With the analysis of binary code once again becoming relevant due to the proliferation of interconnected embedded devices, the subfield of binary analysis techniques has recently undergone a renaissance. Over the last few years, well over a dozen binary analysis frameworks were produced and released by well over a dozen research groups (with more developed by private enterprise), putting the world in a situation where there are more seriously-developed binary analysis frameworks than there are web browsers. Of course, the situation has not been ignored by funding agencies, with massive grants, featuring binary analysis, being funded around the world. To drive the point home, last year’s DARPA Cyber Grand Challenge turned automatic binary analysis, exploitation, and defense into something resembling a spectator sport.

This binary analysis gold rush has taken place in a mostly uncoordinated manner, with some researchers meeting up on an ad-hoc basis at conferences and other research groups working in obscurity and isolation. As a result, while commonly-adapted solutions to some problems have emerged, there is very little actual sharing and solution reuse among tools. This has resulted in missing tool functionality (for example, some open source research prototypes support wide ranges of architectures that others do not, even though all of the code involved is open source) and needlessly duplicated effort (for example, Miasm, Manticore, and angr all separately implement conceptually identical function summaries to simplify analysis of library code and to emulate system calls) and has hampered the adoption of fundamental scientific advances in the field.

The BAR aims to provide an interaction point for researchers doing work in binary program analysis, with half of the workshop dedicated to traditional paper sessions and the other half to a roundtable discussion among researchers, implementers, and end-users of binary analysis techniques. To this end, we welcome submissions on all aspects of binary analysis, including security, reverse engineering, visualization, AI and machine learning, program analysis theories, human factors, gamification, tooling, and transition from research. We are especially interested in the practicality of submitted papers.

Topics of interest include, but are not limited to:
– Building blocks of binary analysis (slicing, taint tracking, summarization, rewriting, formal methods).
– Automated binary hardening (against vulnerabilities and against analysis).
– Binary analysis to assist humans (visualization, ui/ux design).
– Human assistance to binary analysis (i.e., human-assisted cyber reasoning systems).
– Modeling and discovering non-memory vulnerabilities (information leaks, side-channels).
– Automatic exploitation.
– Fundamental capabilities (root-cause analysis).
– Non-trivial targets (real-world binaries, embedded devices, beyond binary code).
– Binary analysis for CTF competitions.
– Artificial intelligence, machine learning and binary analysis.
– Environment modeling for binary analysis.
– Transition from research prototype to industry-grade tool (and practical problems thereof).
– Improving the scalability of automated binary analysis techniques.
– Interaction and integration of tools.
– Reports of and lessons-learned from applying previous approaches or replicating published papers.

Important Dates

Paper Submission: 08 December 2017
Acceptance notification: 13 January 2018
Workshop: 18 February 2018 (co-located with NDSS 2018)


Catamaran Resort Hotel & Spa, San Diego, California, United States.

Submission Instructions

All papers must be written in English. Papers must be formatted for US letter size paper in a two-column layout, with columns no more than 9.25 inch high and 3.5 inch wide. The text must be in Times font, 10-point or larger, with 11-point or larger line spacing. If possible, authors should use the templates provided by NDSS.

We invite both full papers and short papers. Full papers should have no more than 10 pages in total (excluding references and appendices). Short papers must have less than 6 pages (again, excluding references and appendices), and can be about work-in-progress and novel ideas. Short papers will be selected based on their potential to spark interesting discussions during the workshop.

Submissions do not have to be anonymized for review.

The workshop proceedings will be published by the Internet Society after the workshop.

Please send submissions to: <To be announced>

Program Committee Chairs

Yan Shoshitaishvili, Arizona State University
Ruoyu “Fish” Wang, University of California, Santa Barbara