Exploring Errors in Binary-Level CFG Recovery

Anjali Pare; Prasad Kulkarni

doi:10.5220/0012435400003648

Exploring Errors in Binary-Level CFG Recovery

Anjali Pare, Prasad Kulkarni

2024

Abstract

The control-flow graph (CFG) is a graphical representation of the program and holds information that is critical to the correct application of many other program analysis, performance optimization, and software security algorithms. While CFG generation is an ordinary task for source level tools, like the compiler, the loss of high-level program information makes accurate CFG recovery a challenging issue for binary-level software reverse engineering (SRE) tools. Earlier research shows that while advanced SRE tools can precisely reconstruct most of the CFG for the programs, important gaps and inaccuracies remain that may hamper critical tasks, from vulnerability and malicious code detection to adequately securing software binaries. In this work, we perform an in-depth analysis of control-flow graphs generated by three popular reverse engineering tools - angr, radare2 and Ghidra. We develop a unique methodology using manual analysis and automated scripting to understand and categorize the CFG errors over a large benchmark set. Of the several interesting observations revealed by this work, one that is particularly unexpected is that most errors in the reconstructed CFGs appear to not be intrinsic limitations of the binary-level algorithms, as currently believed, and may be simply eliminated by more robust implementations. We expect our work to lead to more accurate CFG reconstruction in SRE tools and improved precision for other algorithms that employ CFGs.

Download

Paper Citation

in Harvard Style

Pare A. and Kulkarni P. (2024). Exploring Errors in Binary-Level CFG Recovery. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP; ISBN 978-989-758-683-5, SciTePress, pages 546-557. DOI: 10.5220/0012435400003648

in Bibtex Style

@conference{icissp24,
author={Anjali Pare and Prasad Kulkarni},
title={Exploring Errors in Binary-Level CFG Recovery},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP},
year={2024},
pages={546-557},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012435400003648},
isbn={978-989-758-683-5},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP
TI - Exploring Errors in Binary-Level CFG Recovery
SN - 978-989-758-683-5
AU - Pare A.
AU - Kulkarni P.
PY - 2024
SP - 546
EP - 557
DO - 10.5220/0012435400003648
PB - SciTePress