NSF-funded project aims to mitigate malware and viruses by making them easily understandable


April 25, 2022

As the software development landscape evolves, new security vulnerabilities are surfacing. Traditionally, a software’s source code could shed light on its vulnerabilities, but acquiring high-quality source code for the purpose of finding weaknesses can be difficult because of “compiling.”

Compiling refers to the process of transforming and optimizing a program’s source code to generate a final executable, which is a file that causes a computer to perform indicated tasks according to the encoded instructions. While an executable performs well and runs quickly on computers, it no longer has any information about the original source code. Assistant Professor Ruoyu (Fish) Wang has received National Science Foundation recognition and financial support for his work to mitigate the effects of malware and computer viruses by making them easily understandable. The research results may enable analysts and researchers to uncover source code in a manner that identifies vulnerabilities. Photo by Erika Gronek/ASU Download Full Image

Today, more and more software is developed in high-level programming languages, such as C++, Go and Rust, because of their many advantages, including higher development speed and better software engineering practices. Most importantly, programs written in high-level languages are compiled into machine code, the elemental language of computers, and will execute on computers at what is known as native speed. Executing at native speed allows for the fastest results.

Unfortunately, cybercriminals have also joined the transition to high-level programming, meaning a growing number of computer viruses and malware are programmed using these languages. And existing techniques do not allow security analysts and researchers to uncover malevolent source code with satisfactory quality.

However, existing techniques do not allow security analysts and researchers to uncover source code with satisfactory quality.

Ruoyu (Fish) Wang, an assistant professor of computer science and engineering in the Ira A. Fulton Schools of Engineering at Arizona State University since 2018, is addressing this security concern with a 2022 National Science Foundation Faculty Early Career Development Program (CAREER) Award by discovering new techniques for recovering source code, a process known as decompilation.

“My project will develop a set of generic, automated decompilation techniques that transform these viruses and malware samples into accurate, concise and human-readable source code,” Wang says. “As an added benefit, this project will enable software hardening and vulnerability mitigation without accessing the high-level language source code of software, which will help improve the security portfolio in scenarios where legacy software is in use.”

Researchers have worked on binary decompilation for more than 25 years, yet a critical problem that continues to hinder progress is the lack of a clear metric to evaluate the output quality.

“A fundamental problem, as I see it, is that decompilation can lead to many different end goals, such as software behavior analysis, vulnerability discovery, generic hardening, patching and recompilation,” Wang says. “These goals may have vastly different requirements on various aspects of the output.”

Along with his students and colleagues in the School of Computing and Augmented Intelligence, one of the seven Fulton Schools, Wang will first develop a set of objectives under each end goal, then create standardized metrics for evaluating the quality of decompilation output.

“Guided by these metrics, we will develop novel techniques that will transform machine code into a high-level intermediate language known as angr IL, or AIL,” Wang says. “With different end goals, we may have different focuses or make different compromises during code transformation.”

The development of a new decompiler for each high-level programming language can be tedious and expensive. With that in mind, Wang and his team will aim to automatically generate programming-language-specific decompilation transformation rules by using a novel technique called Compiler Transformation Inference and Inversion, or CTII.

“We will use the latest progress in the fields of natural language processing and evolutionary computation to assist with the generation of these transformation rules,” Wang says. “We will open source all research artifacts under this award. The foundation of our research, angr and angr decompiler, are already available on GitHub.”

Wang’s research will take place in ASU’s Laboratory of Security Engineering for Future Computing, known as SEFCOM. Wang credits the skilled reputations of his SEFCOM colleagues — Assistant Professor Yan Shoshitaishvili, Associate Professor Adam Doupé and Assistant Professor Tiffany Bao — all of whom are computer science and engineering faculty in the School of Computing and Augmented Intelligence, as one of the reasons his project received NSF funding.

“Our team is well known in the computer security community for conducting open, usable and reproducible research in binary analysis,” Wang says. “I like to work with fun and awesome people who share similar ideologies, and I firmly believe that modern systems research is only possible via a coordinated team effort. My colleagues and I form a great team at SEFCOM and ASU, and I do not see any possibility to enjoy the same level of productivity through teamwork anywhere else.”

Erik Wirtanen

Web content comm administrator, Ira A. Fulton Schools of Engineering

480-727-1957

Grad's global mindset influenced enrollment in Thunderbird program


April 25, 2022

Editor's note: This story is part of a series of profiles of notable spring 2022 graduates.

Korean by birth and American by citizenship, Jai Choi has always looked at the world from multiple perspectives. The Master of Global Management from the Thunderbird School of Global Management at Arizona State University appealed to him for that exact reason.  Jai Choi Jai Choi will graduate this spring with a Master of Global Management from The Thunderbird School of Global Management at Arizona State University. Download Full Image

“The global mindset that Thunderbird aspires for, drew me to the program and its people,” said Choi, a recipient of both the Thunderbird Alumni Scholarship and Dave Fisher and Mitch Kanai Scholarship. 

“I wanted to learn from others who had success in creating economic engines in different global contexts and challenges. I wanted to be a part of where Thunderbird was going.” 

Now, as Choi graduates this spring, he has some advice for students just beginning their education at Thunderbird. His recommendation? Don’t take anything for granted.

“Take the time at Thunderbird as a precious gift," he said. "It is an opportunity for relationships, paradigm shifts and amassing fundamental skills for our dynamic world.

"Consume the knowledge as life-giving nutrients and learn to digest the content thoughtfully and sift for insights towards problems you see around you. Read all the assignments that professors have thoughtfully curated for their content. And finally, enjoy the pub.”  

Question: Which professor taught you the most important lesson while at Thunderbird?

Answer: This is a difficult question because I have learned fundamentally important things from every professor and class that I have taken. I appreciated the welcome and open doors that each professor demonstrated to students. They each opened new worlds of mindset and possibilities for us. They taught us to ask good questions and think. We learned practical skills to navigate the cultures and personalities. They encouraged us to start and create rather than follow. Yet, they also taught us to learn to be good followers and to respect the ecosystem of leadership necessary in any worthwhile endeavors.

Q: What has your experience at Thunderbird been like?

A: As a mid-career person, I was probably the oldest student in my class. Yet, I only experienced inclusion and friendship from my peers. I appreciated the learning mindset of everyone and was grateful to be in a community with future leaders who will impact and influence globally. I look forward to continuing to be in a network of alumni and sharing the trajectory as lifelong learners together.  

Q: For what in your life do you feel most grateful?

A: I am grateful for the opportunity to be a learner. I have had the opportunity to learn at Thunderbird from some of the finest practitioners and thinkers in the world of international commerce, whose mission is to make the world a better place for everyone. I only wish that more people in the world have had the opportunities that I have had. It grieves me to realize the majority of the world population has yet to realize their full potential simply because of a lack of opportunities. I hope to be part of the solution to change this problem of unequally distributed opportunities.

Mary Hess

Digital communications specialist, Thunderbird School of Global Management