Objective
We propose a research program (Rossetta) towards reverse engineering of complex software that is available only in binary form. Most of the commercial software industry assumes that compilation (the translation of source code to binary code), is irreversible in practice for real applications. The research question for Rosetta is whether this irreversibility assumption is reasonable. If successful, the project will have a major impact on the software industry.
The challenge is daunting, because binary code after compilation lacks most of the visible structure and semantic information that is available at the source code level. There is no definition of data structures, no helpful names of variables and functions, no semantic information, and no indication of what chunks of instructions are supposed to do.
However, the Rosetta project has a clear methodology for source recovery. Reverse engineering is approached as an iterative process with an initial focus on recovering data structures, followed by recovery of code. We combine static and dynamic techniques with usage monitoring and machine learning. A key insight is that even if all visible structure has been removed from the data in memory, the structures will still be *used* in a way that corresponds to the source code. By observing the use of data and application of machine learning techniques, we will recover both the data and the source.
We store all information that we uncover in the Rosetta database. The database provides a handle on both the data structures and large sections of the code (and at various levels of abstraction). We believe that our methods will allow reverse engineering of very complex commercial software. Doing so will be our main criterion for success. In addition, however, we propose to demonstrate the usefulness of our analysis by automatically hardening software (to make it resilient against many types of attack) without requiring any access to the source co
Fields of science (EuroSciVoc)
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: https://op.europa.eu/en/web/eu-vocabularies/euroscivoc.
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: https://op.europa.eu/en/web/eu-vocabularies/euroscivoc.
- natural sciences computer and information sciences software
- natural sciences computer and information sciences databases
- natural sciences computer and information sciences artificial intelligence machine learning
You need to log in or register to use this function
We are sorry... an unexpected error occurred during execution.
You need to be authenticated. Your session might have expired.
Thank you for your feedback. You will soon receive an email to confirm the submission. If you have selected to be notified about the reporting status, you will also be contacted when the reporting status will change.
Programme(s)
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Topic(s)
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Call for proposal
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
ERC-2010-StG_20091028
See other projects for this call
Funding Scheme
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Host institution
1081 HV Amsterdam
Netherlands
The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.