On February 14th, Dawn Song of UC Berkeley held a seminar on binary analysis: TRUST Seminar: BitBlaze: a Binary-centric Approach to Computer Security. This seminar was open to the public.
Binary analysis is imperative for protecting COTS (common off-the-shelf) programs and analyzing and defending against the myriad of malicious code, where source code is unavailable, and the binary may even be obfuscated. Also, binary analysis provides the ground truth about program behavior since computers execute binaries (executables), not source code. In this talk, I will present the BitBlaze project, a binary-centric approach to computer security: how we can address a wide-spectrum of different security problems by analyzing program binaries and automatically extracting security related properties from them. In particular, I will describe the two central research directions of BitBlaze: (1) the design and development of the underlying BitBlaze Binary Analysis Platform, and (2) applying the BitBlaze Binary Analysis Platform to addressing real-world security problems, including automatic vulnerability signature generation, a unified framework for malware analysis, and automatic deviation detection.