{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,12]],"date-time":"2026-06-12T09:08:03Z","timestamp":1781255283049,"version":"3.54.1"},"reference-count":154,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2019,6,18]],"date-time":"2019-06-18T00:00:00Z","timestamp":1560816000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100006012","name":"Christian Doppler Forschungsgesellschaft","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100006012","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Austrian Research Promotion Agency","award":["SBA-K1 (854188)"],"award-info":[{"award-number":["SBA-K1 (854188)"]}]},{"name":"City of Vienna, MA 23","award":["MA 23-Project 17-06"],"award-info":[{"award-number":["MA 23-Project 17-06"]}]},{"name":"Josef Ressel Center (JRC) project TARGET"},{"name":"Austrian Federal Ministry for Digital and Economic Affairs"},{"name":"National Foundation for Research, Technology, and Development is gratefully acknowledged"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2020,5,31]]},"abstract":"<jats:p>Binary rewriting is changing the semantics of a program without having the source code at hand. It is used for diverse purposes, such as emulation (e.g., QEMU), optimization (e.g., DynInst), observation (e.g., Valgrind), and hardening (e.g., Control flow integrity enforcement). This survey gives detailed insight into the development and state-of-the-art in binary rewriting by reviewing 67 publications from 1966 to 2018. Starting from these publications, we provide an in-depth investigation of the challenges and respective solutions to accomplish binary rewriting. Based on our findings, we establish a thorough categorization of binary rewriting approaches with respect to their use-case, applied analysis technique, code-transformation method, and code generation techniques. We contribute a comprehensive mapping between binary rewriting tools, applied techniques, and their domain of application. Our findings emphasize that although much work has been done over the past decades, most of the effort was put into improvements aiming at rewriting general purpose applications but ignoring other challenges like altering throughput-oriented programs or software with real-time requirements, which are often used in the emerging field of the Internet of Things. To the best of our knowledge, our survey is the first comprehensive overview on the complete binary rewriting process.<\/jats:p>","DOI":"10.1145\/3316415","type":"journal-article","created":{"date-parts":[[2019,6,19]],"date-time":"2019-06-19T12:05:38Z","timestamp":1560945938000},"page":"1-37","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":53,"title":["From Hack to Elaborate Technique\u2014A Survey on Binary Rewriting"],"prefix":"10.1145","volume":"52","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8248-7868","authenticated-orcid":false,"given":"Matthias","family":"Wenzl","sequence":"first","affiliation":[{"name":"FH Technikum Wien, Vienna, Austria"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Georg","family":"Merzdovnik","sequence":"additional","affiliation":[{"name":"SBA Research, Vienna, Austria"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Johanna","family":"Ullrich","sequence":"additional","affiliation":[{"name":"SBA Research, Austria and CDL-SQI, TU Wien, Austria"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Edgar","family":"Weippl","sequence":"additional","affiliation":[{"name":"SBA Research, Austria and CDL-SQI, TU Wien, Austria"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2019,6,18]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Control-flow Integrity. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS\u201905)","author":"Abadi Mart\u00edn","year":"2005","unstructured":"Mart\u00edn Abadi , Mihai Budiu , \u00dalfar Erlingsson , and Jay Ligatti . 2005 . Control-flow Integrity. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS\u201905) . ACM, New York, NY, 340--353. Mart\u00edn Abadi, Mihai Budiu, \u00dalfar Erlingsson, and Jay Ligatti. 2005. Control-flow Integrity. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS\u201905). ACM, New York, NY, 340--353."},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/178243.178456"},{"key":"e_1_2_1_3_1","volume-title":"Ullman","author":"Aho Alfred V.","year":"1986","unstructured":"Alfred V. Aho , Ravi Sethi , and Jeffrey D . Ullman . 1986 . Compilers : Principles, Techniques, and Tools, vol. 7 . Addison Wesley . Alfred V. Aho, Ravi Sethi, and Jeffrey D. Ullman. 1986. Compilers: Principles, Techniques, and Tools, vol. 7. Addison Wesley."},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/390013.808479"},{"key":"e_1_2_1_5_1","volume-title":"Wall and Amitabh Srivastava","author":"David","year":"1992","unstructured":"David W. Wall and Amitabh Srivastava . 1992 . A Practical System for Intermodule Code Optimization at Link-Time. Technical report. Hewlett-Packard . David W. Wall and Amitabh Srivastava. 1992. A Practical System for Intermodule Code Optimization at Link-Time. Technical report. Hewlett-Packard."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2465351.2465380"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/143371.143520"},{"key":"e_1_2_1_8_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Andriesse Dennis","unstructured":"Dennis Andriesse , Xi Chen , Victor van der Veen, Asia Slowinska, and Herbert Bos. 2016. An in-depth analysis of disassembly on full-scale x86\/x64 binaries . In Proceedings of the USENIX Security Symposium. Dennis Andriesse, Xi Chen, Victor van der Veen, Asia Slowinska, and Herbert Bos. 2016. An in-depth analysis of disassembly on full-scale x86\/x64 binaries. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2017.11"},{"key":"e_1_2_1_10_1","volume-title":"Proceedings of the IEEE 25th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS\u201917)","author":"Arafa P.","unstructured":"P. Arafa , G. M. Tchamgoue , H. Kashif , and S. Fischmeister . 2017. QDIME: QoS-aware dynamic binary instrumentation . In Proceedings of the IEEE 25th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS\u201917) . 132--142. P. Arafa, G. M. Tchamgoue, H. Kashif, and S. Fischmeister. 2017. QDIME: QoS-aware dynamic binary instrumentation. In Proceedings of the IEEE 25th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS\u201917). 132--142."},{"key":"e_1_2_1_11_1","doi-asserted-by":"crossref","unstructured":"Vasanth Bala Evelyn Duesterwald and Sanjeev Banerjia. 1999. Transparent Dynamic Optimization: The Design and Implementation of Dynamo. Technical report. Digital Western Research Laboratory.  Vasanth Bala Evelyn Duesterwald and Sanjeev Banerjia. 1999. Transparent Dynamic Optimization: The Design and Implementation of Dynamo. Technical report. Digital Western Research Laboratory.","DOI":"10.1145\/349299.349303"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1988042.1988044"},{"key":"e_1_2_1_13_1","volume-title":"Compiler Construction","author":"Balakrishnan Gogul","unstructured":"Gogul Balakrishnan and Thomas Reps . 