BAR 2023 Program

DATE All times in PDT (UTC-7)
8:45 - 9:00AM Welcome and Introductory Remarks
9:00 - 10:00AM

Abstract: Binary analysis is a fundamental technique in computer security, but applying it to IoT binaries is challenging due to the heterogeneity of IoT platforms. In this talk, Dr. Lin will highlight a line of recent efforts to enable binary analysis in IoTs using domain-specific insights. In particular, he will first discuss QtRE, a framework for analyzing Qt binaries that leverages Qt's unique signals and slots and dynamic introspection for control flow recovery and semantic inference. He will also showcase FirmXRay, a tool that uncovers link layer vulnerabilities from configurations in bare-metal firmware of Bluetooth Low Energy devices by exploiting point-to relations to recover the firmware's base address. Finally, he will explain how AutoMap unveils hidden memory mappings in peripheral registers, a unique problem in MCU firmware, through dynamic analysis. Dr. Lin will share his experiences of leveraging domain insights to solve specific binary analysis problems, offering insights into how domain-specific knowledge can unlock the potential of domain-aware binary analysis in the era of IoT.

Bio: Zhiqiang Lin is a Distinguished Professor of Engineering, and the director of Institute for Cybersecurity and Digital Trust at The Ohio State University. His research focuses on developing automated program analysis techniques for vulnerability discovery and malware analysis, as well as hardening systems and software using binary code rewriting, virtualization, and trusted execution environments. He has published over 140 papers on these and related topics. He is an ACM Distinguished Member and has received numerous awards, including the NSF CAREER award and the AFOSR YIP award. He received his Ph.D. in Computer Science from Purdue University.

10:00 - 10:30AM Break
10:30 - 12:30PM Session 1: Assisting Binary Analysis
Blaze: A Framework for Interprocedural Binary Analysis
Matthew Revelle, Matt Parker, Kevin Orr (Kudu Dynamics)
Paper Slides Code
RCABench: Open Benchmarking Platform for Root Cause Analysis
Keisuke Nishimura, Yuichi Sugiyama, Yuki Koike, Masaya Motoda, Tomoya Kitagawa, Toshiki Takatera, Yuma Kurogome (Ricerca Security, Inc.)
Paper Slides Code
Best Paper Award.
Accurate Compiler and Optimization Independent Function Identification Using Program State Transformations
Derrick McKee (Purdue University), Nathan Burow (MIT Lincoln Laboratory), Mathias Payer (EPFL)
Paper Slides Code
podft: On Accelerating Dynamic Taint Analysis with Precise Path Optimization
Zhiyou Tian (Xidian University), Cong Sun (Xidian University), Dongrui Zeng (Palo Alto Networks), Gang Tan (Pennsylvania State University)
Paper Slides
12:30 - 2:00PM Lunch
2:00 - 3:00PM

Abstract: My career as a reverse engineer began in late 1990-x, when academic programs did not include program analysis yet. Program analysis was at that time a pure state of the art, and a knowledge base had been created by the security research community on the Internet on private and public forums. In the modern cybersecurity industry, program analysis has found a lot of applications. Program analysis and its automation have become the main driver for the research community to identify threats and find vulnerabilities. But in many cases we still use the same approaches which were developed in early 2000-x, so the industry has been slow to adopt the new techniques, and the program analysis tooling has been slow to evolve. While at the same time, we have made great progress in automating the program analysis and applying AI techniques to boost the analysis or improve previous results in academia. My keynote will focus on areas of research that can significantly help the cybersecurity industry to move forward by adopting innovations and what can be improved from my perspective.

Bio: Alex Matrosov is CEO and Founder of Binarly Inc. where he builds an AI-powered platform to protect devices against emerging firmware threats. Alex has more than two decades of experience with reverse engineering, advanced malware analysis, firmware security, and exploitation techniques. He served as Chief Offensive Security Researcher at Nvidia and Intel Security Center of Excellence (SeCoE). Alex is the author of numerous research papers and the bestselling award-winning book Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats. He is a frequently invited speaker at security conferences, such as REcon, Black Hat, Offensivecon, WOOT, DEF CON, and many others. Additionally, he was awarded multiple times by Hex-Rays for his open-source contributions to the research community.

3:00 - 3:30PM Break
3:30 - 5:00PM Session 2: New Techniques and Results
Understanding MPU Usage in Microcontroller-based Systems in the Wild
Wei Zhou, Zhouqi Jiang (School of Cyber Science and Engineering, Huazhong University of Science and Technology), Le Guan (School of Computing, University of Georgia)
Paper Slides
FCGAT: Interpretable Malware Classification Method using Function Call Graph and Attention Mechanism
Minami Someya (Institute of Information Security), Yuhei Otsubo (National Police Academy), Akira Otsuka (Institute of Information Security)
Paper Slides
PISE: Protocol Inference using Symbolic Execution and Automata Learning
Ron Marcovich, Orna Grumberg, Gabi Nakibly (Technion, Israel Institute of Technology)
Paper Slides Code
dewolf: Improving Decompilation by leveraging User Surveys
Steffen Enders, Eva-Maria C. Behner, Niklas Bergmann, Mariia Rybalka, Elmar Padilla (Fraunhofer FKIE, Germany), Er Xue Hui, Henry Low, Nicholas Sim (DSO National Laboratories, Singapore)
Paper Slides Code
5:00 - 5:15PM Best Paper Award and Closing Remarks