Download presentation
Presentation is loading. Please wait.
1
Bending Binary Programs to your Will Rajeev Barua
2
What is a Binary Rewriter High-level language program (C, C++, Java, SQL,……) Binary executable program Binary executable program Improved Binary executable program Traditionally Recently Binary RewriterCompiler
3
Allows optimizations missed by compiler –Including inter-procedural optimization Portable across any language –No need for repeated compiler implementation Applicable to legacy codes and assembly level programs Enhanced security of binaries Advantages of Binary Rewriting
4
Flow of Compiler llvm-gccllvm-gfortran C, C++Fortran Code Improvement LLVM IR Machine Code Generator Layout Modifications Binary Reader Flow of Binary Rewriter LLVM IR
5
+ Existing Binary Rewriters Commercial Binary Program Rewritten Commercial Binary Program Symbolic & Relocation Information Existing Binary Rewriter SecondWrite √
6
Improvement in Execution Speed –Automatic Parallelization –Better memory management Improvement of security and reliability –Protection against malicious attacks –Access control Applications of Binary Rewriting
7
Security Policy Enforcement in Binaries Security Policy Library Security Policy Library Binary Reader Code Improvement Layout ModificationsCode Generator System Call Detector Security check inserter
8
+ Security Policy Enforcement Input Binary ProgramSecurity Policy SecondWrite Output Binary Security Policy
9
Enforcing a Policy on a Malicious Binary Malicious binary that deletes files under the /c/important directory. Run binary Deletes files! (Binary runs under your permissions)
10
Enforcing a Policy on a Malicious Binary Malicious binary that deletes files under the /c/important directory. SecondWrite Malicious Binary Security Policy + Security policy for downloaded applications: Cannot delete files which the application did not itself create
11
Enforcing a Policy on a Malicious Binary Malicious Binary Run binary Kill application! Security Policy
12
Prevent network send after reading sensitive files Impose quota on resource usage (e.g. heap memory) Examples of Other Policies
13
Customizable: Security checks customizable to application, source, user and site. Wide Scope: Completely enforce Confidentiality, Integrity, and Availability (CIA triad) in a binary Preventative: Ability to stop attacks before they succeed Portable: Approach is independent of operating system and programming language Advantages of this Approach
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.