2004. Analyzing memory accesses in x86 executables . In Compiler Construction . Springer , 2732--2733. Gogul Balakrishnan and Thomas Reps. 2004. Analyzing memory accesses in x86 executables. In Compiler Construction. Springer, 2732--2733."},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1749608.1749612"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3182657"},{"key":"e_1_2_1_16_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium.","author":"Bao Tiffany","year":"2014","unstructured":"Tiffany Bao , Johnathon Burket , Maverick Woo , Rafael Turner , and David Brumley . 2014 . Byteweight: Learning to recognize functions in binary code . In Proceedings of the 23rd USENIX Security Symposium. Tiffany Bao, Johnathon Burket, Maverick Woo, Rafael Turner, and David Brumley. 2014. Byteweight: Learning to recognize functions in binary code. In Proceedings of the 23rd USENIX Security Symposium."},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23300"},{"key":"e_1_2_1_18_1","volume-title":"Proceedings of the","author":"Bedichek Robert","year":"1990","unstructured":"Robert Bedichek . 1990 . Some efficient architecture simulation techniques . In Proceedings of the Winter 1990 USENIX Conference. 53--64. Robert Bedichek. 1990. Some efficient architecture simulation techniques. In Proceedings of the Winter 1990 USENIX Conference. 53--64."},{"key":"e_1_2_1_19_1","volume-title":"Proceedings of the USENIX Annual Technical Conference, FREENIX Track. 41--46","author":"Bellard Fabrice","year":"2005","unstructured":"Fabrice Bellard . 2005 . QEMU, a fast and portable dynamic translator . In Proceedings of the USENIX Annual Technical Conference, FREENIX Track. 41--46 . Retrieved from https:\/\/www.usenix.org\/legacy\/event\/usenix05\/tech\/freenix\/full_papers\/bellard\/bellard_html\/. Fabrice Bellard. 2005. QEMU, a fast and portable dynamic translator. In Proceedings of the USENIX Annual Technical Conference, FREENIX Track. 41--46. Retrieved from https:\/\/www.usenix.org\/legacy\/event\/usenix05\/tech\/freenix\/full_papers\/bellard\/bellard_html\/."},{"key":"e_1_2_1_20_1","first-page":"87","article-title":"Hp-3000 emulation on HP precision architecture computers","volume":"38","author":"Bergh Arndt B.","year":"1987","unstructured":"Arndt B. Bergh , Keith Keilman , Daniel J. Magenheimer , and James A. Miller . 1987 . Hp-3000 emulation on HP precision architecture computers . Hewlett-Packard J. 38 , 11 (1987), 87 -- 89 . Arndt B. Bergh, Keith Keilman, Daniel J. Magenheimer, and James A. Miller. 1987. Hp-3000 emulation on HP precision architecture computers. Hewlett-Packard J. 38, 11 (1987), 87--89.","journal-title":"Hewlett-Packard J."},{"key":"e_1_2_1_21_1","volume-title":"Proceedings of the 10th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools (PASTE\u201911)","author":"Andrew","unstructured":"Andrew R. Bernat and Barton P. Miller. 2011. Anywhere, any-time binary instrumentation . In Proceedings of the 10th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools (PASTE\u201911) . ACM, New York, NY, 9--16. Andrew R. Bernat and Barton P. Miller. 2011. Anywhere, any-time binary instrumentation. In Proceedings of the 10th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools (PASTE\u201911). ACM, New York, NY, 9--16."},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0065-2458(08)60641-5"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.5555\/776261.776290"},{"key":"e_1_2_1_24_1","volume-title":"Schwartz","author":"Brumley David","year":"2011","unstructured":"David Brumley , Ivan Jager , Thanassis Avgerinos , and Edward J . Schwartz . 2011 . BAP : A Binary Analysis Platform. Springer , Berlin, 463--469. David Brumley, Ivan Jager, Thanassis Avgerinos, and Edward J. Schwartz. 2011. BAP: A Binary Analysis Platform. Springer, Berlin, 463--469."},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1177\/109434200001400404"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2896499"},{"key":"e_1_2_1_27_1","volume-title":"Proceedings of the USENIX Security Symposium. 161--176","author":"Carlini Nicholas","unstructured":"Nicholas Carlini , Antonio Barresi , Mathias Payer , David Wagner , and Thomas R. Gross . 2015. Control-flow bending: On the effectiveness of control-flow integrity . In Proceedings of the USENIX Security Symposium. 161--176 . Nicholas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R. Gross. 2015. Control-flow bending: On the effectiveness of control-flow integrity. In Proceedings of the USENIX Security Symposium. 161--176."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.31"},{"key":"e_1_2_1_29_1","volume-title":"Proceedings of the IEEE International Symposium on Signal Processing and Information Technology (ISSPIT\u201905)","volume":"00","author":"Chanet D.","unstructured":"D. Chanet , B. De Bus , B. De Sutter , L. Van Put , and K. De Bosschere . 2005. DIABLO: A reliable, retargetable and extensible link-time rewriting framework . In Proceedings of the IEEE International Symposium on Signal Processing and Information Technology (ISSPIT\u201905) , Vol. 00 . 7--12. D. Chanet, B. De Bus, B. De Sutter, L. Van Put, and K. De Bosschere. 2005. DIABLO: A reliable, retargetable and extensible link-time rewriting framework. In Proceedings of the IEEE International Symposium on Signal Processing and Information Technology (ISSPIT\u201905), Vol. 00. 7--12."},{"key":"e_1_2_1_30_1","volume-title":"Proceedings of the 3rd ACM Workshop on Feedback-Directed and Dynamic Optimization (FDDO\u201900)","author":"Chen Wen-Ke","unstructured":"Wen-Ke Chen , Sorin Lerner , Ronnie Chaiken , and David M. Gillies . 2000. Mojo: A dynamic optimization system . In Proceedings of the 3rd ACM Workshop on Feedback-Directed and Dynamic Optimization (FDDO\u201900) . 81--90. Wen-Ke Chen, Sorin Lerner, Ronnie Chaiken, and David M. Gillies. 2000. Mojo: A dynamic optimization system. In Proceedings of the 3rd ACM Workshop on Feedback-Directed and Dynamic Optimization (FDDO\u201900). 81--90."},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2534706.2534719"},{"key":"e_1_2_1_32_1","volume-title":"Proceedings of the International Conference on Software Maintenance. 340--349","author":"Cifuentes C.","unstructured":"C. Cifuentes and V. Malhotra . 1996. Binary translation: Static, dynamic, retargetable? In Proceedings of the International Conference on Software Maintenance. 340--349 . C. Cifuentes and V. Malhotra. 1996. Binary translation: Static, dynamic, retargetable? In Proceedings of the International Conference on Software Maintenance. 340--349."},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.825697"},{"key":"e_1_2_1_34_1","volume-title":"Proceedings of the International Conference on Software Maintenance. 188--195","author":"Cifuentes C.","unstructured":"C. Cifuentes and A. Fraboulet . 1997. Intraprocedural static slicing of binary executables . In Proceedings of the International Conference on Software Maintenance. 