Originally published on arxiv.org.
Authors:
Eric M. Schulte, Jonathan Dorn, Antonio Flores-Montoya, Aaron Ballman and Tom Johnson
GTIRB is an intermediate representation for binary analysis and rewriting tools including disassemblers, lifters, analyzers, rewriters, and pretty-printers. GTIRB is designed to enable communication between tools in a format that provides the basic information necessary for analysis and rewriting while making no further assumptions about domain (e.g., malware vs. cleanware, or PE vs. ELF) or semantic interpretation (functional vs. operational semantics). This design supports the goals of (1) encouraging tool modularization and re-use allowing researchers and developers to focus on a single aspect of binary analysis and rewriting without committing to any single tool chain and (2) facilitating communication and comparison between tools.