great progress in automating the program analysis and applying AI techniques to boost the analysis or improve previous results in academia. My keynote will focus on areas of research that can significantly help the cybersecurity industry to move forward by adopting innovations and what can be improved from my perspective.

Bio: Alex Matrosov is CEO and Founder of Binarly Inc. where he builds an AI-powered platform to protect devices against emerging firmware threats. Alex has more than two decades of experience with reverse engineering, advanced malware analysis, firmware security, and exploitation techniques. He served as Chief Offensive Security Researcher at Nvidia and Intel Security Center of Excellence (SeCoE). Alex is the author of numerous research papers and the bestselling award-winning book Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats. He is a frequently invited speaker at security conferences, such as REcon, Black Hat, Offensivecon, WOOT, DEF CON, and many others. Additionally, he was awarded multiple times by Hex-Rays for his open-source contributions to the research community.