Cory Cohen
Software Engineering Institute
Publications by Cory Cohen
-
Advancing Cyber Operator Tradecraft Through Automated Static Binary Analysis
December 15, 2020 • Video
Cory CohenEdward J. SchwartzJeff Gennari
This presentation discusses three SEI research and development projects that help malware and vulnerability analysts.
watch -
Advancing Cyber Operator Tradecraft Through Automated Static Binary Analysis
November 03, 2020 • Presentation
Edward J. SchwartzCory Cohen
This presentation discusses three SEI research and development projects that help malware and vulnerability analysts.
read -
Poster - Recovering Meaningful Variable Names in Decompiled Code
November 03, 2020 • Poster
Edward J. SchwartzCory Cohen
This presentation describes DIRE, a novel probabilistic technique for variable name recovery that uses lexical and structural information.
read -
Poster - Improvements to Object Oriented Construct Recovery Using OOAnalyzer
November 03, 2020 • Poster
Cory CohenEdward J. Schwartz
This poster describes OOAnalyzer, which is now 50x faster and can analyze large programs.
read -
Reverse Engineering Object-Oriented Code with Ghidra and New Pharos Tools
February 06, 2020 • Podcast
Jeff GennariCory Cohen
Jeff Gennari and Cory Cohen discuss updates to the Pharos Binary Analysis Framework in GitHub, including a new plug-in to import OOAnalyzer analysis into the NSA's recently released Ghidra software reverse engineering tool suite.
learn more -
Automatically Understanding Executables
October 23, 2018 • Poster
Cory Cohen
This poster describes research aimed at reducing the cost of manual executable analysis for vulnerability discovery and malware analysis.
read -
Using Logic Programming to Recover C++ Classes and Methods from Compiled Executables
October 15, 2018 • Article
Edward J. SchwartzCory CohenMichael Duggan
This article describes OOAnalyzer, a system that statically recovers detailed C++ abstractions from executables in a scalable manner.
read -
Design Pattern Recovery from Malware Binaries
October 16, 2015 • Presentation
Cory Cohen
This 2015 Research Review presentation explores the challenges posed by automated binary analysis.
read -
Discovery of C++ Data Structures from Binaries
October 28, 2014 • Article
Dan Quinlan (Lawrence Livermore National Laboratory)Cory Cohen
In this article, the authors present the techniques to identify C++ data structures in binary executables.
read -
Supervised Learning for Provenance-Similarity of Binaries
October 28, 2014 • Article
Sagar ChakiCory CohenArie Gurfinkel
In this article, the authors present a notion of similarity based on provenance; two binaries are similar if they are compiled from the same source code with the same compilers.
read -
A Scalable Search Index for Binary Files
October 28, 2014 • Article
Wesley JinChuck HinesCory Cohen
In this article, the authors present a scalable architecture for searching and indexing terabyte-size collections of binary files.
read -
Binary Function Clustering using Semantic Hashes
October 28, 2014 • Article
Wesley JinSagar ChakiCory Cohen
In this article, the authors present an alternative to pair wise comparisons based on "hashing” that captures the semantics of functions as semantic hashes.
read -
Recovering C++ Objects From Binaries Using Inter-Procedural Data-Flow Analysis
October 28, 2014 • Article
Wesley JinCory CohenJeff Gennari
In this article, the authors present a static approach that uses symbolic execution and inter-procedural data flow analysis to discover object instances, data members, and methods of a common class.
read -
Results of SEI Line-Funded Exploratory New Starts Projects
August 01, 2012 • Technical Report
Len BassRick KazmanEdwin J. Morris
This report describes the line-funded exploratory new starts (LENS) projects that were undertaken during fiscal year 2011. For each project, the report presents a brief description and a recounting of the research that was done, as well as a synopsis of the results of the project.
read -
Results of SEI Independent Research and Development Projects (FY 2010)
February 01, 2011 • Technical Report
William AndersonDavid FisherDavid P. Gluch
This report describes results of independent research and development (IRAD) projects undertaken in fiscal year 2010.
read -
Responding to Intrusions
February 01, 1999 • Security Improvement Module
Klaus-Peter KossakowskiSuresh KondaWilliam R. Wilson
This 1999 report is one of a series of SEI publications that are intended to provide practical guidance to help organizations improve the security of their networked computer systems. This report is intended for system and network administrators, managers of information systems, and security personnel responsible for networked information resources.
read -
Preparing to Detect Signs of Intrusion
June 01, 1998 • Security Improvement Module
John KochmarJulia H. AllenChristopher J. Alberts
The practices contained in this 1998 report identify advance preparations you must make to enable you to obtain evidence of an intrusion or an intrusion attempt.
read