Analyzing a binary code — the code executed by a machine — is a tricky task. In most cases, before such analysis, binary code needs to be disassembled and then decompiled into a high-level representation.
This post introduces a short series on my pointer analysis posts. Pointer analysis algorithms are used to identify, with a given accuracy, those memory areas which variables or expressions may point to. Without information about pointers, it is almost impossible to analyze pointer-intensive programs (i.e. those written in any modern language, such as C, C++, C#, Java, Python, etc.).
Some time ago, we looked at turning black to white and how decompilation would be used in industrial systems, with our analysis involving discussion of two practical aspects: legacy system algorithm reconstruction and backdoor detection.
System source code unavailability has affected many enterprises, especially oil and gas and energy companies that actively use SCADA systems in their production processes. However, the losses suffered by such companies if an attack hits the target are inducing banks, insurers, retailers and other businesses to go proactive.
