Visible to the public Secure Native Binary Executions--2022 Q2Conflict Detection Enabled

Submitted by prasadk on Thu, 07/07/2022 - 11:31am

PI(s): Prasad Kulkarni

HARD PROBLEM(S) ADDRESSED:

Scalability and Composability, Security Metrics

PUBLIC ACCOMPLISHMENT HIGHLIGHTS:

Our overall project goal is to develop a high-performance framework for client-side security assessment and enforcement for binary software.

In this quarter we continued our work to: (a) Develop tools and techniques to evaluate the client-side security properties of binary software, and (b) Understand the efficiency and effectiveness challenges and tradeoffs in implementing source-level (compiler-based) security techniques at the binary-level.

The major highlights in the last quarter were the following:

(a) We submitted a paper that describes our techniques, results, and observations regarding the detection of compiler-added security checks in binaries to ESORICS 2022.

(b) Our paper that describes our technique to identify the high-level source language from the given binary was accepted in Springer's ICR 2022 conference.

(c) We continued to develop techniques that can detect the presence of secure and recommended coding practices adopted during the (source level) coding stage from just the binary code.

(d) We continued our work to assess the effectiveness and efficiency of conducting control-flow integrity (CFI) on binary code as compared to performing CFI on source code.

PUBLICATIONS FROM THE QUARTER:

None

Groups: