Trimming and Shaping Binaries for Improved Security

Abstract

Software has become complex, layered, and interconnected. Software systems control almost every aspect of ourcritical infrastructur""e from the power grid, to air traffic, to financial networks.Software engineers are relying increasingly on third-party libraries a"nd software frameworks to implement complexfunctionality and perform code re-use. Even though the use of frameworks and reusable co"mponents helps inmanaging the complexity of modern software systems, this trend has had a negative impact on both security andperf""ormance. Like any other pieces of code, libraries and frameworks contain bugs, and some of these bugs can beexploited, introducing" vulnerabilities in applications using these components.Since third-party libraries and frameworks are made to be used by a wide va"riety of applications, the common case isthat an application does not use all of the functionality provided by these components. Th""at is, there exists functionalityin the third-party library or framework that is ""dead code"" because of how the component is used b""y the application.This dead code increases the security exposure of an application.On the performance side of the equation, excess""ive use of third-party frameworks and libraries causes ""API bloat"",draining performance as control flow makes its way through layer"s of API abstraction before triggering actualfunctionality.The bloat problem does not only affect programs and applications in iso"lation. Clients and servers are usuallydeveloped to interact with a very diverse set of counterparts, since all the possible intera"ctions are unknown.It is clear that the problem of code bloat and security exposure can be attacked along two axes: one axis is the" ""type""of the transformation, while the other axis is the ""scope"" of the transformation. More precisely, a type of transformationc""an ""trim"" code, or can ""reshape"" the code being executed while preserving the desired functionality. On the other axis,an approach"" can operate on a single program (including the associated libraries and frameworks), or a group ofprograms. In the latter case, th""e approach is deployment-specific, as it takes into account which programs will interactand how they will interact.To address the"" problem of code bloating, we propose to develop novel binary trimming and binary shaping statictechniques that can operate on sing"le programs or groups of programs to reduce their security exposure and improvetheir performance.The research is focus on four mai"n thrusts, defined by the composition of types and scopes of the possibletransformations.1. Bintrimmer: Static binary trimming for"" programs.As a first thrust of the research, we will alleviate the code bloat that leads to an increased attack surface. We propose"to design an approach that uses static analysis to identify and remove unused regions of code.2. Binshaper: Static binary shaping for programs.The second thrust of the project focuses on an approach that automatically identifies and minimizes both bloated APIcall-chains and redundant or insufficiently optimized series of instructions.3. Binstemmer: Binary trimming for program groups.The" third thrust of the proposed research focuses on analyzing, in an integrated fashion, interacting programs. Theapproach will lever""age static analysis techniques to infer how the programs interact using specific protocols, andremove protocol-handling code that i"s unused.4. Binplexer: Binary shaping for program groups.The fourth thrust of the research focuses on reshaping the code of interacting programs so that server~sprotocolhandling code can be reshaped in a client-aware fashion.The outcome of this research will b"e tools and techniques that will improve the security of binaries without requiringaccess to source code, and, by relying on static"" analysis techniques, will guarantee that the functionality of the codewill be preserved.

Document Details

Document Type

DoD Grant Award

Publication Date

Sep 29, 2017

Source ID

N000141712897

Entities

Tags