TL;DR
This paper systematically analyzes nine popular open-source binary disassembly tools, evaluating their strategies and performance on thousands of binaries to guide users and researchers in understanding their strengths and weaknesses.
Contribution
It provides the first comprehensive classification and experimental evaluation of disassembly strategies, combining manual code base analysis with large-scale testing.
Findings
Principled algorithms are common across tools.
Heuristics significantly influence code coverage.
Different heuristics lead to trade-offs in coverage and correctness.
Abstract
Disassembly of binary code is hard, but necessary for improving the security of binary software. Over the past few decades, research in binary disassembly has produced many tools and frameworks, which have been made available to researchers and security professionals. These tools employ a variety of strategies that grant them different characteristics. The lack of systematization, however, impedes new research in the area and makes selecting the right tool hard, as we do not understand the strengths and weaknesses of existing tools. In this paper, we systematize binary disassembly through the study of nine popular, open-source tools. We couple the manual examination of their code bases with the most comprehensive experimental evaluation (thus far) using 3,788 binaries. Our study yields a comprehensive description and organization of strategies for disassembly, classifying them as either…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
