A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Aiding Static Analysis: Discovering Vulnerabilities in Binary Targets through Knowledge Graph Inferences - John Toterhi Derbycon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Aiding Static Analysis: Discovering Vulnerabilities in Binary Targets through Knowledge Graph Inferences
John Toterhi
Derbycon 2017

Static analysis is the foundation of vulnerability research (VR). Even with today's advanced genetic fuzzers, concolic analysis frameworks, emulation engines, and binary instrumentation tools, static analysis ultimately makes or breaks a successful VR program. In this talk, we will explore a method of enhancing our static analysis process using the GRAKN.AI implementation of Google's knowledge graph and explore the semantics from Binary Ninja's Medium Level static single assignment (SSA) intermediate language (IL) to perform inference queries on binary-only targets to identify vulnerabilities.

John Toterhi is a cyber-security researcher at the Battelle Memorial Institute. He specializes in reverse engineering, vulnerability research, and tool development. John's recent research includes enhancing embedded RE via live memory-overlaid emulation, developing environment-aware tools, and defeating signature-diversity in malware with large-scale correlation via deep learning. John previously worked as a civilian malware analyst for the United States Air Force where he developed a passion for offensive security.

@cetfor

Back to Derbycon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast