Secure Native Binary Executions - April 2022

PI(s): Prasad Kulkarni

HARD PROBLEM(S) ADDRESSED:

Scalability and Composability, Security Metrics

PUBLIC ACCOMPLISHMENT HIGHLIGHTS:

Our overall project goal is to develop a high-performance framework for client-side security assessment and enforcement for binary software.

In this quarter we continued our work to: (a) Develop tools and techniques to evaluate the client-side security properties of binary software, and (b) Understand the challenges in implementing source-level (compiler-based) security techniques at the binary-level and develop new techniques to protect binary software from common classes of security attacks.

The major highlights in the last quarter were the following:

(a) In the previous quarter, we had started writing a paper to describe our techniques, results, and observations regarding the detection of compiler-added security checks in binaries. We continued this work, and developed additional experiments and techniques to better study and explain our results. As opposed to current approaches, our techniques do not look for specific/known instruction patterns in the binary code. So, the same techniques can detect any security check inserted by a rules-based tool, like a compiler. We are close to completing this phase of the work.

(b) We continued to develop techniques that can detect the presence of secure coding practices adopted during the (source level) coding stage from just the binary code. We have compiled a set of rules that are (and are not) manifested in the binary code. We have started building a framework and scripts in Ghidra to detect the relevant binary-level rules.

(c) We continued our work to assess the effectiveness and efficiency of conducting control-flow integrity (CFI) on binary code as compared to performing CFI on source code.

PUBLICATIONS FROM THE QUARTER:

None