Carter Yagemann

Assistant Professor of Computer Science and Engineering at the Ohio State University with interests in automated vulnerability discovery, root cause analysis, exploit prevention, and cyber-physical security.

DiscScope Decompiler Study to Appear in ASIACCS 2025


My coauthors and I will be presenting the paper "An Empirical Study of C Decompilers: Performance Metrics and Error Taxonomy" at ACM ASIACCS 2025 in August. Below is a preview of the abstract:

Decompilation aims to simplify reverse engineering by transforming binary code into a high-level representation, such as C-like code. To determine the current progress towards perfect decompilation, and to identify and quantify open problems for future work, we perform the first comprehensive empirical study on state-of-the-art C decompilers using our framework, DiscScope, which employs symbolic execution and differential analysis to spot discrepancies in decompilation at intermediate program states, pinpointing the exact location where the decompiler makes errors. Using DiscScope and a dataset we built containing benign and malicious real-world programs, we measure the current performance of decompilers in a realistic setting. Our dataset contains programs compiled with different compilers (GCC and Clang) and with 7 different optimization levels. Manual validation of DiscScope shows that it is 96.3% accurate in identifying diverged and equivalent decompilation, which we then use to analyze 1,081,413 total decompiler outputs to build and quantify a taxonomy of open problems.