TWC: TTP Option: Medium: Collaborative: ENCORE - ENhanced program protection through COmpiler-REwriter cooperation

TWC：TTP 选项：中：协作：ENCORE - 通过 COmpiler-REwriter 合作增强程序保护

• 批准号: 1513704
• 负责人: Kevin Hamlen
• 金额: $ 17.7万
• 依托单位: University of Texas at Dallas
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-07-01 至 2019-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1513704&HistoricalAwards=false
• 关键词: TWC; TTP; Option; Medium; Collaborative

Critical errors in widely used software are discovered almost every day. They currently leave users of that software vulnerable to cyber attacks until the manufacturer eventually supplies a fix - sometimes this takes unacceptably long. There currently is no way that users of commercial off-the-shelf software that is distributed as binary code can go and fix such vulnerabilities themselves, ex post facto, because software is not easily changeable once it has been compiled to binary form. This research project investigates techniques for enabling consumer-side rewriting of binary software. The approach is appealing because it can be deployed quickly in response to new threats, without waiting for code-producers, and can enforce consumer-specific security policies unsupported or unforeseen by the software?s developers. If successful, this research will lead to significant improvements in software security.Consumer-side binary rewriting is currently not feasible because binary files don't contain enough information to do it safely. On the other hand, code producers don't want to reveal too many implementation details of their code due to intellectual property and software piracy concerns. The key goal of this project is to enable code producers to supplement their binary code with a small amount of metadata that can be used, consumer-side, to perform sophisticated binary rewriting, but without disclosing much extra information about the internal working of the code and without making reverse-engineering much easier than before. The project will produce a prototype implementation consisting of a producer-side metadata derivation engine, and a consumer-side binary rewriting engine using this metadata to safely perform binary code manipulation.

几乎每天都会发现广泛使用的软件中的关键错误。他们目前让该软件的用户容易受到网络攻击，直到制造商最终提供修复程序-有时这需要不可接受的长时间。目前，作为二进制代码分发的商业现成软件的用户无法事后自行修复此类漏洞，因为软件一旦被编译为二进制形式就不容易更改。本研究计画探讨使用者端改写二进制软体的技术。这种方法很有吸引力，因为它可以快速部署以应对新的威胁，而无需等待代码生产者，并且可以强制执行软件不支持或不可预见的特定于消费者的安全策略。的开发人员。如果成功，这项研究将导致软件安全性的显著改善。消费者端二进制重写目前还不可行，因为二进制文件不包含足够的信息来安全地执行。另一方面，由于知识产权和软件盗版问题，代码生产者不想透露太多代码的实现细节。该项目的主要目标是使代码生产者能够用少量的元数据来补充他们的二进制代码，这些元数据可以在消费者端使用，以执行复杂的二进制重写，但不会透露有关代码内部工作的更多额外信息，也不会使逆向工程比以前更容易。该项目将产生一个原型实现，包括一个生产者端的元数据派生引擎，和一个消费者端的二进制重写引擎，使用此元数据来安全地执行二进制代码操作。