Leveraging program slicing to understand network traffic

Abstract

This project centers around utilizing the concept of backward slice analysis of a binary to reconstruct the contents of a function call. To that end, a suite of modular tools will be developed to enable an analyst to glean relevant information about what data a binary is accessing and what it is doing with it. Each tool plays a small role in this overall goal while also being capable standing on its own. This functionality has utility in a variety of applications including detection of unauthorized gathering of personal information, malicious use of private functions, and unknown network protocol analysis. These use cases will be discussed in the paper.