Hackers of India

Automatic Program Analysis using Dynamic Binary Instrumentation (DBI)

By  Sunil Kumar  on 25 Feb 2011 @ Nullcon

Abstract

Dynamic Binary Instrumentation (DBI) involves analyzing the behavior of binary executables by injecting certain instrumentation code at runtime. DBI has a lot of applications in Computer Security particularly in Malware Analysis, Vulnerability Research, Fuzzing etc. We will discuss the advantages of DBI and show case few of the niche areas in Computer Security where DBI is used extensively. In this paper we will briefly introduce PIN, a heavy weight DBI framework developed by Intel. We will cover the various APIs in PIN along with sample code to briefly describe a typical PIN Tool. Finally we will walk through PIN by describing our runtime behavior analysis tool for Malware Research in detail.