TWC: Small: A platform for enhancing security of binary code

TWC：小型：增强二进制代码安全性的平台

• 批准号: 1319137
• 负责人: Ramasubramanian Sekar
• 金额: $ 50万
• 依托单位: SUNY at Stony Brook
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2013
• 资助国家: 美国
• 起止时间: 2013-09-01 至 2018-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1319137&HistoricalAwards=false
• 关键词: TWC; Small; platform; enhancing; security

Cyberattacks are enabled by software vulnerabilities that allow attackers to plant software exploits. As old vulnerabilities are found and fixed, attackers continue to find new ones. As a result, software vendors, system administrators and security professionals have come to rely increasingly on techniques that insert additional code into software for detecting and/or blocking cyber attacks in progress. This process, called software instrumentation, can be applied to the broadest range of software if it operates on binary format in which most software is distributed, rather than on source code. Moreover, binary based techniques are more general: unlike source-codebased techniques, they are not limited to a particular programming language.One of the major challenges in binary instrumentation is the complexity of modern instruction sets. Accurate instrumentation requires the semantics of all instructions to be captured, since all of the analyses and transformations performed by the instrumentor are based on this semantics. Clearly, this is a daunting task even for a single architecture: the Intel manual describing the x86 instruction set runs to over 1500 pages describing over 1100 instructions. When this task is multiplied across different architectures such as ARM, PowerPC, SPARC, MIPS, etc, the effort involved becomes impractically large. This project will develop a novel approach that avoids the need for modeling instruction sets by leveraging knowledge embedded in retargetable code generators in today's compilers such as GCC. This approach not only simplifies the development of instrumentation, but also makes it applicable to all architectures for which a code generator is available. Using this approach, this project will develop a platform to support efficient, architecture-neutral static instrumentation of commercial off-the-shelf (COTS) binaries. Based on this platform, this project will develop several effective instrumentations for hardening software against common vulnerabilities.

网络攻击是由软件漏洞引发的，这些漏洞允许攻击者利用软件漏洞进行攻击。随着旧漏洞的发现和修复，攻击者会继续寻找新的漏洞。因此，软件供应商、系统管理员和安全专业人员越来越依赖于在软件中插入额外代码的技术来检测和/或阻止正在进行的网络攻击。这个过程称为软件检测，如果它以大多数软件分发的二进制格式而不是源代码运行，则可以应用于最广泛的软件。此外，基于二进制的技术更加通用：与基于源代码的技术不同，它们不限于特定的编程语言。二进制检测的主要挑战之一是现代指令集的复杂性。准确的检测需要捕获所有指令的语义，因为检测器执行的所有分析和转换都基于该语义。显然，即使对于单一架构来说，这也是一项艰巨的任务：描述 x86 指令集的英特尔手册有超过 1500 页，描述了超过 1100 条指令。当此任务跨不同架构（例如 ARM、PowerPC、SPARC、MIPS 等）进行倍增时，所涉及的工作量将变得大得不切实际。该项目将开发一种新颖的方法，通过利用当今编译器（例如 GCC）中可重定向代码生成器中嵌入的知识，避免对指令集进行建模的需要。这种方法不仅简化了仪器的开发，而且使其适用于可使用代码生成器的所有架构。使用这种方法，该项目将开发一个平台来支持商业现成 (COTS) 二进制文件的高效、架构中立的静态检测。基于该平台，该项目将开发几种有效的工具来针对常见漏洞强化软件。