Abstract
Many techniques have been proposed to harden programs with protection mechanisms to defend against vulnerability exploits. Unfortunately the vast majority of them cannot be applied to closed source software because they require access to program source code. This paper presents our work on automatically hardening binary code with security workarounds, a protection mechanism that prevents vulnerabilities from being triggered by disabling vulnerable code. By working solely with binary code, our approach is applicable to closed source software. To automatically synthesize security workarounds, we develop binary program analysis techniques to identify existing error handling code in binary code, synthesize security workarounds in the form of binary code, and instrument security workarounds into binary programs. We designed and implemented a prototype or our approach for Windows and Linux binary programs. Our evaluation shows that our approach can apply security workarounds to an average of 69.3% of program code and the security workarounds successfully prevents exploits to trigger real-world vulnerabilities.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.