188--195 . C. Cifuentes and A. Fraboulet. 1997. Intraprocedural static slicing of binary executables. In Proceedings of the International Conference on Software Maintenance. 188--195."},{"key":"e_1_2_1_35_1","volume-title":"Walkabout: A retargetable dynamic binary translation framework. Sun Microsystems","author":"Cifuentes Cristina","year":"2002","unstructured":"Cristina Cifuentes , Brian Lewis , and David Ung . 2002 . Walkabout: A retargetable dynamic binary translation framework. Sun Microsystems , Inc . Cristina Cifuentes, Brian Lewis, and David Ung. 2002. Walkabout: A retargetable dynamic binary translation framework. Sun Microsystems, Inc."},{"key":"e_1_2_1_36_1","volume-title":"Shade: A fast instruction-set simulator for execution profiling. In Fast Simulation of Computer Architectures","author":"Cmelik Bob","year":"1995","unstructured":"Bob Cmelik and David Keppel . 1995 . Shade: A fast instruction-set simulator for execution profiling. In Fast Simulation of Computer Architectures . Springer , 5--46. Bob Cmelik and David Keppel. 1995. Shade: A fast instruction-set simulator for execution profiling. In Fast Simulation of Computer Architectures. Springer, 5--46."},{"key":"e_1_2_1_37_1","volume-title":"Proceedings of the International Workshop on Parallel and Distributed Real-Time Systems (WPDRTS\u201995)","author":"Cogswell Bryce H.","unstructured":"Bryce H. Cogswell and Z. Segall . 1995. Timing insensitive binary-to-binary migration across multiprocessor architectures . In Proceedings of the International Workshop on Parallel and Distributed Real-Time Systems (WPDRTS\u201995) . IEEE, 193. Bryce H. Cogswell and Z. Segall. 1995. Timing insensitive binary-to-binary migration across multiprocessor architectures. In Proceedings of the International Workshop on Parallel and Distributed Real-Time Systems (WPDRTS\u201995). IEEE, 193."},{"key":"e_1_2_1_38_1","volume-title":"JTR: A Binary Solution for Switch-Case Recovery","author":"Cojocar Lucian","year":"2017","unstructured":"Lucian Cojocar , Taddeus Kroes , and Herbert Bos . 2017 . JTR: A Binary Solution for Switch-Case Recovery . Springer International Publishing , Cham , 177--195. Lucian Cojocar, Taddeus Kroes, and Herbert Bos. 2017. JTR: A Binary Solution for Switch-Case Recovery. Springer International Publishing, Cham, 177--195."},{"key":"e_1_2_1_39_1","volume-title":"Honeywell Series 200 and","author":"Datapro Research Corporation","year":"2000","unstructured":"Datapro Research Corporation . 1974. Honeywell Series 200 and 2000 . Retrieved from www.bitsavers.org\/pdf\/honeywell\/datapro\/70C-480-01_7404_Honeywell_200_2000.pdf. Datapro Research Corporation. 1974. Honeywell Series 200 and 2000. Retrieved from www.bitsavers.org\/pdf\/honeywell\/datapro\/70C-480-01_7404_Honeywell_200_2000.pdf."},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1093\/logcom\/2.4.511"},{"key":"e_1_2_1_41_1","volume-title":"Proceedings of the USENIX Security Symposium","volume":"98","author":"Cowan Crispan","year":"1998","unstructured":"Crispan Cowan , Calton Pu , Dave Maier , Jonathan Walpole , Peat Bakke , Steve Beattie , Aaron Grier , Perry Wagle , Qian Zhang , and Heather Hinton . 1998 . Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks . In Proceedings of the USENIX Security Symposium , vol. 98 . 63--78. Crispan Cowan, Calton Pu, Dave Maier, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, Qian Zhang, and Heather Hinton. 1998. Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proceedings of the USENIX Security Symposium, vol. 98. 63--78."},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966920"},{"key":"e_1_2_1_43_1","volume-title":"Proceedings of the 10th IET System Safety and Cyber-Security Conference","author":"Davidson J. W.","year":"2015","unstructured":"J. W. Davidson , J. Hiser , A. Nguyen-Tuong , M. Co , B. D. Rodes , and J. C. Knight . 2015. Security protection of binary programs . In Proceedings of the 10th IET System Safety and Cyber-Security Conference 2015 . 1--6. J. W. Davidson, J. Hiser, A. Nguyen-Tuong, M. Co, B. D. Rodes, and J. C. Knight. 2015. Security protection of binary programs. In Proceedings of the 10th IET System Safety and Cyber-Security Conference 2015. 1--6."},{"key":"e_1_2_1_44_1","volume-title":"Proceedings of the 46th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks Workshop (DSNW\u201916)","author":"Davidson J. W.","unstructured":"J. W. Davidson , J. D. Hiser , A. Nguyen-Tuong , C. L. Coleman , W. H. Hawkins , J. C. Knight , B. D. Rodes , and A. B. Hocking . 2016. A system for the security protection of embedded binary programs . In Proceedings of the 46th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks Workshop (DSNW\u201916) . 234--237. J. W. Davidson, J. D. Hiser, A. Nguyen-Tuong, C. L. Coleman, W. H. Hawkins, J. C. Knight, B. D. Rodes, and A. B. Hocking. 2016. A system for the security protection of embedded binary programs. In Proceedings of the 46th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks Workshop (DSNW\u201916). 234--237."},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/998300.997194"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3033019.3033028"},{"key":"e_1_2_1_47_1","unstructured":"Thomas Dullien and Sebastian Porst.2009. REIL: A platform-independent intermediate representation of disassembled code for static code analysis. Retrieved from http:\/\/www.zynamics.com\/downloads\/csw09.pdf.  Thomas Dullien and Sebastian Porst.2009. REIL: A platform-independent intermediate representation of disassembled code for static code analysis. Retrieved from http:\/\/www.zynamics.com\/downloads\/csw09.pdf."},{"key":"e_1_2_1_48_1","unstructured":"Dyninst Developers. 2016. DynInst\u2014Dynamic Instrumentation Framework. Retrieved from http:\/\/www.dyninst.org\/parse.  Dyninst Developers. 2016. DynInst\u2014Dynamic Instrumentation Framework. Retrieved from http:\/\/www.dyninst.org\/parse."},{"key":"e_1_2_1_50_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium.","author":"Egele Manuel","year":"2014","unstructured":"Manuel Egele , Maverick Woo , Peter Chapman , and David Brumley . 2014 . Blanket execution: Dynamic similarity testing for program binaries and components . In Proceedings of the 23rd USENIX Security Symposium. Manuel Egele, Maverick Woo, Peter Chapman, and David Brumley. 2014. Blanket execution: Dynamic similarity testing for program binaries and components. In Proceedings of the 23rd USENIX Security Symposium."},{"key":"e_1_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813646"},{"key":"e_1_2_1_52_1","volume-title":"Proceedings of the International Conference on Compliers, Architectures, and Sythesis of Embedded Systems (CASES\u201916)","author":"Di Federico A.","unstructured":"A. Di Federico and G. Agosta . 2016. A jump-target identification method for multi-architecture static binary translation . In Proceedings of the International Conference on Compliers, Architectures, and Sythesis of Embedded Systems (CASES\u201916) . 