Aiding Static Analysis: Discovering Vulnerabilities in Binary Targets through Knowledge Graph Inferences

DerbyCon 7.0 - Legacy

Presented by: John Toterhi
Date: Sunday September 24, 2017
Time: 10:00 - 10:50
Location: Track 1 - Break Me

Static analysis is the foundation of vulnerability research (VR). Even with today's advanced genetic fuzzers, concolic analysis frameworks, emulation engines, and binary instrumentation tools, static analysis ultimately makes or breaks a successful VR program. In this talk, we will explore a method of enhancing our static analysis process using the GRAKN.AI implementation of Google's knowledge graph and explore the semantics from Binary Ninja's Medium Level static single assignment (SSA) intermediate language (IL) to perform inference queries on binary-only targets to identify vulnerabilities.

John Toterhi

John Toterhi is a cyber-security researcher at the Battelle Memorial Institute. He specializes in reverse engineering, vulnerability research, and tool development. John's recent research includes enhancing embedded RE via live memory-overlaid emulation, developing environment-aware tools, and defeating signature-diversity in malware with large-scale correlation via deep learning. John previously worked as a civilian malware analyst for the United States Air Force where he developed a passion for offensive security. @cetfor


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats