BinRec
Autor: | Cristiano Giuffrida, Stijn Volckaert, Michael Franz, Yeoul Na, Herbert Bos, Anil Altinay, Joseph Nash, Taddeus Kroes |
---|---|
Přispěvatelé: | Computer Systems, Network Institute, Systems and Network Security |
Rok vydání: | 2018 |
Předmět: |
Intermediate language
Symbolic execution Correctness Computer science Attack surface reduction Binary number 020207 software engineering 02 engineering and technology Attack surface Static analysis Binary lifting Feature (linguistics) LLVM 020204 information systems 0202 electrical engineering electronic engineering information engineering SDG 7 - Affordable and Clean Energy Pruning (decision trees) Rewriting Reduction (mathematics) Algorithm |
Zdroj: | Kroes, T, Altinay, A, Nash, J, Na, Y, Volckaert, S, Bos, H, Franz, M & Giuffrida, C 2018, BinRec : Atack surface reduction through dynamic binary recovery . in FEAST 2018-Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018 . Association for Computing Machinery, pp. 8-13, 2018 Workshop on Forming an Ecosystem Around Software Transformation, FEAST, held in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018, Toronto, Canada, 19/10/18 . https://doi.org/10.1145/3273045.3273050 FEAST 2018-Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018, 8-13 STARTPAGE=8;ENDPAGE=13;TITLE=FEAST 2018-Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018 |
DOI: | 10.1145/3273045.3273050 |
Popis: | Compile-time specialization and feature pruning through static binary rewriting have been proposed repeatedly as techniques for reducing the attack surface of large programs, and for minimizing the trusted computing base. We propose a new approach to attack surface reduction: dynamic binary lifting and recompilation. We present BinRec, a binary recompilation framework that lifts binaries to a compiler-level intermediate representation (IR) to allow complex transformations on the captured code. After transformation, BinRec lowers the IR back to a "recovered" binary, which is semantically equivalent to the input binary, but has its unnecessary features removed. Unlike existing approaches, which are mostly based on static analysis and rewriting, our framework analyzes and lifts binaries dynamically. The crucial advantage is that we can not only observe the full program including all of its dependencies, but we can also determine which program features the end-user actually uses. We evaluate the correctness and performance of Bin-Rec, and show that our approach enables aggressive pruning of unwanted features in COTS binaries. |
Databáze: | OpenAIRE |
Externí odkaz: |