skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Creating an Interprocedural Analyst-Oriented Data Flow Representation for Binary Analysts (CIAO).

Abstract

National security missions require understanding third-party software binaries, a key element of which is reasoning about how data flows through a program. However, vulnerability analysts protecting software lack adequate tools for understanding data flow in binaries. To reduce the human time burden for these analysts, we used human factors methods in a rolling discovery process to derive user-centric visual representation requirements. We encountered three main challenges: analysis projects span weeks, analysis goals significantly affect approaches and required knowledge, and analyst tools, techniques, conventions, and prioritization are based on personal preference. To address these challenges, we initially focused our human factors methods on an attack surface characterization task. We generalized our results using a two-stage modified sorting task, creating requirements for a data flow visualization. We implemented these requirements partially in manual static visualizations, which we informally evaluated, and partially in automatically generated interactive visualizations, which have yet to be integrated into workflows for evaluation. Our observations and results indicate that 1) this data flow visualization has the potential to enable novel code navigation, information presentation, and information sharing, and 2) it is an excellent time to pursue research applying human factors methods to binary analysis workflows.

Authors:
Publication Date:
Research Org.:
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Sponsoring Org.:
USDOE National Nuclear Security Administration (NNSA)
OSTI Identifier:
1529591
Report Number(s):
SAND2018-14238
670958
DOE Contract Number:  
AC04-94AL85000
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English

Citation Formats

Leger, Michelle A. Creating an Interprocedural Analyst-Oriented Data Flow Representation for Binary Analysts (CIAO).. United States: N. p., 2018. Web. doi:10.2172/1529591.
Leger, Michelle A. Creating an Interprocedural Analyst-Oriented Data Flow Representation for Binary Analysts (CIAO).. United States. doi:10.2172/1529591.
Leger, Michelle A. Sat . "Creating an Interprocedural Analyst-Oriented Data Flow Representation for Binary Analysts (CIAO).". United States. doi:10.2172/1529591. https://www.osti.gov/servlets/purl/1529591.
@article{osti_1529591,
title = {Creating an Interprocedural Analyst-Oriented Data Flow Representation for Binary Analysts (CIAO).},
author = {Leger, Michelle A.},
abstractNote = {National security missions require understanding third-party software binaries, a key element of which is reasoning about how data flows through a program. However, vulnerability analysts protecting software lack adequate tools for understanding data flow in binaries. To reduce the human time burden for these analysts, we used human factors methods in a rolling discovery process to derive user-centric visual representation requirements. We encountered three main challenges: analysis projects span weeks, analysis goals significantly affect approaches and required knowledge, and analyst tools, techniques, conventions, and prioritization are based on personal preference. To address these challenges, we initially focused our human factors methods on an attack surface characterization task. We generalized our results using a two-stage modified sorting task, creating requirements for a data flow visualization. We implemented these requirements partially in manual static visualizations, which we informally evaluated, and partially in automatically generated interactive visualizations, which have yet to be integrated into workflows for evaluation. Our observations and results indicate that 1) this data flow visualization has the potential to enable novel code navigation, information presentation, and information sharing, and 2) it is an excellent time to pursue research applying human factors methods to binary analysis workflows.},
doi = {10.2172/1529591},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2018},
month = {12}
}