Towards Transformation-Based Legacy Software Fitness: Usage-Driven Binary Debloating and Hardening (Phase II)

Abstract

Motivation Commodity software programs tend to have a large number of complex features for generality and versatility purposes. We argue that this one-size-fits-all practice is not desirable in dynamic, mission-oriented environments, where the feature(s) neededfrom a program are dynamically determined by the specific usage scenario/context. Moreover, the feature bloat in legacy programs has led to both nontrivial overhead and large attack surface. Meanwhile, the built-in protection for commodity software against cyber attacks is static and uniform, lacking configurability, timeliness, and completeness (of attack coverage) for legacy programs.In light of the status quo of software consumption and protection, we are motivated to explore a new paradigm and techniques to improve the fitness of legacy software, first by losing weight (i.e., removing unwanted features) and then by building muscles (i.e., hardening its defenses), without deep involvement of software vendors who may no longer support the software (i.e., empowering code consumers). More importantly, we expect such fitness training to be driven dynamically by different usage contexts/environments for the same software.Proposed Research To realize usage-driven legacy software fitness, we propose an integrated framework for consumer-side binary program transformation called Cybertron. It allows software consumers to perform usage-specific debloating and hardening of legacy software binaries, so that they can execute with smaller (debloated) footprint and stronger defenses. Cybertron integrates both static and dynamic binary analysis and transformation, and consists of a chain of tools for reverse engineering, rewriting, debloating/specialization, and patching/hardening.Building on the momentum of Phase I of this project, we propose to develop advanced techniques to strengthen the debloating + hardening capabilities of Cybertron. More specifically, (1) based on a binary rewriter called RetroWritedeveloped in Phase I, we will further develop a binary firmware patching and hardening tool for embedded systems; (2) based on a kernel code specialization and hardening system called SHARD developed in Phase I, we will develop a cross-layer debloating framework that spans the applicationkerneldevice driver spectrum; and (3) based on all prototypes developed in this project, we will actively engage in technology transfer efforts via hands-on tutorial development and artifact delivery and enhancement, in collaboration with our transfer partner in industry.Innovative Claims and Impacts Cybertron represents a new software production-consumption paradigm that involves post-production, consumer-side transformations of commodity software, which breaks away from the static, one size fits all paradigm. Our effort is aligned with the vision of creating a software transformation framework and ecosystem for better performance and stronger security. The aforementioned enabling techniques are among the first in the software security community.With high Naval relevance, our proposed framework and techniques are expected to help improve the security, agility,and cost-effectiveness of the Navys cyber assets and infrastructures, especially for legacy COTS software systems. Maintaining legacy software fitness will help elevate its robustness and survivability in the face of cyber attacks in a wide range of operation contexts: from training missions to active engagements, from shore to off-shore, and from cyber to cyber-physical environments.Approved for public release.

Document Details

Document Type

DoD Grant Award

Publication Date

Apr 06, 2021

Source ID

N000142112328

Entities

Tags