Back To Schedule
Thursday, November 3 • 2:15pm - 3:00pm
rev.ng: a QEMU- and LLVM-based static binary analysis framework

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

rev.ng is an open-source static binary analysis framework based on QEMU
and LLVM. Its core component, revamb, is a static binary translator
which aims is to translate a Linux program compiled for any of the 17
ISAs supported by QEMU and produce an equivalent binary for a, possibly
different, architecture supported by the LLVM compiler framework. 

revamb aims to translate and re-optimize legacy/closed source programs
but can also be employed for a number of security-related purposes,
such as retrofitting binary hardening techniques (e.g., CFI) or
instrumenting existing binaries with good performance figures (e.g., for
black box fuzzing purposes).

More in general, rev.ng can be used to perform binary analysis on a wide
range of architectures in the comfortable LLVM environment. As an
example, rev.ng can be used to recover high-level information such as
an accurate CFG and function boundaries from a binary program.

At its current status, revamb is able to successfully translate the 105
coreutils binaries compiled for ARM, x86-64 and MIPS and pass over 80%
of coreutils's testsuite on all of them. The programs have been linked
statically, therefore they include handwritten assembly and their text
is in the order of the hundreds of kilobytes.


Alessandro Di Federico

PhD student, Politecnico di Milano
I'm interested in several topics concerning the computer security field. My main focus is currently static binary analysis for reverse engineering purposes, but I've also been working in the system security and exploitation fields. I also have a strong interest in privacy, end-to-end... Read More →

Thursday November 3, 2016 2:15pm - 3:00pm PDT
2 - Technical Talk (Rm LL21AB)