1--10. A. Di Federico and G. Agosta. 2016. A jump-target identification method for multi-architecture static binary translation. In Proceedings of the International Conference on Compliers, Architectures, and Sythesis of Embedded Systems (CASES\u201916). 1--10."},{"key":"e_1_2_1_54_1","volume-title":"Proceedings of the USENIX Security Symposium. 315--325","author":"Graham Susan L.","year":"1995","unstructured":"Susan L. Graham , Steven Lucco , and Robert Wahbe . 1995 . Adaptable binary programs . In Proceedings of the USENIX Security Symposium. 315--325 . Susan L. Graham, Steven Lucco, and Robert Wahbe. 1995. Adaptable binary programs. In Proceedings of the USENIX Security Symposium. 315--325."},{"key":"e_1_2_1_55_1","volume-title":"Workshop on Architectural and Microarchitectural Support for Binary Translation.","author":"Hasabnis Niranjan","unstructured":"Niranjan Hasabnis and R. Sekar . 2015. Automatic generation of assembly to IR translators using compilers . Workshop on Architectural and Microarchitectural Support for Binary Translation. Niranjan Hasabnis and R. Sekar. 2015. Automatic generation of assembly to IR translators using compilers. Workshop on Architectural and Microarchitectural Support for Binary Translation."},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/2872362.2872380"},{"key":"e_1_2_1_57_1","volume-title":"Proceedings of the 47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN\u201917)","author":"Hawkins W. H.","unstructured":"W. H. Hawkins , J. D. Hiser , M. Co , A. Nguyen-Tuong , and J. W. Davidson . 2017. Zipr: Efficient static binary rewriting for security . In Proceedings of the 47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN\u201917) . 559--566. W. H. Hawkins, J. D. Hiser, M. Co, A. Nguyen-Tuong, and J. W. Davidson. 2017. Zipr: Efficient static binary rewriting for security. In Proceedings of the 47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN\u201917). 559--566."},{"key":"e_1_2_1_58_1","volume-title":"Proceedings of the 11th Annual Cyber and Information Security Research Conference (CISRC\u201916)","author":"Hawkins William H.","unstructured":"William H. Hawkins , Jason D. Hiser , and Jack W. Davidson . 2016. Dynamic canary randomization for improved software security . In Proceedings of the 11th Annual Cyber and Information Security Research Conference (CISRC\u201916) . ACM, New York, NY. William H. Hawkins, Jason D. Hiser, and Jack W. Davidson. 2016. Dynamic canary randomization for improved software security. In Proceedings of the 11th Annual Cyber and Information Security Research Conference (CISRC\u201916). ACM, New York, NY."},{"key":"e_1_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.5555\/2011943"},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1145\/1176760.1176793"},{"key":"e_1_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/3141235.3141240"},{"key":"e_1_2_1_62_1","volume-title":"Proceedings of the IEEE Scalable High Performance Computing Conference. 841--850","author":"Hollingsworth J. K.","unstructured":"J. K. Hollingsworth , B. P. Miller , and J. Cargille . 1994. Dynamic program instrumentation for scalable performance tools . In Proceedings of the IEEE Scalable High Performance Computing Conference. 841--850 . J. K. Hollingsworth, B. P. Miller, and J. Cargille. 1994. Dynamic program instrumentation for scalable performance tools. In Proceedings of the IEEE Scalable High Performance Computing Conference. 841--850."},{"key":"e_1_2_1_63_1","unstructured":"Honeywell Inc. 1966. Honeywell Series 200 Operating Systems. Retrieved from http:\/\/s3data.computerhistory.org\/brochures\/honeywell.osorientationmgmt.1966.102646090.pdf.  Honeywell Inc. 1966. Honeywell Series 200 Operating Systems. Retrieved from http:\/\/s3data.computerhistory.org\/brochures\/honeywell.osorientationmgmt.1966.102646090.pdf."},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1093\/comjnl\/23.3.223"},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/1134760.1134764"},{"key":"e_1_2_1_66_1","unstructured":"Intel Inc. 2016. Intel XED. Retrieved from https:\/\/intelxed.github.io\/.  Intel Inc. 2016. Intel XED. Retrieved from https:\/\/intelxed.github.io\/."},{"key":"e_1_2_1_67_1","unstructured":"Josh Poimboeuf Seth Jennings. 2014. Kpatch. Retrieved from http:\/\/rhelblog.redhat.com\/2014\/02\/26\/kpatch\/.  Josh Poimboeuf Seth Jennings. 2014. Kpatch. Retrieved from http:\/\/rhelblog.redhat.com\/2014\/02\/26\/kpatch\/."},{"key":"e_1_2_1_68_1","volume-title":"Proceedings of the Winter\u201990 USENIX Conference. 325--330","author":"Johnson Stephen C.","year":"1990","unstructured":"Stephen C. Johnson . 1990 . Postloading for fun and profit . In Proceedings of the Winter\u201990 USENIX Conference. 325--330 . Stephen C. Johnson. 1990. Postloading for fun and profit. In Proceedings of the Winter\u201990 USENIX Conference. 325--330."},{"key":"e_1_2_1_69_1","unstructured":"Randy Kath. 1992. The Debugging Application Programming Interface. Retrieved from https:\/\/msdn.microsoft.com\/en-us\/library\/ms809754.aspx.  Randy Kath. 1992. The Debugging Application Programming Interface. Retrieved from https:\/\/msdn.microsoft.com\/en-us\/library\/ms809754.aspx."},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/512927.512945"},{"key":"e_1_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134627"},{"key":"e_1_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70545-1_40"},{"key":"e_1_2_1_73_1","volume-title":"Proceedings of the IEEE Conference on Formal Methods in Computer-Aided Design (FMCAD\u201910)","author":"Kinder Johannes","year":"2010","unstructured":"Johannes Kinder and Helmut Veith . 2010 . Precise static analysis of untrusted driver binaries . In Proceedings of the IEEE Conference on Formal Methods in Computer-Aided Design (FMCAD\u201910) . IEEE, 43--50. Johannes Kinder and Helmut Veith. 2010. Precise static analysis of untrusted driver binaries. In Proceedings of the IEEE Conference on Formal Methods in Computer-Aided Design (FMCAD\u201910). IEEE, 43--50."},{"key":"e_1_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-93900-9_19"},{"key":"e_1_2_1_75_1","volume-title":"Proceedings of the 11th USENIX Security Symposium. USENIX Association","author":"Kiriansky Vladimir","unstructured":"Vladimir Kiriansky , Derek Bruening , and Saman P. Amarasinghe . 2002. Secure execution via program shepherding . In Proceedings of the 11th USENIX Security Symposium. USENIX Association , Berkeley, CA, 191--206. Vladimir Kiriansky, Derek Bruening, and Saman P. Amarasinghe. 2002. Secure execution via program shepherding. In Proceedings of the 11th USENIX Security Symposium. USENIX Association, Berkeley, CA, 191--206."},{"key":"e_1_2_1_76_1","volume-title":"Proceedings 3rd IEEE International Workshop on Source Code Analysis and Manipulation. 118--127","author":"Kiss A.","unstructured":"A. Kiss , J. Jasz , G. Lehotai , and T. Gyimothy . 