BinRec: Atack surface reduction through dynamic binary recovery

Taddeus Kroes, Anil Altinay, Joseph Nash, Yeoul Na, Stijn Volckaert, Herbert Bos, Michael Franz, Cristiano Giuffrida

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

169 Downloads (Pure)

Abstract

Compile-time specialization and feature pruning through static binary rewriting have been proposed repeatedly as techniques for reducing the attack surface of large programs, and for minimizing the trusted computing base. We propose a new approach to attack surface reduction: dynamic binary lifting and recompilation. We present BinRec, a binary recompilation framework that lifts binaries to a compiler-level intermediate representation (IR) to allow complex transformations on the captured code. After transformation, BinRec lowers the IR back to a "recovered" binary, which is semantically equivalent to the input binary, but has its unnecessary features removed. Unlike existing approaches, which are mostly based on static analysis and rewriting, our framework analyzes and lifts binaries dynamically. The crucial advantage is that we can not only observe the full program including all of its dependencies, but we can also determine which program features the end-user actually uses. We evaluate the correctness and performance of Bin-Rec, and show that our approach enables aggressive pruning of unwanted features in COTS binaries.

Original languageEnglish
Title of host publicationFEAST 2018 - Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018
PublisherAssociation for Computing Machinery
Pages8-13
Number of pages6
ISBN (Electronic)9781450359979
DOIs
Publication statusPublished - 15 Oct 2018
Event2018 Workshop on Forming an Ecosystem Around Software Transformation, FEAST, held in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018 - Toronto, Canada
Duration: 19 Oct 2018 → …

Conference

Conference2018 Workshop on Forming an Ecosystem Around Software Transformation, FEAST, held in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018
CountryCanada
CityToronto
Period19/10/18 → …

Keywords

  • Attack surface reduction
  • Binary lifting
  • LLVM
  • Symbolic execution

Fingerprint

Dive into the research topics of 'BinRec: Atack surface reduction through dynamic binary recovery'. Together they form a unique fingerprint.

Cite this