BinRec

Autor: Cristiano Giuffrida, Stijn Volckaert, Michael Franz, Yeoul Na, Herbert Bos, Anil Altinay, Joseph Nash, Taddeus Kroes
Přispěvatelé: Computer Systems, Network Institute, Systems and Network Security
Rok vydání: 2018
Předmět:
Zdroj: Kroes, T, Altinay, A, Nash, J, Na, Y, Volckaert, S, Bos, H, Franz, M & Giuffrida, C 2018, BinRec : Atack surface reduction through dynamic binary recovery . in FEAST 2018-Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018 . Association for Computing Machinery, pp. 8-13, 2018 Workshop on Forming an Ecosystem Around Software Transformation, FEAST, held in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018, Toronto, Canada, 19/10/18 . https://doi.org/10.1145/3273045.3273050
FEAST 2018-Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018, 8-13
STARTPAGE=8;ENDPAGE=13;TITLE=FEAST 2018-Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018
DOI: 10.1145/3273045.3273050
Popis: Compile-time specialization and feature pruning through static binary rewriting have been proposed repeatedly as techniques for reducing the attack surface of large programs, and for minimizing the trusted computing base. We propose a new approach to attack surface reduction: dynamic binary lifting and recompilation. We present BinRec, a binary recompilation framework that lifts binaries to a compiler-level intermediate representation (IR) to allow complex transformations on the captured code. After transformation, BinRec lowers the IR back to a "recovered" binary, which is semantically equivalent to the input binary, but has its unnecessary features removed. Unlike existing approaches, which are mostly based on static analysis and rewriting, our framework analyzes and lifts binaries dynamically. The crucial advantage is that we can not only observe the full program including all of its dependencies, but we can also determine which program features the end-user actually uses. We evaluate the correctness and performance of Bin-Rec, and show that our approach enables aggressive pruning of unwanted features in COTS binaries.
Databáze: OpenAIRE