1 / 13

Bending Binary Programs to your Will Rajeev Barua

Explore the process of bending binary programs to your will using a binary rewriter, enhancing security, speed, and reliability. Learn about SecondWrite, LLVM IR, and application in legacy codes. Enhanced security with policy enforcement.

mvito
Download Presentation

Bending Binary Programs to your Will Rajeev Barua

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Bending Binary Programs to your WillRajeev Barua

  2. What is a Binary Rewriter Traditionally Recently High-level language program (C, C++, Java, SQL,……) Binary executable program Compiler Binary Rewriter Binary executable program Improved Binary executable program

  3. Advantages of Binary Rewriting • Allows optimizations missed by compiler • Including inter-procedural optimization • Portable across any language • No need for repeated compiler implementation • Applicable to legacy codes and assembly level programs • Enhanced security of binaries

  4. Flow of Binary Rewriter Flow of Compiler Fortran C, C++ llvm-gfortran Binary Reader llvm-gcc LLVM IR LLVM IR Code Improvement LLVM IR Machine Code Generator Layout Modifications

  5. Existing Binary Rewriters SecondWrite Commercial Binary Program Symbolic & Relocation Information + Existing Binary Rewriter SecondWrite √ Rewritten Commercial Binary Program SecondWrite

  6. Applications of Binary Rewriting • Improvement in Execution Speed • Automatic Parallelization • Better memory management • Improvement of security and reliability • Protection against malicious attacks • Access control

  7. Security Policy Enforcement in Binaries Binary Reader Security Policy Library System Call Detector Code Improvement Security check inserter Code Generator Layout Modifications

  8. Security Policy Enforcement + Input Binary Program Security Policy SecondWrite Output Binary Security Policy

  9. Enforcing a Policy on a Malicious Binary Malicious binary that deletes files under the /c/important directory. Run binary Deletes files! (Binary runs under your permissions)

  10. Enforcing a Policy on a Malicious Binary Malicious binary that deletes files under the /c/important directory. • Security policy for downloaded applications: • Cannot delete files • which the application • did not itself create + SecondWrite Malicious Binary Security Policy

  11. Enforcing a Policy on a Malicious Binary Malicious Binary Run binary Kill application! Security Policy

  12. Examples of Other Policies • Prevent network send after reading sensitive files • Impose quota on resource usage (e.g. heap memory)

  13. Advantages of this Approach • Customizable: Security checks customizable to application, source, user and site. • Wide Scope: Completely enforce Confidentiality, Integrity, andAvailability (CIA triad) in a binary • Preventative: Ability to stop attacks before they succeed • Portable: Approach is independent of operating system and programming language

More Related