Certain techniques for testing for the presence of malicious code within executables are based on the observation that system calls (syscalls) are a main pathway for exploits. The problem of generating a graph of syscalls of an executable is thus of importance in computer security. The present disclosure describes the generation of the syscall graph of a binary executable given a control flow graph of the executable. Along with a syscall graph, a set of potential asynchronous entry points into the graph is also returned.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Boulgakov, Alexandre, "Static system-call graph generation", Technical Disclosure Commons, (June 21, 2018)