bending binary programs to your will rajeev barua
DESCRIPTION
Bending Binary Programs to your Will Rajeev Barua. What is a Binary Rewriter. Traditionally. Recently. High-level language program (C, C++, Java, SQL,……). Binary executable program. Compiler. Binary Rewriter. Binary executable program. Improved Binary executable program. - PowerPoint PPT PresentationTRANSCRIPT
Bending Binary Programs to your Will
Rajeev Barua
What is a Binary Rewriter
High-level language program (C, C++, Java, SQL,……)
Binary executable program
Binary executable program
ImprovedBinary executable program
Traditionally Recently
Binary RewriterCompiler
• Allows optimizations missed by compiler– Including inter-procedural optimization
• Portable across any language– No need for repeated compiler implementation
• Applicable to legacy codes and assembly level programs
• Enhanced security of binaries
Advantages of Binary Rewriting
Flow of Compiler
llvm-gccllvm-gfortran
C, C++Fortran
Code Improvement
LLVM IR
Machine CodeGenerator
Layout Modifications
Binary Reader
Flow of Binary Rewriter
LLVM IR
LLVM IR
+
Existing Binary Rewriters
Commercial Binary Program
Rewritten Commercial Binary Program
Symbolic & Relocation Information
Existing Binary Rewriter
SecondWrite √
SecondWrite
• Improvement in Execution Speed– Automatic Parallelization– Better memory management
• Improvement of security and reliability– Protection against malicious attacks– Access control
Applications of Binary Rewriting
Security Policy Enforcement in Binaries
Security PolicyLibrary
Security PolicyLibrary
Binary Reader
Code Improvement
Layout ModificationsCode Generator
System CallDetector
Security check inserter
+
Security Policy Enforcement
Input Binary Program Security Policy
SecondWrite
Output Binary
SecurityPolicy
Enforcing a Policy on a Malicious Binary
Malicious binary thatdeletes files under the/c/important directory.
Run binary Deletes files!
(Binary runs under your permissions)
Enforcing a Policy on a Malicious Binary
Malicious binary thatdeletes files under the/c/important directory.
SecondWrite
Malicious Binary
SecurityPolicy
+ Security policy for downloaded applications:
• Cannot delete files which the application did not itself create
Enforcing a Policy on a Malicious Binary
MaliciousBinary
Run binary Kill application!
SecurityPolicy
• Prevent network send after reading sensitive files
• Impose quota on resource usage (e.g. heap memory)
Examples of Other Policies
• Customizable: Security checks customizable to application, source, user and site.
• Wide Scope: Completely enforce Confidentiality, Integrity, and Availability (CIA triad) in a binary
• Preventative: Ability to stop attacks before they succeed
• Portable: Approach is independent of operating system and programming language
Advantages of this Approach