Demystifying Binary Static Analysis

Friday, March 30, 2012

Fergal Glynn


Article by Chris Wysopal

Recently, I was honored to be able to present a talk on Binary Static Analysis to an Intro to Security class at Tufts University.

The instructor, Ming Chow, approached me to speak to his class as he likes to bring in security practioners who are delivering security to their customers.

The slide to my presentation are here:

There does seem to be some mystery still to static binary analysis even though Veracode has been delivering this application security testing process to hundreds of customers with tens of thousands of applications for almost 5 years now.

One of my goals in this presentation is to make it clear that there is nothing source code analysis can do that binary analysis can’t. Binary analysis even has benefits over source code analysis. It may seem counter-intuitive, so you will want to see the presentation.

The students at Tufts asked about 20 questions after my presentation. They were the best questions I have ever gotten from a group. There were only a couple that I hadn’t fielded before but I had never had so much coverage of interesting questions that I had received before from one group.

There was one I struggled with about our control flow optimization. I almost deferred to Sam Guyer, a Tufts professor who also works for Veracode who was in the audience but I think I answered it well enough. The question was apt as there is always a depth of analysis tradeoff when dealing with large programs.

It was a very pleasurable talk and I was impressed by the students at Tufts. I hope you go into app sec. We can use you!

Cross-posted from Veracode

Possibly Related Articles:
Information Security
Testing Application Security Vulnerabilities Training Penetration Testing Secure Coding Source Code optimization Binary Static Analysis
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.