CRII: SaTC: Robust and Platform Independent Recovery of Design Features from C++ Binaries

CRII：SaTC：从 C 二进制文件中稳健且独立于平台的设计功能恢复

• 批准号: 1566532
• 负责人: Aravind Prakash
• 金额: $ 17.5万
• 依托单位: SUNY at Binghamton
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-07-01 至 2019-10-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1566532&HistoricalAwards=false
• 关键词: CRII; SaTC; Robust; Platform; Independent

Computer software play a ubiquitous role in the modern way of life. Attacks against vulnerable software lead to compromise and loss of financial and personal information. While the application stores and the software manufacturers may strive to provide vulnerability-free software, the onus to defend against attacks and ensure integrity of one?s personal information and resources is on the end-user. However, due to the lack of source code, (1) end users are unable to identify and fix vulnerabilities in the software they run, and (2) the open source community is unable to detect violation of software licensing terms by closed source software. This project aims to recover design information from binaries in a platform-neutral and obfuscation resilient manner. As a direct consequence, this project promises advancement in end-user-level security, and for the first time, facilitates detection of design-level plagiarism in software. This project aims to reconstruct a design profile of a C++ binary by leveraging the unavoidable information leakage that occurs due to adherence to Application Binary Interface (ABI) specification. It takes advantage of the platform-independent nature of ABI specification to offer both platform neutrality and obfuscation resilience in design recovery. First, traditional static and dynamic binary analysis approaches are employed in order to extract design elements and design pertinent features. Then, theorem proving is utilized to establish relationship between various design-level program entities. This project views adherence to ABI as a source of design leakage, exploits the leakage to recover design information, and investigates ways to minimize the leakage while maintaining interoperability through adherence.The results from this research will be disseminated through peer-reviewed publications and software release. Based on the research, new course materials and professional training tutorials will be developed, to help future security engineers and researchers gain in-depth knowledge about design recovery.

计算机软件在现代生活方式中起着无处不在的作用。对易受攻击的软件的攻击会导致财务和个人信息的泄露和丢失。虽然应用程序商店和软件制造商可能会努力提供免费的软件，但抵御攻击和确保完整性的责任呢？的个人信息和资源在最终用户身上。然而，由于缺乏源代码，（1）最终用户无法识别和修复他们运行的软件中的漏洞，（2）开源社区无法检测到闭源软件违反软件许可条款。该项目旨在以平台中立和混淆弹性的方式从二进制文件中恢复设计信息。作为一个直接的结果，该项目承诺在最终用户级的安全性的进步，并首次，方便检测软件中的设计级剽窃。本项目旨在通过利用由于遵守应用程序二进制接口（ABI）规范而发生的不可避免的信息泄漏来重建C++二进制的设计概要。它利用ABI规范的平台无关性，在设计恢复中提供平台中立性和模糊恢复能力。首先，传统的静态和动态二进制分析方法，以提取设计元素和设计相关的功能。然后，定理证明被用来建立各种设计级程序实体之间的关系。本项目将遵守ABI视为设计泄漏的一个来源，利用泄漏来恢复设计信息，并研究如何最大限度地减少泄漏，同时通过遵守保持互操作性。本研究的结果将通过同行评审的出版物和软件发布进行传播。在研究的基础上，将开发新的课程教材和专业培训教程，以帮助未来的安全工程师和研究人员深入了解设计恢复。