search menu icon-carat-right cmu-wordmark

Advancing Cyber Operator Tradecraft Through Automated Static Binary Analysis

November 2020 Presentation
Edward J. Schwartz, Cory Cohen

This presentation discusses three SEI research and development projects that help malware and vulnerability analysts.

Publisher:

Software Engineering Institute

Abstract

Highly skilled Department of Defense (DoD) malware and vulnerability analysts must devote significant time to manual tasks. For several years, CMU SEI has been researching automated solutions that will free limited analyst resources for more meaningful work. Three SEI research threads highlight these efforts:

  • recovering meaningful variable names in decompiled code
  • program reachability for vulnerability and malware analysis
  • improvements to object-oriented construct recovery using OOAnalyzer