Apr 12, 2022|
JD Explore Academy’s Qiling Framework Accepted in GSoC 2022
by Yiming Yan
The Qiling framework developed by the Shepherd Lab of JD Explore Academy has been accepted in GSoC (Google Summer of Code) 2022 after recommendation by The Honeynet Project.
Starting from 2005, GSoC has been devoted to helping contributors find open source projects. More than 18,000 students from 112 countries, who get help from 17,000 mentors of 746 open source organizations, have written more than 40M lines of code in fields they love.
The Qiling framework is an advanced binary emulation framework that supports many different platforms and architectures. The framework can help technicians in virtualizing a “non-physical” system environment in order to effectively launch vulnerability investigations. This will not only alleviate the inefficiency of low-power IoT, but it will also cut the cost of reverse learning in IoT.
Analyzing vulnerabilities through reverse engineering is a necessary topic for both IoT providers and the information security industry. While hacking attempts run on diverse operating systems and CPU architectures, traditional binary analysis approaches, on the other hand, find problems such as being costly and inaccurate.
Shepherd Lab breaks through the various restrictions of existing analysis methods and officially published Qiling, a dynamic binary analysis framework that can be utilized across platforms and CPU architectures. The framework can support dynamic binary instrumentation, which allows researchers to change the running behavior of target files at will, allowing them to run files of various formats and architectures and analyze various code pathways. Simply put, users can utilize the framework to deal with code obfuscation techniques without the source code and easily break down anti-reverse defenses of target files.
Compared to traditional dynamic binary analysis programs, the Qiling Framework can also run in multiple system platforms such as Linux, BSD, OSX or Windows. There is no limitation of CPU architecture.
Since its launch in 2019, nearly 100 volunteers around the world have contributed to the Qiling Framework, and it has been utilized to develop security tools by a number of international security institutions including Apple, Google, Microsoft, Dell, CAS, Tencent, and Huawei, etc.
The Qiling Framework development team will participate in GSoC as mentors to provide technical expertise to the participants. KaiJern, Director of The Shepherd Lab, welcomed the contributors: “We’d like to take this opportunity to invite future stars to join our journey in developing the community, and we’ll provide help in any way we can.”