KAIST Develops Next Generation Binary Analysis Platform B2-R2

Over the past three years, Cha Sang-gil, a professor of School of Computing of KAIST, and his students have developed B2-R2, a technique for analyzing vulnerabilities in binary code using artificial intelligence technology with Cybersecurity Research Center(Director Professor Kim Yong-dae of Electrical and Electronic Engineering).

B2-R2 is a performance system of 'Automatic Reverse Engineering and Vulnerability Detection-Based Technology Development' that is a research project by the Ministry of Science and ICT that can be used in various computer security areas such as ▲software security vulnerability analysis ▲Analysis of malicious code ▲Releasing obfuscation ▲Security Patch ▲Automatic Creation of Exposure plot.

Compared to the binary analysis systems developed overseas, B2-R2 system is highly utilized (available on all operating systems such as Windows, Linux, Mac, Android, iOS) and has at least 2 to 100 times the analysis speed and maximizes the ease of analysis using the latest functional language, F#, and has a variety of interfaces with 32 programming languages. Not only is it the first binary code analysis system in Korea, but it also surpasses the BAP of Carnegie Mellon University and Angr of UCSB, which lead the field.

The importance of binary analysis technology, known through ‘Next Generation binary analysis platform B2-R2 Technology Explanation Conference’ on Dec. 4, has become widely known through the Cyber Grand Challenge (CGC), the world's first computer-to-computer hacking attack and defense competition hosted by the Defense Department of Defense (DARPA) in 2016.

With various security threats such as malicious code, APT attack, and DDoS attack being carried out by human hackers, the competition has become a signal for the emergence of AI-based machine hackers and can be understood as a core technology to prepare for a paradigm shift for information protection of the fourth industrial revolution.

Professor Cha Sang-gil is known to be the main author who designed the core engine of the CGC championship, Mayhem, which was held in the U.S. and won the title by overwhelming margin at 2018 Information Security R&D Data Challenge Auto Detect based on AI, a Korean version of the CGC, on November 30. It is known that at the center of the system used for the contest by Cha Sang-gil B2-R2 technology which he developed with KAIST students for three years.

According to information protection experts, KAIST's Cha Sang-gil team has secured key technologies in the field of 'automatic detection and response of AI-based vulnerabilities' that surpasses the world's highest level through this technical briefing and domestic competitions.