Computer security analysis through decompilation and high-level debugging

The extensive use of computers and networks worldwide has raised the awareness of the need for tools and techniques to aid in computer security analysis of binary code, such as the understanding of viruses, trojans, worms, back-doors and general security flaws, in order to provide immediate solutions with or without the aid of software vendors. This paper is a proposal for a high-level debugging tool to be used by computer security experts, which will reduce the amount of time needed in order to solve security-related problems in executable programs. The current state of the art involves the tracing of thousands of lines of assembly code using a standard debugger. A high-level debugger would be capable of displaying a high-level representation of an executable program in the C language, hence reducing the number of lines that need to be inspected by an order of magnitude (i.e. hundreds instead of thousands of lines). Effectively, these techniques will help in reducing the amount of time needed to trace a security flaw in an executable program, as well as reducing the costs of acquiring or training skilled assembler engineers.