TWC: TTP Option: Medium: Collaborative: ENCORE - ENhanced program protection through COmpiler-REwriter cooperation

TWC：TTP 选项：中：协作：ENCORE - 通过 COmpiler-REwriter 合作增强程序保护

• 批准号: 1513783
• 负责人: Mathias Payer
• 金额: $ 40.37万
• 依托单位: Purdue University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-07-01 至 2019-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1513783&HistoricalAwards=false
• 关键词: TWC; TTP; Option; Medium; Collaborative

Critical errors in widely used software are discovered almost every day. They currently leave users of that software vulnerable to cyber attacks until the manufacturer eventually supplies a fix - sometimes this takes unacceptably long. There currently is no way that users of commercial off-the-shelf software that is distributed as binary code can go and fix such vulnerabilities themselves, ex post facto, because software is not easily changeable once it has been compiled to binary form. This research project investigates techniques for enabling consumer-side rewriting of binary software. The approach is appealing because it can be deployed quickly in response to new threats, without waiting for code-producers, and can enforce consumer-specific security policies unsupported or unforeseen by the software?s developers. If successful, this research will lead to significant improvements in software security.Consumer-side binary rewriting is currently not feasible because binary files don't contain enough information to do it safely. On the other hand, code producers don't want to reveal too many implementation details of their code due to intellectual property and software piracy concerns. The key goal of this project is to enable code producers to supplement their binary code with a small amount of metadata that can be used, consumer-side, to perform sophisticated binary rewriting, but without disclosing much extra information about the internal working of the code and without making reverse-engineering much easier than before. The project will produce a prototype implementation consisting of a producer-side metadata derivation engine, and a consumer-side binary rewriting engine using this metadata to safely perform binary code manipulation.

几乎每天都会发现广泛使用的软件中的严重错误。目前，该软件的用户很容易受到网络攻击，直到制造商最终提供修复程序 - 有时这需要花费令人无法接受的时间。目前，以二进制代码形式分发的商业现成软件的用户无法事后自行修复此类漏洞，因为软件一旦编译为二进制形式就不容易更改。该研究项目研究支持消费者端重写二进制软件的技术。这种方法很有吸引力，因为它可以快速部署以响应新的威胁，而无需等待代码生成者，并且可以执行软件开发人员不支持或不可预见的特定于消费者的安全策略。如果成功，这项研究将显着提高软件安全性。消费者端二进制重写目前还不可行，因为二进制文件不包含足够的信息来安全地进行重写。另一方面，由于知识产权和软件盗版问题，代码制作者不想透露太多代码的实现细节。该项目的主要目标是使代码生产者能够使用少量元数据来补充其二进制代码，这些元数据可在消费者端使用，以执行复杂的二进制重写，但不会泄露有关代码内部工作的太多额外信息并且不会使逆向工程比以前容易得多。该项目将产生一个原型实现，其中包括生产者端元数据派生引擎和消费者端二进制重写引擎，使用此元数据安全地执行二进制代码操作。