Certain techniques for testing for the presence of malicious code within executables are based on the observation that system calls (syscalls) are a main pathway for exploits. The problem of generating a graph of syscalls of an executable is thus of importance in computer security. The present disclosure describes the generation of the syscall graph of a binary executable given a control flow graph of the executable. Along with a syscall graph, a set of potential asynchronous entry points into the graph is also returned.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.