Binary Code Analysis on OS Kernels: Techniques and Applications

Speaker: Dr. Zhiqiang Lin, University of Texas at Dallas

Being a basic means for the understanding of program logics,binary code analysis has been used in many security applications such as malware analysis, vulnerability discovery, protocol reverse engineering, and digital forensics.  However, tons of efforts in binary code analysis have been focusing on analyzing user level software, with significant less attention on kernel binary. In this talk, Dr. Lin would like to talk about a line of efforts of how to use dynamic binary code analysis on OS kernels to solve a unique problem in virtualization, namely the semantic gap problem. This problem exists because at the hypervisor layer, the view is too low level, and there is no semantic abstraction such as files, APIs and system calls. Therefore, hypervisor layer programmers often have to manually bridge the semantic gap while developing introspection software. Through dynamic binary code analysis, Dr. Lin will talk about how to automatically bridge the semantic gap with a number of program analysis techniques from the hypervisor layer, and demonstrate a set of new applications, such as using the native command for guest-OS introspection, and automated guest-OS management.

Bio:

Dr. Zhiqiang Lin is an assistant professor at the University of Texas at Dallas. He received his PhD from the department of computer science at Purdue University in 2011. Dr. Lin's primary research interests are systems and software security, with an emphasis of developing program analysis techniques and applying them to various security applications including virtual machine introspection, vulnerability discovery, and memory forensics. Dr. Lin is a recipient of the NSF CAREER award and the AFOSR Young Investigator award.