A Semantics-Based Approach To Concept Assignment In Assembly Code

Reverse engineering is a cyber-security task used to investigate functionality or identify vulnerabilities of compiled software. Reverse engineers analyze unprotected assembly code to these ends-which is difficult since assembly code is stripped of semantic information. In this paper, we present a formal method for mapping concepts to locations in assembly code and extracting information about their use. To do this, we model concept assignment using the operational semantics of a formal language. To guide concept assignment, we define a knowledge representation data model to integrate with the dynamic analysis process. The data model organizes concepts to reflect a reverse engineer's mental model when performing reverse engineering tasks. We illustrate our method by recognizing dynamically allocated data structures in assembly programs. By formalizing concept assignment in assembly code, tools and models can be developed that assist reverse engineers-thus improving their ability to investigate malware or discover vulnerabilities.