Visible to the public Explore Capabilities and Effectiveness of Reverse Engineering Tools to Provide Memory Safety for Binary ProgramsConflict Detection Enabled

Submitted by willirn1 on Mon, 03/07/2022 - 2:39pm
TitleExplore Capabilities and Effectiveness of Reverse Engineering Tools to Provide Memory Safety for Binary Programs
Publication TypeConference Paper
Year of Publication2021
AuthorsVaidya, Ruturaj, Kulkarni, Prasad A., Jantz, Michael R.
Secondary AuthorsDeng, Robert, Bao, Feng, Wang, Guilin, Shen, Jian, Ryan, Mark, Meng, Weizhi, Wang, Ding
Conference NameInformation Security Practice and Experience
PublisherSpringer International Publishing
Conference LocationCham
ISBN Number978-3-030-93206-0
KeywordsKU, Scalability and Composability, Security Metrics Driven Evaluation, Design, Development, and Deployment
AbstractAny technique to ensure memory safety requires knowledge of (a) precise array bounds and (b) the data types accessed by memory load/store and pointer move instructions (called, owners) in the program. While this information can be effectively derived by compiler-level approaches much of this information may be lost during the compilation process and become unavailable to binary-level tools. In this work we conduct the first detailed study on how accurately can this information be extracted or reconstructed by current state-of-the-art static reverse engineering (RE) platforms for binaries compiled with and without debug symbol information. Furthermore, it is also unclear how the imprecision in array bounds and instruction owner information that is obtained by the RE tools impacts the ability of techniques to detect illegal memory accesses at run-time. We study this issue by designing, building, and deploying a novel binary-level technique to assess the properties and effectiveness of the information provided by the static RE algorithms in the first stage to guide the run-time instrumentation to detect illegal memory accesses in the decoupled second stage. Our work explores the limitations and challenges for static binary analysis tools to develop accurate binary-level techniques to detect memory errors.
DOIhttps://doi.org/10.1007/978-3-030-93206-0_2
Citation Key10.1007/978-3-030-93206-0_2
Groups: