Towards Transformation-Based Legacy Software Fitness: Usage-Driven Binary Debloating and Hardening

Abstract

MotivationCommodity software programs tend to have a large number of complex features for generality and versatility purposes. We a"rgue that this ~one-size-fits-all~ practice is not desirable in dynamic, missionoriented environments, where the feature(s) needed f""rom a program are dynamically determined by the specific usage scenario and context. Moreover, the ~feature bloat~ in legacy program""s has led to both nontrivial performance overhead and a large attack surface.Meanwhile, the built-in protection for commodity softw""are against cyber attacks is static and uniform, lacking configurability, timeliness, and completeness (ofattack coverage) for lega""cy programs. In light of the status quo of software consumption and protection, we are motivated to explore a new paradigm andtechn""iques to improve the ~fitness~ of legacy software, first by ~losing weight~ (i.e., removing unwanted features) and then by ~building"" muscles~ (i.e., hardening its defenses), without deep involvement of software vendors who may no longer support the software (i.e.,"" empowering code consumers). More importantly, we hope such ~fitness training~ to be driven dynamically by different usage contexts/""environments for the same software.Proposed ResearchTo realize usage-driven legacy software fitness, we propose an integrated fra"mework for consumer-side binary program transformation called Cybertron. It allows software consumers to perform usage-specific debl"oating and hardening of legacy software binaries, so that they can execute with smaller (debloated) footprint and stronger defenses."" Cybertron integrates both static and dynamic binary analysis and transformation, and consists of three main components: (1) an off-"line binary analysis component for deriving meta-data about a binary program; (2) an off-line binary debloating component for identifying and removing(unwanted) feature-implementing code; and (3) a runtime binary hardening and hot-patching component for performin"g selected (dynamic) attack defense operations. This research will develop a number of novel techniques to enable Cybertron, includi""ng (1) hybrid (static+dynamic) binary analysis with common, LLVM IR-based meta-data; (2) dual slicing for feature code identificatio"n at function and intra-function granularity; (3) dynamic binary translation for efficient enforcement of defense mechanisms and policies; and (4) analysis and transformation of software patches for debloated and hardened binaries.Innovative Claims and ImpactsC"ybertron represents a new software production-consumption paradigm that involves post-production, consumer-side transformations of c""ommodity software, which breaks away from the static, ~one size fits all~ paradigm. Our effort is aligned with the vision of creatin"g a software transformation framework and ecosystem for better performance and stronger security. The aforementioned enabling techni"ques are among the first in the software security community. With high Naval relevance, our proposed framework and techniques are ex""pected to help improve the security, agility,and cost-effectiveness of the Navy~s cyber assets and infrastructures, especially for" legacy COTS software systems. Maintaining legacy software fitness will help elevate its robustness and survivability in the face of" cyber attacks in a wide range of operation contexts: from training missions to active engagements, from shore to off-shore, and fro"m friendly to hostile waters.

Document Details

Document Type

DoD Grant Award

Publication Date

May 05, 2017

Source ID

N000141712513

Entities

Tags