Glyph

Presented at DEF CON 31 (2023), Aug. 11, 2023, 2 p.m. (115 minutes)

Reverse engineering is an important task performed by security researchers to identify vulnerable functions and malicious functions in IoT (Internet of Things) devices that are often shared across multiple devices of many system architectures. Common techniques to currently identify the reuse of these functions do not perform cross-architecture identification unless specific data such as unique strings are identified that may be of use in identifying a piece of code. Utilizing natural language processing techniques, Glyph allows you to upload an ELF binary (32 & 64 bit) for cross-architecture function fingerprinting, upon analysis, a web-based function symbol table will be created and presented to the user to aid in their analysis of binary executables/shared objects.

Presenters:

• Corey Hartman
  Corey Hartman served 6 years active duty in the United States Air Force, later obtaining a Bachelor of Science degree in Software Development, and a Master of Science degree in Computer Science. Corey is now a student at Dakota State University pursuing a PhD in Cyber Operations with his dissertation focused on behavioral analysis of malware through machine learning, and works as a software developer and reverse engineer out of San Antonio, Texas.

Similar Presentations:

• DeepSec 2017 „Science First!“ / Enhancing Control Flow Graph Based Binary Function Identification
• DeepSec 2013 „Secrets, Failures, and Visions“ / spin: Static Instrumentation For Binary Reverse-Engineering
• REcon 2012 / Cryptographic Function Identification in Obfuscated Binary Programs