Browse > Article
http://dx.doi.org/10.13089/JKIISC.2017.27.6.1331

Instrumentation Performance Measurement Technique for Evaluating Efficiency of Binary Analysis Tools  

Lee, Minsu (Cyber Security Research Center, Korea Advanced Institute of Science and Technology)
Lee, Jehyun (Cyber Security Research Center, Korea Advanced Institute of Science and Technology)
Kim, Hobin (Cyber Security Research Center, Korea Advanced Institute of Science and Technology)
Ryu, Chanho (Cyber Security Research Center, Korea Advanced Institute of Science and Technology)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.27, no.6, 2017 , pp. 1331-1345 More about this Journal
Abstract
Binary instrumentation has been developed for monitoring and debugging executables without their source codes. Previous efforts on the binary instrumentation are mainly focused on its capability and accuracy, but not on efficiency for practical application. In particular, criteria and measurement methodologies for evaluating and comparing the efficiency of binary investigation tools and algorithms do not estimated yet. In this paper, we propose the instrumentation primitives which are a unit functionality and measurement methodology. Through the empirical experiments by adopting the proposed methodology on DynamoRIO and Pin, we show the feasibility of the proposal.
Keywords
Binary instrumentation; overhead measurement; instrumentation primitives;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Lehman, M.M., "Programs, life cycles, and laws of software evolution," Proceedings of the IEEE, vol. 68, no. 9, pp. 1060-1076, Sep. 1980   DOI
2 Lehman, M.M., Ramil, J.F., Wernick, P.D., Perry, D.E. and Turski, W.M., "Metrics and laws of software evolution-the nineties view," Software Metrics Symposium, 1997. Proceedings., Fourth International, pp. 20-32, Nov. 1997
3 Ebert, C. and Jones, C., "Embedded software: Facts, figures, and future," Computer, vol. 42, no. 4, pp. 42-52, Apr. 2009   DOI
4 Newsome, James, and Dawn Song. "Dynamic taint analysis: Automatic detection, analysis, and signature generation of exploit attacks on commodity software," In Proceedings of the 12th Network and Distributed Systems Security Symposium, Feb. 2005
5 SPEC CPU 2006. https://www.spec.org/cpu2006/
6 DynamoRIO. http://dynamorio.org/
7 Luk, C.K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V.J. and Hazelwood, K., "Pin: building customized program analysis tools with dynamic instrumentation," In ACM Sigplan Notices, vol. 40, no. 6, pp. 190-200, June. 2005
8 Laurenzano, M.A., Tikir, M.M., Carrington, L. and Snavely, A., "Pebil: Efficient static binary instrumentation for linux," In Performance Analysis of Systems & Software (ISPASS), 2010 IEEE International Symposium on, pp. 175-183, Mar. 2010
9 Srivastava, Amitabh, Andrew Edwards, and Hoi Vo. Vulcan: Binary transformation in a distributed environment. technical report msr-tr-2001-50, microsoft research, 2001
10 Bernat, A.R. and Miller, B.P., "Anywhere, any-time binary instrumentation," In Proceedings of the 10th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools, pp. 9-16. Sep. 2011
11 Zhang, M., Qiao, R., Hasabnis, N. and Sekar, R., "A platform for secure static binary instrumentation," ACM SIGPLAN Notices, vol 49, no. 7, pp. 129-140. Jan. 2014
12 Nethercote, N. and Seward, J.,"Valgrind: a framework for heavyweight dynamic binary instrumentation," In ACM Sigplan notices, vol. 42, no. 6, pp. 89-100, June. 2007
13 Hunt, Galen, and Doug Brubacher. "Detours: Binaryinterception ofwin 3 2 functions," 3rd usenix windows nt symposium, July. 1999
14 BEAUCHAMP, Tiller; WESTON, David. Dtrace: The reverse engineer's unexpected swiss army knife. Blackhat Europe. 2008
15 Scott, K., Davidson, J.W. and Skadron, K., Low-overhead software dynamic translation. University of Virginia, Charlottesville, VA, 2001
16 Intel, Intel Microarchitecture codename Nehalem performance monitoring unit pr ogramming guide, https://software.intel.com/en-us/articles/intel-microarchitecture-codename-nehalem-performancemonitoring-unit-programming-guide-1.
17 Intel developer zone, Processor Tracing. https://software.intel.com/en-us/blogs/2013/09/18/processor-tracing.
18 Tikir, M.M. and Hollingsworth, J.K., "Efficient instrumentation for code coverage testing," In ACM SIGSOFT Software Engineering Notes, vol. 27, no. 4, pp. 86-96, July. 2002
19 RUIZ-ALVAREZ, Arkaitz; HAZELWOOD, Kim, "Evaluating the impact of dynamic binary translation systems on hardware cache performance," In: Workload Characterization, 2008. IISWC 2008. IEEE International Symposium on. IEEE, 2008, pp. 131-140, Sep. 2008
20 Soffa, M.L., Walcott, K.R. and Mars, J., "Exploiting hardware advances for software testing and debugging (nier track)," In Proceedings of the 33rd International Conference on Software Engineering, pp. 888-891, May. 2011
21 Walcott-Justice, K., Mars, J. and Soffa, M.L., "THeME: a system for testing by hardware monitoring events," In Proceedings of the 2012 International Symposium on Software Testing and Analysis, pp. 12-22, July. 2012
22 Schwartz, E.J., Avgerinos, T. and Brumley, D., "All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask)," In 2010 IEEE Symposium on Security and Privacy, pp. 317-331, May. 2010
23 Bob Jenkins, one-at-a-time hash. http://collaboration.cmc.ec.gc.ca/science/rpn/ iblio/ddj/Website/articles/DDJ/1997/9709/9709n/9709n.htm
24 Derek Bruening, Building Dynamic Tools with DynamoRIO on x86 and ARMv8. http://cgo.org/cgo2017/workshop-program.html
25 E. Duesterwald and V. Bala, "Software profiling for hot path prediction: less is more," In ACM SIGPLAN Notices, vol. 35, no 11, pp. 202-211, Nov. 2000