Search Icon
Register

Beyond the Bytes: Understanding the Limitations of Intrinsic Binary Analysis

Peter Lafosse (Owner and Co-Founder of Vector 35 Inc.)

Binary analysis serves as a foundational technique for a wide array of cybersecurity tasks, including vulnerability identification and malware analysis. While these methods have evolved to become incredibly powerful, they are inherently bounded by the limitations of what can be inferred solely from the binary data within a file. This talk aims to provide an in-depth exploration of both the capabilities and the constraints of binary analysis, dissecting the fundamental goals that drive its usage and to explore potential solutions to these constraints. We will investigate the common objectives of binary analysis, such as code understanding, bug hunting, and threat analysis, and evaluate how these goals often remain unmet when confined to mere binary introspection. This talk will argue that while binary analysis is indispensable, it cannot be the sole methodology employed for a comprehensive solution. The presentation will advocate for the integration of external data sources, contextual information, runtime behavior, and most importantly machine learning and large language models as essential components for enriching the output of binary analysis tools. By fusing binary data with external inputs, we can transcend the inherent limitations and offer a more nuanced, accurate, and actionable analysis for our users.

Bio: Peter LaFosse, is an industry veteran. He started his journey 18 years ago working at SI Government Solutions (later acquired by Raytheon) finding and exploiting software vulnerabilities, writing tools to the same effect and running teams as well. He is a recipient of a coveted DEFCON Black Badge for Capture the Flag where he was the offensive team leader. Having served his time as a defense contractor and being dissatisfied with the tools available for software reverse engineering he co-founded Vector 35 with his business partners with the aim of building the next generation of decompiler. Eight years later Binary Ninja stands as one of the most highly regarded products in the industry.

View More Papers

coucouArray ( [post_type] => ndss-paper [post_status] => publish [posts_per_page] => 4 [orderby] => rand [tax_query] => Array ( [0] => Array ( [taxonomy] => category [field] => id [terms] => Array ( [0] => 37 [1] => 104 ) ) ) [post__not_in] => Array ( [0] => 17334 ) )

Binary Code Patching: An Ancient Art Refined for the...

Dr. Barton P. Miller (Vilas Distinguished Achievement Professor at The University of Wisconsin-Madison)

Read More

EM Eye: Characterizing Electromagnetic Side-channel Eavesdropping on Embedded Cameras

Yan Long (University of Michigan), Qinhong Jiang (Zhejiang University), Chen Yan (Zhejiang University), Tobias Alam (University of Michigan), Xiaoyu Ji (Zhejiang University), Wenyuan Xu (Zhejiang University), Kevin Fu (Northeastern University)

Read More

Stacking up the LLM Risks: Applied Machine Learning Security

Dr. Gary McGraw, Berryville Institute of Machine Learning

Read More

Eavesdropping on Black-box Mobile Devices via Audio Amplifier's EMR

Huiling Chen (College of Computer Science and Electronic Engineering, Hunan University, Changsha, China), Wenqiang Jin (College of Computer Science and Electronic Engineering, Hunan University, Changsha, China), Yupeng Hu (College of Computer Science and Electronic Engineering, Hunan University, Changsha, China), Zhenyu Ning (College of Computer Science and Electronic Engineering, Hunan University, Changsha, China), Kenli Li (College…

Read More

Privacy Starts with UI: Privacy Patterns and Designer Perspectives in UI/UX Practice

Anxhela Maloku (Technical University of Munich), Alexandra Klymenko (Technical University of Munich), Stephen Meisenbacher (Technical University of Munich), Florian Matthes (Technical University of Munich)

Vision: Profiling Human Attackers: Personality and Behavioral Patterns in Deceptive Multi-Stage CTF Challenges

Khalid Alasiri (School of Computing and Augmented Intelligence Arizona State University), Rakibul Hasan (School of Computing and Augmented Intelligence Arizona State University)

From Underground to Mainstream Marketplaces: Measuring AI-Enabled NSFW Deepfakes on Fiverr

Mohamed Moustafa Dawoud (University of California, Santa Cruz), Alejandro Cuevas (Princeton University), Ram Sundara Raman (University of California, Santa Cruz)