2003. Interprocedural static slicing of binary executables . In Proceedings 3rd IEEE International Workshop on Source Code Analysis and Manipulation. 118--127 . A. Kiss, J. Jasz, G. Lehotai, and T. Gyimothy. 2003. Interprocedural static slicing of binary executables. In Proceedings 3rd IEEE International Workshop on Source Code Analysis and Manipulation. 118--127."},{"key":"e_1_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1016\/0020-0190(88)90054-3"},{"key":"e_1_2_1_78_1","volume-title":"Proceedings of the USENIX Security Symposium","volume":"13","author":"Kruegel Christopher","year":"2004","unstructured":"Christopher Kruegel , William Robertson , Fredrik Valeur , and Giovanni Vigna . 2004 . Static disassembly of obfuscated binaries . In Proceedings of the USENIX Security Symposium , Vol. 13 . 18--18. Christopher Kruegel, William Robertson, Fredrik Valeur, and Giovanni Vigna. 2004. Static disassembly of obfuscated binaries. In Proceedings of the USENIX Security Symposium, Vol. 13. 18--18."},{"key":"e_1_2_1_79_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy. 276--291","author":"Larsen P.","unstructured":"P. Larsen , A. Homescu , S. Brunthaler , and M. Franz . 2014. SoK: Automated software diversity . In Proceedings of the IEEE Symposium on Security and Privacy. 276--291 . P. Larsen, A. Homescu, S. Brunthaler, and M. Franz. 2014. SoK: Automated software diversity. In Proceedings of the IEEE Symposium on Security and Privacy. 276--291."},{"key":"e_1_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1002\/spe.4380240204"},{"key":"e_1_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1145\/223428.207163"},{"key":"e_1_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISPASS.2010.5452024"},{"key":"e_1_2_1_83_1","unstructured":"LLVM Compiler Infrastructure. {n.d.}. LLVM Language Reference Manual. Retrieved from http:\/\/llvm.org\/docs\/LangRef.html.  LLVM Compiler Infrastructure. {n.d.}. LLVM Language Reference Manual. Retrieved from http:\/\/llvm.org\/docs\/LangRef.html."},{"key":"e_1_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"key":"e_1_2_1_85_1","volume-title":"Proceedings of the International Symposium on Code Generation and Optimization: Feedback-directed and Runtime Optimization (CGO\u201904)","author":"Luk Chi-Keung","year":"2004","unstructured":"Chi-Keung Luk , Robert Muth , Harish Patil , Robert Cohn , and Geoff Lowney . 2004 . Ispike: A post-link optimizer for the Intel Itanium architecture . In Proceedings of the International Symposium on Code Generation and Optimization: Feedback-directed and Runtime Optimization (CGO\u201904) . IEEE Computer Society, Washington, DC, 15--. Chi-Keung Luk, Robert Muth, Harish Patil, Robert Cohn, and Geoff Lowney. 2004. Ispike: A post-link optimizer for the Intel Itanium architecture. In Proceedings of the International Symposium on Code Generation and Optimization: Feedback-directed and Runtime Optimization (CGO\u201904). IEEE Computer Society, Washington, DC, 15--."},{"key":"e_1_2_1_86_1","volume-title":"Proceedings of the 20th IEEE Real-Time Systems Symposium. 12--21","author":"Lundqvist T.","unstructured":"T. Lundqvist and P. Stenstrom . 1999. Timing anomalies in dynamically scheduled microprocessors . In Proceedings of the 20th IEEE Real-Time Systems Symposium. 12--21 . T. Lundqvist and P. Stenstrom. 1999. Timing anomalies in dynamically scheduled microprocessors. In Proceedings of the 20th IEEE Real-Time Systems Symposium. 12--21."},{"key":"e_1_2_1_87_1","volume-title":"Proceedings of the Compendium of Workshops and Tutorials Held in Conjunction with the International Conference on Parallel Architectures and Compilation Techniques (PACT\u201902)","author":"Maebe Jonas","year":"2002","unstructured":"Jonas Maebe , Michiel Ronsse , and Koen De Bosschere . 2002 . DIOTA: Dynamic instrumentation, optimization and transformation of applications . In Proceedings of the Compendium of Workshops and Tutorials Held in Conjunction with the International Conference on Parallel Architectures and Compilation Techniques (PACT\u201902) . Jonas Maebe, Michiel Ronsse, and Koen De Bosschere. 2002. DIOTA: Dynamic instrumentation, optimization and transformation of applications. In Proceedings of the Compendium of Workshops and Tutorials Held in Conjunction with the International Conference on Parallel Architectures and Compilation Techniques (PACT\u201902)."},{"key":"e_1_2_1_88_1","doi-asserted-by":"publisher","DOI":"10.1145\/3141235.3141245"},{"key":"e_1_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1145\/960114.29651"},{"key":"e_1_2_1_90_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"McCamant Stephen","year":"2006","unstructured":"Stephen McCamant and Greg Morrisett . 2006 . Evaluating SFI for a CISC architecture . In Proceedings of the USENIX Security Symposium. Retrieved from https:\/\/www.usenix.org\/legacy\/event\/sec06\/tech\/mccamant\/mccamant_html\/. Stephen McCamant and Greg Morrisett. 2006. Evaluating SFI for a CISC architecture. In Proceedings of the USENIX Security Symposium. Retrieved from https:\/\/www.usenix.org\/legacy\/event\/sec06\/tech\/mccamant\/mccamant_html\/."},{"key":"e_1_2_1_91_1","volume-title":"Proceedings of the 25th International Symposium on Software Testing and Analysis (ISSTA\u201916)","author":"Meng Xiaozhu","unstructured":"Xiaozhu Meng and Barton P. Miller . 2016. Binary code is not easy . In Proceedings of the 25th International Symposium on Software Testing and Analysis (ISSTA\u201916) . ACM, New York, NY, 24--35. Xiaozhu Meng and Barton P. Miller. 2016. Binary code is not easy. In Proceedings of the 25th International Symposium on Software Testing and Analysis (ISSTA\u201916). ACM, New York, NY, 24--35."},{"key":"e_1_2_1_92_1","volume-title":"Binary Code Patching: An Ancient Art Refined for the 21st Century","author":"Miller Barton P.","year":"2006","unstructured":"Barton P. Miller . 2006. Binary Code Patching: An Ancient Art Refined for the 21st Century . NC State University Computer Science Department Seminars 2006 --2007. Retrieved from http:\/\/moss.csc.ncsu.edu\/mueller\/seminar\/fall06\/miller.html. Barton P. Miller. 2006. Binary Code Patching: An Ancient Art Refined for the 21st Century. NC State University Computer Science Department Seminars 2006--2007. Retrieved from http:\/\/moss.csc.ncsu.edu\/mueller\/seminar\/fall06\/miller.html."},{"key":"e_1_2_1_93_1","doi-asserted-by":"publisher","DOI":"10.1002\/1097-024X(200101)31:1%3C67::AID-SPE357%3E3.0.CO;2-A"},{"key":"e_1_2_1_94_1","volume-title":"The Art of Software Testing","author":"Myers Glenford J.","unstructured":"Glenford J. Myers , Corey Sandler , and Tom Badgett . 2011. The Art of Software Testing . John Wiley 8 Sons. Glenford J. Myers, Corey Sandler, and Tom Badgett. 2011. The Art of Software Testing. John Wiley 8 Sons."},{"key":"e_1_2_1_95_1","volume-title":"A survey on virtualization technologies. RPE Rep. 142","author":"Nanda Susanta","year":"2005","unstructured":"Susanta Nanda and Tzi-cker Chiueh. 