TWC: TTP Option: Medium: Collaborative: ENCORE - ENhanced program protection through COmpiler-REwriter cooperation

TWC：TTP 选项：中：协作：ENCORE - 通过 COmpiler-REwriter 合作增强程序保护

• 批准号: 1513783
• 负责人: Mathias Payer
• 金额: $ 40.37万
• 依托单位: Purdue University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-07-01 至 2019-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1513783&HistoricalAwards=false
• 关键词: TWC; TTP; Option; Medium; Collaborative

Critical errors in widely used software are discovered almost every day. They currently leave users of that software vulnerable to cyber attacks until the manufacturer eventually supplies a fix - sometimes this takes unacceptably long. There currently is no way that users of commercial off-the-shelf software that is distributed as binary code can go and fix such vulnerabilities themselves, ex post facto, because software is not easily changeable once it has been compiled to binary form. This research project investigates techniques for enabling consumer-side rewriting of binary software. The approach is appealing because it can be deployed quickly in response to new threats, without waiting for code-producers, and can enforce consumer-specific security policies unsupported or unforeseen by the software?s developers. If successful, this research will lead to significant improvements in software security.Consumer-side binary rewriting is currently not feasible because binary files don't contain enough information to do it safely. On the other hand, code producers don't want to reveal too many implementation details of their code due to intellectual property and software piracy concerns. The key goal of this project is to enable code producers to supplement their binary code with a small amount of metadata that can be used, consumer-side, to perform sophisticated binary rewriting, but without disclosing much extra information about the internal working of the code and without making reverse-engineering much easier than before. The project will produce a prototype implementation consisting of a producer-side metadata derivation engine, and a consumer-side binary rewriting engine using this metadata to safely perform binary code manipulation.

在广泛使用的软件中，几乎每天都有重大错误被发现。目前，这些漏洞让该软件的用户容易受到网络攻击，直到制造商最终提供修复程序——有时这需要令人难以接受的长时间。目前，以二进制代码形式分发的商业现成软件的用户无法自行修复这些漏洞，因为一旦软件被编译为二进制形式，就不容易更改。这个研究项目调查了使二进制软件的消费者端重写成为可能的技术。这种方法很有吸引力，因为它可以快速部署以响应新的威胁，而无需等待代码生产者，并且可以强制执行不受软件支持或不可预见的特定于用户的安全策略。开发人员。如果成功，这项研究将导致软件安全性的重大改进。消费者端二进制重写目前是不可行的，因为二进制文件不包含足够的信息来安全地完成它。另一方面，由于知识产权和软件盗版问题，代码制作者不希望透露太多代码的实现细节。这个项目的主要目标是使代码生成者能够用少量的元数据来补充他们的二进制代码，这些元数据可以在消费者端使用，以执行复杂的二进制重写，但不会泄露太多关于代码内部工作的额外信息，也不会使逆向工程比以前更容易。该项目将生成一个原型实现，包括一个生产者端元数据派生引擎和一个使用该元数据安全地执行二进制代码操作的消费者端二进制重写引擎。