The Nature of Ephemeral Secrets in Reverse Engineering Tasks

Reverse engineering is typically carried out on static binary objects, such as files or compiled programs. Often the goal of reverse engineering is to extract a secret that is ephemeral and only exists while the system is running. Automation and dynamic analysis enable reverse engineers to extract ephemeral secrets from dynamic systems, obviating the need for analyzing static artifacts such as executable binaries. I support this thesis through four automated reverse engineering efforts: (1) named entity extraction to track Chinese Internet censorship based on keywords; (2) dynamic information flow tracking to locate secret keys in memory for a live program; (3) man-in-the-middle to emulate server behavior for extracting cryptographic secrets; and, (4) large-scale measurement and data mining of TCP/IP handshake behaviors to reveal machines on the Internet vulnerable to TCP/IP hijacking and other attacks. In each of these cases, automation enables the extraction of ephemeral secrets, often in situations where there is no accessible static binary object containing the secret. Furthermore, each project was contingent on building an automated system that interacted with the dynamic system in order to extract the secret(s). This general approach provides a new perspective, increasing the types of systems that can be reverse engineered and provides a promising direction for the future of reverse engineering

Analysis of Software Binaries for Reengineering-Driven Product Line Architecture\^aAn Industrial Case Study

This paper describes a method for the recovering of software architectures from a set of similar (but unrelated) software products in binary form. One intention is to drive refactoring into software product lines and combine architecture recovery with run time binary analysis and existing clustering methods. Using our runtime binary analysis, we create graphs that capture the dependencies between different software parts. These are clustered into smaller component graphs, that group software parts with high interactions into larger entities. The component graphs serve as a basis for further software product line work. In this paper, we concentrate on the analysis part of the method and the graph clustering. We apply the graph clustering method to a real application in the context of automation / robot configuration software tools.Comment: In Proceedings FMSPLE 2015, arXiv:1504.0301

A dynamic tactile sensor on photoelastic effect

Certain photoelastic materials exhibit birefringent characteristics at a very low level of strain. This property of material may be suitable for dynamic or wave propagation studies, which can be exploited for designing tactile sensors. This paper presents the design, construction and testing of a novel dynamic sensor based on photoelastic effect, which is capable of detecting object slip as well as providing normal force information. The paper investigates the mechanics of object slip, and develops an approximate model of the sensor. This allows visualization of various parameters involved in the sensor design. The model also explains design improvements necessary to obtain continuous signal during object slip. The developed sensor has been compared with other existing sensors and experimental results from the sensor have been discussed. The sensor is calibrated for normal force which is in addition to the dynamic signal that it provides from the same contact location. The sensor has a simple design and is of a small size allowing it to be incorporated into robotic fingers, and it provides output signals which are largely unaffected by external disturbances