A dynamically linked library based indirect call function analysis for detecting banned API usage in binary code

Research output: Contribution to journalArticlepeer-review

Abstract

The use of Inherently Dangerous Function could cause vulnerabilities in a program which makes it disadvantageous. If the source code exits, this problem can easily be solved by simply removing the use of dangerous functions based on the list of prohibited functions. However, if only the binary code exits, it is difficult to analyze the list of functions used in the code. Furthermore, it is challenging to understand the information of functions used in analysis, such as reverse engineering, because a lot of the information in library functions that are linked dynamically in a typical binary file has been removed. In this paper, we propose a method to find indirectly called function information by using the information when calling a function in binary code based on indirect calling method used in the windows environment.

Original languageEnglish
Pages (from-to)79-88
Number of pages10
JournalInternational Journal of Grid and Distributed Computing
Volume11
Issue number3
DOIs
StatePublished - 2018

Keywords

  • Code analysis
  • Indirect call
  • Secure software
  • Vulnerable function

Fingerprint

Dive into the research topics of 'A dynamically linked library based indirect call function analysis for detecting banned API usage in binary code'. Together they form a unique fingerprint.

Cite this