2005. A survey on virtualization technologies. RPE Rep. 142 ( 2005 ). Susanta Nanda and Tzi-cker Chiueh. 2005. A survey on virtualization technologies. RPE Rep. 142 (2005)."},{"key":"e_1_2_1_96_1","doi-asserted-by":"publisher","DOI":"10.1109\/CGO.2006.6"},{"key":"e_1_2_1_98_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250746"},{"key":"e_1_2_1_99_1","volume-title":"Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses. Springer, 259--284","author":"Nyman Thomas","unstructured":"Thomas Nyman , Jan-Erik Ekberg , Lucas Davi , and N. Asokan . 2017. CFI CaRE: Hardware-supported call and return enforcement for commercial microcontrollers . In Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses. Springer, 259--284 . Thomas Nyman, Jan-Erik Ekberg, Lucas Davi, and N. Asokan. 2017. CFI CaRE: Hardware-supported call and return enforcement for commercial microcontrollers. In Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses. Springer, 259--284."},{"key":"e_1_2_1_100_1","unstructured":"Trail of Bits. 2017. MCSema. Retrieevd from https:\/\/github.com\/trailofbits\/mcsema.  Trail of Bits. 2017. MCSema. Retrieevd from https:\/\/github.com\/trailofbits\/mcsema."},{"key":"e_1_2_1_101_1","unstructured":"Dmytro Oleksiuk. 2014. OpenREIL. Retrieevd from https:\/\/github.com\/Cr4sh\/openreil  Dmytro Oleksiuk. 2014. OpenREIL. Retrieevd from https:\/\/github.com\/Cr4sh\/openreil"},{"key":"e_1_2_1_102_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-21424-0_13"},{"key":"e_1_2_1_103_1","unstructured":"Pradeep Padala. 2002. Playing with ptrace Part I. Linux J. (2002). Retrieved from http:\/\/www.linuxjournal.com\/article\/6100.   Pradeep Padala. 2002. Playing with ptrace Part I. Linux J. (2002). Retrieved from http:\/\/www.linuxjournal.com\/article\/6100."},{"key":"e_1_2_1_104_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-20550-2_8"},{"key":"e_1_2_1_105_1","unstructured":"Matt Pietrek. 1994. Peering Inside the PE: A Tour of the Win32 Portable Executable File Format. Retrieved from https:\/\/msdn.microsoft.com\/en-us\/library\/ms809762.aspx.  Matt Pietrek. 1994. Peering Inside the PE: A Tour of the Win32 Portable Executable File Format. Retrieved from https:\/\/msdn.microsoft.com\/en-us\/library\/ms809762.aspx."},{"key":"e_1_2_1_106_1","volume-title":"Proceedings of the USENIX Annual Technical Conference.","author":"Prasad Manish","year":"2003","unstructured":"Manish Prasad and Tzi-cker Chiueh. 2003 . A binary rewriting defense against stack-based buffer overflow attacks . In Proceedings of the USENIX Annual Technical Conference. Manish Prasad and Tzi-cker Chiueh. 2003. A binary rewriting defense against stack-based buffer overflow attacks. In Proceedings of the USENIX Annual Technical Conference."},{"key":"e_1_2_1_107_1","unstructured":"Qemu TCG Developers. 2006. Tiny Code Generator (TCG) Documentation. Retrieved from http:\/\/wiki.qemu.org\/Documentation\/TCG.  Qemu TCG Developers. 2006. Tiny Code Generator (TCG) Documentation. Retrieved from http:\/\/wiki.qemu.org\/Documentation\/TCG."},{"key":"e_1_2_1_108_1","volume-title":"Proceedings of the 47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN\u201917)","author":"Qiao R.","unstructured":"R. Qiao and R. Sekar . 2017. Function interface analysis: A principled approach for function recognition in COTS binaries . In Proceedings of the 47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN\u201917) . 201--212. R. Qiao and R. Sekar. 2017. Function interface analysis: A principled approach for function recognition in COTS binaries. In Proceedings of the 47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN\u201917). 201--212."},{"key":"e_1_2_1_109_1","volume-title":"Hollingsworth","author":"Ravipati Giridhar","year":"2007","unstructured":"Giridhar Ravipati , Andrew R. Bernat , Nate Rosenblum , Barton P. Miller , and Jeffrey K . Hollingsworth . 2007 . Toward the deconstruction of dyninst. University of Wisconsin , Technical Report (2007). Giridhar Ravipati, Andrew R. Bernat, Nate Rosenblum, Barton P. Miller, and Jeffrey K. Hollingsworth. 2007. Toward the deconstruction of dyninst. University of Wisconsin, Technical Report (2007)."},{"key":"e_1_2_1_110_1","volume-title":"Compiler Construction","author":"Reps Thomas","unstructured":"Thomas Reps and Gogul Balakrishnan . 2008. Improved memory-access analysis for x86 executables . In Compiler Construction . Springer , 16--35. Thomas Reps and Gogul Balakrishnan. 2008. Improved memory-access analysis for x86 executables. In Compiler Construction. Springer, 16--35."},{"key":"e_1_2_1_111_1","volume-title":"Davidson","author":"Rodes Benjamin D.","year":"2013","unstructured":"Benjamin D. Rodes , Anh Nguyen-Tuong , Jason D. Hiser , John C. Knight , Michele Co , and Jack W . Davidson . 2013 . Defense Against Stack-based Attacks Using Speculative Stack Layout Transformation. Springer , Berlin, 308--313. Benjamin D. Rodes, Anh Nguyen-Tuong, Jason D. Hiser, John C. Knight, Michele Co, and Jack W. Davidson. 2013. Defense Against Stack-based Attacks Using Speculative Stack Layout Transformation. Springer, Berlin, 308--313."},{"key":"e_1_2_1_112_1","volume-title":"Proceedings of the USENIX Windows NT Workshop. 1--8.","author":"Romer Ted","year":"1997","unstructured":"Ted Romer , Geoff Voelker , Dennis Lee , Alec Wolman , Wayne Wong , Hank Levy , Brian Bershad , and Brad Chen . 1997 . Instrumentation and optimization of Win32\/Intel executables using Etch . In Proceedings of the USENIX Windows NT Workshop. 1--8. Ted Romer, Geoff Voelker, Dennis Lee, Alec Wolman, Wayne Wong, Hank Levy, Brian Bershad, and Brad Chen. 1997. Instrumentation and optimization of Win32\/Intel executables using Etch. In Proceedings of the USENIX Windows NT Workshop. 1--8."},{"key":"e_1_2_1_113_1","volume-title":"Proceedings of the Association for the Advancement of Artificial Intelligence (AAAI\u201908)","author":"Rosenblum Nathan E.","year":"2008","unstructured":"Nathan E. Rosenblum , Xiaojin Zhu , Barton P. Miller , and Karen Hunt . 2008 . Learning to analyze binary computer code . In Proceedings of the Association for the Advancement of Artificial Intelligence (AAAI\u201908) . 798--804. Nathan E. Rosenblum, Xiaojin Zhu, Barton P. Miller, and Karen Hunt. 2008. Learning to analyze binary computer code. In Proceedings of the Association for the Advancement of Artificial Intelligence (AAAI\u201908). 798--804."},{"key":"e_1_2_1_114_1","unstructured":"Hex-Rays SA. 2017. IDA-Pro. Retrieved from https:\/\/www.hex-rays.com\/products\/ida\/.  Hex-Rays SA. 2017. IDA-Pro. Retrieved from https:\/\/www.hex-rays.com\/products\/ida\/."},{"key":"e_1_2_1_115_1","volume-title":"Proceedings of the 9th Working Conference on Reverse Engineering. 45--54","author":"Schwarz B.","unstructured":"B. Schwarz , S. Debray , and G. Andrews . 2002. Disassembly of executable code revisited . In Proceedings of the 9th Working Conference on Reverse Engineering. 45--54 . B. Schwarz, S. Debray, and G. Andrews. 