Agentic Binary Analysis
COM3 Level 2
MR25, COM3 02-70
Abstract
Binary analysis remains a cornerstone of cybersecurity, yet it often demands deep expertise, extensive manual effort, and tool-specific knowledge. Dr.Binary addresses these challenges by introducing an LLM-centric approach to binary analysis. Leveraging recent advances in large language models (LLMs), we propose a system where the LLM serves as both planner and analyst, orchestrating tool execution and reasoning over intermediate results. To bridge the gap between binary analysis tools and the LLM, we leverage Model Context Protocol (MCP) that exposes key capabilities—such as disassembly, taint tracking, symbolic execution, and diffing—through structured, interpretable interfaces. This setup also allows the LLM to execute autonomous analysis scripts within a sandboxed environment, guided by user intent and forensic context. We demonstrate the applicability of this framework in use cases such as ransomware analysis, patch-based triage, and backdoor detection. Our early results show great promise and shed light on future directions.
Bio:
Dr. Heng Yin is a Professor in the Department of Computer Science and Engineering at University of California, Riverside, and the founder of Deepbits Technology (a cybersecurity startup). He obtained his PhD degree from the College of William and Mary in 2009. His research interests lie in computer security, with an emphasis on binary code analysis. His publications appear in top-notch technical conferences and journals, such as S&P, CCS, USENIX Security, NDSS, ISSTA, ICSE, TSE, TDSC, etc. His research is sponsored by National Science Foundation (NSF), Defense Advanced Research Projects Agency (DARPA), Air Force Office of Scientific Research (AFOSR), and Office of Navy Research (ONR), and Department of Homeland Security (DHS). In 2011, he received the prestigious NSF Career award. He received Google Security and Privacy Research Award, Amazon Research Award, RAID Best Paper Award, DSN Distinguished Paper Award, and ISSTA Distinguished Paper Award.