LAUSR

How to efficiently and reasonably analyze binary programs has always been the primary issue in the field of software security. As for the stack, the current technology has begun to show limitations on various conditions. In this work, we will introduce a technique for intelligently detecting the stack space and operating its readable and writable area (referred to as stack pollution). We innovatively defined the concept of “stack pollution” and raised the level of analysis from byte level to instruction level: Control flow recovery and instruction promotion based on the McSema tool. The “stack pollution” technology is a process of intelligently and intact “polluting” the required research space objects, solving the three stack space constraints by modifying SEM (semantic functions) interpretation of the instructions in the promotion process.