2002. Disassembly of executable code revisited. In Proceedings of the 9th Working Conference on Reverse Engineering. 45--54."},{"key":"e_1_2_1_116_1","volume-title":"Proceedings of the Workshop on Binary Translation (WBT\u201901)","author":"Schwarz Benjamin","year":"2001","unstructured":"Benjamin Schwarz , Saumya Debray , Gregory Andrews , and Matthew Legendre . 2001 . Plto: A link-time optimizer for the Intel IA-32 architecture . In Proceedings of the Workshop on Binary Translation (WBT\u201901) . Citeseer. Benjamin Schwarz, Saumya Debray, Gregory Andrews, and Matthew Legendre. 2001. Plto: A link-time optimizer for the Intel IA-32 architecture. In Proceedings of the Workshop on Binary Translation (WBT\u201901). Citeseer."},{"key":"e_1_2_1_117_1","volume-title":"Proceedings of the IEEE Workshop on Binary Translation.","author":"Scott Kevin","year":"2001","unstructured":"Kevin Scott and Jack Davidson . 2001 . Strata: A software dynamic translation infrastructure . In Proceedings of the IEEE Workshop on Binary Translation. Kevin Scott and Jack Davidson. 2001. Strata: A software dynamic translation infrastructure. In Proceedings of the IEEE Workshop on Binary Translation."},{"key":"e_1_2_1_119_1","doi-asserted-by":"publisher","DOI":"10.5555\/776261.776265"},{"key":"e_1_2_1_120_1","volume-title":"Proceedings of the USENIX Security Symposium. 611--626","author":"Richard Shin Eui Chul","year":"2015","unstructured":"Eui Chul Richard Shin , Dawn Song , and Reza Moazzezi . 2015 . Recognizing functions in binaries with neural networks . In Proceedings of the USENIX Security Symposium. 611--626 . Eui Chul Richard Shin, Dawn Song, and Reza Moazzezi. 2015. Recognizing functions in binaries with neural networks. In Proceedings of the USENIX Security Symposium. 611--626."},{"key":"e_1_2_1_121_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (SP\u201916)","author":"Shoshitaishvili Y.","unstructured":"Y. Shoshitaishvili , R. Wang , C. Salls , N. Stephens , M. Polino , A. Dutcher , J. Grosen , S. Feng , C. Hauser , C. Kruegel , and G. Vigna . 2016. SOK: (State of) The art of war: Offensive techniques in binary analysis . In Proceedings of the IEEE Symposium on Security and Privacy (SP\u201916) . 138--157. Y. Shoshitaishvili, R. Wang, C. Salls, N. Stephens, M. Polino, A. Dutcher, J. Grosen, S. Feng, C. Hauser, C. Kruegel, and G. Vigna. 2016. SOK: (State of) The art of war: Offensive techniques in binary analysis. In Proceedings of the IEEE Symposium on Security and Privacy (SP\u201916). 138--157."},{"key":"e_1_2_1_122_1","doi-asserted-by":"publisher","DOI":"10.1145\/151220.151227"},{"key":"e_1_2_1_123_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS\u201911)","author":"Slowinska Asia","year":"2011","unstructured":"Asia Slowinska , Traian Stancescu , and Herbert Bos . 2011 . Howard: A dynamic excavator for reverse engineering data structures . In Proceedings of the Network and Distributed System Security Symposium (NDSS\u201911) . Asia Slowinska, Traian Stancescu, and Herbert Bos. 2011. Howard: A dynamic excavator for reverse engineering data structures. In Proceedings of the Network and Distributed System Security Symposium (NDSS\u201911)."},{"key":"e_1_2_1_124_1","volume-title":"Proceedings of the USENIX Annual Technical Conference. 125--137","author":"Slowinska Asia","year":"2012","unstructured":"Asia Slowinska , Traian Stancescu , and Herbert Bos . 2012 . Body armor for binaries: Preventing buffer overflows without recompilation . In Proceedings of the USENIX Annual Technical Conference. 125--137 . Asia Slowinska, Traian Stancescu, and Herbert Bos. 2012. Body armor for binaries: Preventing buffer overflows without recompilation. In Proceedings of the USENIX Annual Technical Conference. 125--137."},{"key":"e_1_2_1_125_1","volume-title":"Proceedings of the 20th Working Conference on Reverse Engineering (WCRE\u201913)","author":"Smithson M.","unstructured":"M. Smithson , K. ElWazeer , K. Anand , A. Kotha , and R. Barua . 2013. Static binary rewriting without supplemental information: Overcoming the tradeoff between coverage and correctness . In Proceedings of the 20th Working Conference on Reverse Engineering (WCRE\u201913) . 52--61. M. Smithson, K. ElWazeer, K. Anand, A. Kotha, and R. Barua. 2013. Static binary rewriting without supplemental information: Overcoming the tradeoff between coverage and correctness. In Proceedings of the 20th Working Conference on Reverse Engineering (WCRE\u201913). 52--61."},{"key":"e_1_2_1_126_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89862-7_1"},{"key":"e_1_2_1_127_1","doi-asserted-by":"publisher","DOI":"10.1145\/1134760.1220166"},{"key":"e_1_2_1_128_1","doi-asserted-by":"publisher","DOI":"10.1145\/773473.178260"},{"key":"e_1_2_1_129_1","volume-title":"John Gilmore and David Henkel-Wallace","author":"Steve Chamberlain K. Richard Pixley","year":"1992","unstructured":"K. Richard Pixley Steve Chamberlain , John Gilmore and David Henkel-Wallace . 1992 . Binary File Descripor Library 2.29. Binutils package. Retrieved from https:\/\/sourceware.org\/binutils\/docs\/bfd\/. K. Richard Pixley Steve Chamberlain, John Gilmore and David Henkel-Wallace. 1992. Binary File Descripor Library 2.29. Binutils package. Retrieved from https:\/\/sourceware.org\/binutils\/docs\/bfd\/."},{"key":"e_1_2_1_130_1","volume-title":"RISCompiler and C Programmer\u2019s Guide. MIPS Computer Systems, 930 Arques Avenue","author":"Computer Systems MIPS","unstructured":"MIPS Computer Systems . 1986. RISCompiler and C Programmer\u2019s Guide. MIPS Computer Systems, 930 Arques Avenue , Sunnyvale, CA . MIPS Computer Systems. 1986. RISCompiler and C Programmer\u2019s Guide. MIPS Computer Systems, 930 Arques Avenue, Sunnyvale, CA."},{"key":"e_1_2_1_131_1","volume-title":"Proceedings of the 3rd Symposium on Operating Systems Design and Implementation.","author":"Tamches Ariel","unstructured":"Ariel Tamches and Barton P. Miller . 1999. Fine-grained dynamic instrumentation of commodity operating system kernels . In Proceedings of the 3rd Symposium on Operating Systems Design and Implementation. Ariel Tamches and Barton P. Miller. 1999. Fine-grained dynamic instrumentation of commodity operating system kernels. In Proceedings of the 3rd Symposium on Operating Systems Design and Implementation."},{"key":"e_1_2_1_132_1","unstructured":"Elfutils Developer Team. 2017. Retrieved from https:\/\/sourceware.org\/elfutils\/.  Elfutils Developer Team. 2017. Retrieved from https:\/\/sourceware.org\/elfutils\/."},{"key":"e_1_2_1_133_1","unstructured":"PaX Team. 2003. PaX address space layout randomization (ASLR). https:\/\/pax.grsecurity.net\/docs\/aslr.txt.  PaX Team. 2003. PaX address space layout randomization (ASLR). https:\/\/pax.grsecurity.net\/docs\/aslr.txt."},{"key":"e_1_2_1_134_1","unstructured":"Edward Terry. 2012. Using Liberator. Retrieved from http:\/\/ibm-1401.info\/1401-Competition.html#UsingLib.  Edward Terry. 2012. Using Liberator. Retrieved from http:\/\/ibm-1401.info\/1401-Competition.html#UsingLib."