Overview

Program analysis gives us an understanding of what programs are doing. Without that knowledge, it is impossible to properly assess the consequences of adding a particular application into the system and possible ramifications on its security, privacy, and integrity. However, typical program analysis requires the source code of a program, along with the toolchain and sometimes even a specification, the luxury that’s rarely available in real life. In real life, we have to deal with applications in their machine code representation, with scarce, if any, documentation. That turns analysis into a tedious and time-consuming work that requires a lot of expertise and experience. Fortunately, it could be automated and partially delegated to machines. Meet CMU BAP, the Binary Analysis Platform for writing automated program analysis tools that seamlessly work on various machine architectures. BAP also comes with many pre-built analyses that are easy to run and to tailor to the specific needs of an analyst. In this course, we will learn the basics of binary analysis, explore the vast set of tools included in BAP, and learn how to create new tools and adapt the existing one.

Instructor

Ivan Gotovchits

Duration

3, 6, 9, or 12 hours

Customizable?

The course is highly customizable based on the background and requirements of the target audience. We provide several versions with different durations and levels of detail.  In the 3-hour version, we will give a high-level overview of Binary Analysis, compare available tools, and teach the basics of binary analysis. We will use BAP along with the other state-of-the-art tools, such as Ghidra, IDA Pro, radare2, etc. In the 12-hour version of the course will teach how to adapt the existing BAP tools to the customer needs, how to specify security policies and develop new tools using BAP Lisp DSL, and even how to extend BAP using OCaml.

In-Person or Remote

Remote, in-person, and pre-recorded sections, hybrid, etc.

Intended Audience

This course targets security analysts, system integrators and administrators, project managers, and everyone who wants to get hands-on experience in security and program analysis.

Takeaways

  • Learn the basics of practical binary program analysis
  • Explore the state-of-the-art tools and understand their niche
  • Learn how to develop new tools and specify security policies

 

Course topics

  • The high-level overview of Binary Analysis
  • Modern state-of-the art tools
  • Using BAP and its existing tools
  • Writing you own security policies
  • Developing simple security checks
  • Adapting BAP to new architectures
  • Building custom security frameworks

Prerequisites

Depending on the course length and the level of detail. The overview doesn’t require any specific technical skills. The consequent topics will require basic linux skills and the most advanced topics will require some knowledge of programming.

Materials

Copies of presentations, code examples and artifacts will be freely available.

Contact us

To learn about our custom programs and any upcoming open enrollments, reach out to Michael Lisanti.