Empowering static binary rewriting through recovered structured information
Event details
| Date | 31.01.2022 |
| Hour | 17:00 › 19:00 |
| Speaker | Luca Di Bartolomeo |
| Category | Conferences - Seminars |
EDIC candidacy exam
Exam president: Prof. James Larus
Thesis advisor: Prof. Mathias Payer
Co-examiner: Prof. Sanidhya Kashyap
Abstract
Closed source programs are particularly challenging to audit. Even on the most popular open-source operating systems, end-users are often required to run third-party binary blobs.
Static rewriting is the process of applying modifications on an already compiled program, with the goal of patching bugs, hardening exploitation, and providing better profiling tools.
However, static rewriting is severely limited by the scarcity of information present in a binary without the possession of its source code, such as abstractions in object-oriented languages (e.g., C++).
The amount of information and metadata that we are able to recover from a binary directly influences the chances of a success-full rewriting. Recovering as many abstractions as possible is crucial part of static rewriting, and the main goal of this research is to have a look at how much knowledge we can still infer from a closed-source program.
Background papers
Using Logic Programming to Recover C++ Classes and Methods from Compiled Executables [1]
https://dl.acm.org/doi/pdf/10.1145/3243734.3243793
Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits
https://www.ieee-security.org/TC/SP2017/papers/579.pdf
(State of) The Art of War: Offensive Techniques in Binary Analysis
https://ieeexplore.ieee.org/abstract/document/7546500
Exam president: Prof. James Larus
Thesis advisor: Prof. Mathias Payer
Co-examiner: Prof. Sanidhya Kashyap
Abstract
Closed source programs are particularly challenging to audit. Even on the most popular open-source operating systems, end-users are often required to run third-party binary blobs.
Static rewriting is the process of applying modifications on an already compiled program, with the goal of patching bugs, hardening exploitation, and providing better profiling tools.
However, static rewriting is severely limited by the scarcity of information present in a binary without the possession of its source code, such as abstractions in object-oriented languages (e.g., C++).
The amount of information and metadata that we are able to recover from a binary directly influences the chances of a success-full rewriting. Recovering as many abstractions as possible is crucial part of static rewriting, and the main goal of this research is to have a look at how much knowledge we can still infer from a closed-source program.
Background papers
Using Logic Programming to Recover C++ Classes and Methods from Compiled Executables [1]
https://dl.acm.org/doi/pdf/10.1145/3243734.3243793
Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits
https://www.ieee-security.org/TC/SP2017/papers/579.pdf
(State of) The Art of War: Offensive Techniques in Binary Analysis
https://ieeexplore.ieee.org/abstract/document/7546500
Practical information
- General public
- Free