},{"key":"e_1_2_1_135_1","unstructured":"TI. 2009. Common Oject File Format. Application Report.  TI. 2009. Common Oject File Format. Application Report."},{"key":"e_1_2_1_136_1","doi-asserted-by":"publisher","DOI":"10.1145\/373574.373590"},{"key":"e_1_2_1_137_1","volume-title":"MADRAS: Multi-Architecture BInary Rewriting Tool. Technical Report.","author":"Valensi Cedric","year":"2013","unstructured":"Cedric Valensi . 2013 . MADRAS: Multi-Architecture BInary Rewriting Tool. Technical Report. Cedric Valensi. 2013. MADRAS: Multi-Architecture BInary Rewriting Tool. Technical Report."},{"key":"e_1_2_1_138_1","unstructured":"Valgrind Development Team. 2000. Valgrind. Retrieved from http:\/\/valgrind.org\/.  Valgrind Development Team. 2000. Valgrind. Retrieved from http:\/\/valgrind.org\/."},{"key":"e_1_2_1_139_1","doi-asserted-by":"publisher","DOI":"10.1145\/1108768.1108812"},{"key":"e_1_2_1_140_1","volume-title":"Code Generation\u2014Concepts, Tools, Techniques","author":"Wall David W.","unstructured":"David W. Wall . 1992. Systems for late code modification . In Code Generation\u2014Concepts, Tools, Techniques . Springer , 275--293. David W. Wall. 1992. Systems for late code modification. In Code Generation\u2014Concepts, Tools, Techniques. Springer, 275--293."},{"key":"e_1_2_1_141_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23225"},{"key":"e_1_2_1_142_1","volume-title":"Proceedings of the USENIX Conference on Security. 627--642","author":"Wang Shuai","year":"2015","unstructured":"Shuai Wang , Pei Wang , and Dinghao Wu . 2015 . Reassembleable disassembling . In Proceedings of the USENIX Conference on Security. 627--642 . Shuai Wang, Pei Wang, and Dinghao Wu. 2015. Reassembleable disassembling. In Proceedings of the USENIX Conference on Security. 627--642."},{"key":"e_1_2_1_143_1","doi-asserted-by":"publisher","DOI":"10.1145\/3081333.3081337"},{"key":"e_1_2_1_144_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382216"},{"key":"e_1_2_1_145_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420995"},{"key":"e_1_2_1_146_1","series-title":"Lecture Notes in Computer Science","volume-title":"Machine Learning and Knowledge Discovery in Databases","author":"Wartell Richard","unstructured":"Richard Wartell , Yan Zhou , Kevin Hamlen , Murat Kantarcioglu , and Bhavani Thuraisingham . 2011. Differentiating code from data in x86 binaries . In Machine Learning and Knowledge Discovery in Databases . Lecture Notes in Computer Science , Vol. 6913 . Springer , 522--536. Richard Wartell, Yan Zhou, Kevin Hamlen, Murat Kantarcioglu, and Bhavani Thuraisingham. 2011. Differentiating code from data in x86 binaries. In Machine Learning and Knowledge Discovery in Databases. Lecture Notes in Computer Science, Vol. 6913. Springer, 522--536."},{"key":"e_1_2_1_147_1","doi-asserted-by":"publisher","DOI":"10.1145\/103135.103136"},{"key":"e_1_2_1_148_1","doi-asserted-by":"publisher","DOI":"10.5555\/800078.802557"},{"key":"e_1_2_1_149_1","doi-asserted-by":"publisher","DOI":"10.1145\/358557.358577"},{"key":"e_1_2_1_150_1","volume-title":"Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201916)","author":"Williams-King David","year":"2016","unstructured":"David Williams-King , Graham Gobieski , Kent Williams-King , James P. Blake , Xinhao Yuan , Patrick Colp , Michelle Zheng , Vasileios P. Kemerlis , Junfeng Yang , and William Aiello . 2016 . Shuffler: Fast and deployable continuous code re-randomization . In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201916) . 367--382. David Williams-King, Graham Gobieski, Kent Williams-King, James P. Blake, Xinhao Yuan, Patrick Colp, Michelle Zheng, Vasileios P. Kemerlis, Junfeng Yang, and William Aiello. 2016. Shuffler: Fast and deployable continuous code re-randomization. In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201916). 367--382."},{"key":"e_1_2_1_151_1","volume-title":"Constructing precise control flow graphs from binaries","author":"Xu Liang","year":"2009","unstructured":"Liang Xu , Fangqi Sun , and Zhendong Su. 2009. Constructing precise control flow graphs from binaries . University of California , Davis, Tech . Rep ( 2009 ). Liang Xu, Fangqi Sun, and Zhendong Su. 2009. Constructing precise control flow graphs from binaries. University of California, Davis, Tech. Rep (2009)."},{"key":"e_1_2_1_152_1","unstructured":"Eric Youngdale. 1995. The ELF Object File Format: Introduction. Retrieved from http:\/\/www.linuxjournal.com\/article\/1059.   Eric Youngdale. 1995. The ELF Object File Format: Introduction. Retrieved from http:\/\/www.linuxjournal.com\/article\/1059."},{"key":"e_1_2_1_153_1","unstructured":"Jonas Zaddach. 2014. Libqemu GIT repository. Retrieved from https:\/\/github.com\/zaddach\/libqemu.  Jonas Zaddach. 2014. Libqemu GIT repository. Retrieved from https:\/\/github.com\/zaddach\/libqemu."},{"key":"e_1_2_1_154_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23099"},{"key":"e_1_2_1_155_1","doi-asserted-by":"publisher","DOI":"10.1145\/2484313.2484376"},{"key":"e_1_2_1_156_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.44"},{"key":"e_1_2_1_157_1","volume-title":"Proceedings of the 10th ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments (VEE\u201914)","author":"Zhang Mingwei","unstructured":"Mingwei Zhang , Rui Qiao , Niranjan Hasabnis , and R. Sekar . 2014. A platform for secure static binary instrumentation . In Proceedings of the 10th ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments (VEE\u201914) . ACM, New York, NY, 129--140. Mingwei Zhang, Rui Qiao, Niranjan Hasabnis, and R. Sekar. 2014. A platform for secure static binary instrumentation. In Proceedings of the 10th ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments (VEE\u201914). ACM, New York, NY, 129--140."},{"key":"e_1_2_1_158_1","volume-title":"Proceedings of the 22nd USENIX Conference on Security","volume":"13","author":"Zhang Mingwei","unstructured":"Mingwei Zhang and R. Sekar . 2013. Control flow integrity for COTS binaries . In Proceedings of the 22nd USENIX Conference on Security , vol. 13 . Mingwei Zhang and R. Sekar. 2013. Control flow integrity for COTS binaries. In Proceedings of the 22nd USENIX Conference on Security, vol. 13."}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3316415","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3316415","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:53:15Z","timestamp":1750204395000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3316415"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,6,18]]},"references-count":154,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2020,5,31]]}},"alternative-id":["10.1145\/3316415"],"URL":"https:\/\/doi.org\/10.1145\/3316415","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,6,18]]},"assertion":[{"value":"2018-05-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2019-02-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2019-06-18","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}