| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
Static analysis is the foundation of vulnerability research (VR). Even with today's advanced genetic fuzzers, concolic analysis frameworks, emulation engines, and binary instrumentation tools, static analysis ultimately makes or breaks a successful VR program. In this talk, we will explore a method of enhancing our static analysis process using the GRAKN.AI implementation of Google's knowledge graph and explore the semantics from Binary Ninja's Medium Level static single assignment (SSA) intermediate language (IL) to perform inference queries on binary-only targets to identify vulnerabilities. John Toterhi is a cyber-security researcher at the Battelle Memorial Institute. He specializes in reverse engineering, vulnerability research, and tool development. John's recent research includes enhancing embedded RE via live memory-overlaid emulation, developing environment-aware tools, and defeating signature-diversity in malware with large-scale correlation via deep learning. John previously worked as a civilian malware analyst for the United States Air Force where he developed a passion for offensive security.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast