J-Viz: Sibling-First Recursive Graph Drawing for Visualizing Java   Bytecode

Md. Jawaherul Alam; Michael T. Goodrich; and Timothy Johnson

arXiv:1608.08970·cs.DS·September 1, 2016

J-Viz: Sibling-First Recursive Graph Drawing for Visualizing Java Bytecode

Md. Jawaherul Alam, Michael T. Goodrich, and Timothy Johnson

PDF

Open Access

TL;DR

J-Viz is a graph visualization tool for Java bytecode that uses a sibling-first recursive numbering scheme to help identify security issues and code reuse in Java applications.

Contribution

The paper introduces J-Viz, a novel visualization method using sibling-first recursive graph drawing tailored for Java bytecode analysis.

Findings

01

Effective in identifying security vulnerabilities

02

Helps detect repeated code usage

03

Facilitates understanding of Java bytecode structure

Abstract

We describe a graph visualization tool for visualizing Java bytecode. Our tool, which we call J-Viz, visualizes connected directed graphs according to a canonical node ordering, which we call the sibling-first recursive (SFR) numbering. The particular graphs we consider are derived from applying Shiver's k-CFA framework to Java bytecode, and our visualizer includes helpful links between the nodes of an input graph and the Java bytecode that produced it, as well as a decompiled version of that Java bytecode. We show through several case studies that the canonical drawing paradigm used in J-Viz is effective for identifying potential security vulnerabilities and repeated use of the same code in Java applications.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsSoftware Engineering Research · Data Visualization and Analytics · Advanced Malware Detection Techniques