BinRec: Atack surface reduction through dynamic binary recovery

Taddeus Kroes; Anil Altinay; Joseph Nash; Yeoul Na; Stijn Volckaert; Herbert Bos; Michael Franz; Cristiano Giuffrida

doi:10.1145/3273045.3273050

BinRec: Atack surface reduction through dynamic binary recovery

Taddeus Kroes, Anil Altinay, Joseph Nash, Yeoul Na, Stijn Volckaert, Herbert Bos, Michael Franz, Cristiano Giuffrida

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

277 Downloads (Pure)

Abstract

Compile-time specialization and feature pruning through static binary rewriting have been proposed repeatedly as techniques for reducing the attack surface of large programs, and for minimizing the trusted computing base. We propose a new approach to attack surface reduction: dynamic binary lifting and recompilation. We present BinRec, a binary recompilation framework that lifts binaries to a compiler-level intermediate representation (IR) to allow complex transformations on the captured code. After transformation, BinRec lowers the IR back to a "recovered" binary, which is semantically equivalent to the input binary, but has its unnecessary features removed. Unlike existing approaches, which are mostly based on static analysis and rewriting, our framework analyzes and lifts binaries dynamically. The crucial advantage is that we can not only observe the full program including all of its dependencies, but we can also determine which program features the end-user actually uses. We evaluate the correctness and performance of Bin-Rec, and show that our approach enables aggressive pruning of unwanted features in COTS binaries.

Original language	English
Title of host publication	FEAST 2018 - Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018
Publisher	Association for Computing Machinery
Pages	8-13
Number of pages	6
ISBN (Electronic)	9781450359979
DOIs	https://doi.org/10.1145/3273045.3273050
Publication status	Published - 15 Oct 2018
Event	2018 Workshop on Forming an Ecosystem Around Software Transformation, FEAST, held in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018 - Toronto, Canada Duration: 19 Oct 2018 → …

Conference

Conference	2018 Workshop on Forming an Ecosystem Around Software Transformation, FEAST, held in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018
Country/Territory	Canada
City	Toronto
Period	19/10/18 → …

Keywords

Attack surface reduction
Binary lifting
LLVM
Symbolic execution

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1145/3273045.3273050

BinRec Atack surface reduction through dynamic binary recoveryFinal published version, 928 KBLicence: Article 25fa Dutch Copyright Act

Handle.net

Persistent link

Cite this

Kroes, T., Altinay, A., Nash, J., Na, Y., Volckaert, S., Bos, H., Franz, M., & Giuffrida, C. (2018). BinRec: Atack surface reduction through dynamic binary recovery. In FEAST 2018 - Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018 (pp. 8-13). Association for Computing Machinery. https://doi.org/10.1145/3273045.3273050

@inproceedings{76a4675d08754f0785542eafd32dafaa,

title = "BinRec: Atack surface reduction through dynamic binary recovery",

abstract = "Compile-time specialization and feature pruning through static binary rewriting have been proposed repeatedly as techniques for reducing the attack surface of large programs, and for minimizing the trusted computing base. We propose a new approach to attack surface reduction: dynamic binary lifting and recompilation. We present BinRec, a binary recompilation framework that lifts binaries to a compiler-level intermediate representation (IR) to allow complex transformations on the captured code. After transformation, BinRec lowers the IR back to a {"}recovered{"} binary, which is semantically equivalent to the input binary, but has its unnecessary features removed. Unlike existing approaches, which are mostly based on static analysis and rewriting, our framework analyzes and lifts binaries dynamically. The crucial advantage is that we can not only observe the full program including all of its dependencies, but we can also determine which program features the end-user actually uses. We evaluate the correctness and performance of Bin-Rec, and show that our approach enables aggressive pruning of unwanted features in COTS binaries.",

keywords = "Attack surface reduction, Binary lifting, LLVM, Symbolic execution",

author = "Taddeus Kroes and Anil Altinay and Joseph Nash and Yeoul Na and Stijn Volckaert and Herbert Bos and Michael Franz and Cristiano Giuffrida",

year = "2018",

month = oct,

day = "15",

doi = "10.1145/3273045.3273050",

language = "English",

pages = "8--13",

booktitle = "FEAST 2018 - Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018",

publisher = "Association for Computing Machinery",

note = "2018 Workshop on Forming an Ecosystem Around Software Transformation, FEAST, held in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018 ; Conference date: 19-10-2018",

}

Kroes, T, Altinay, A, Nash, J, Na, Y, Volckaert, S, Bos, H, Franz, M & Giuffrida, C 2018, BinRec: Atack surface reduction through dynamic binary recovery. in FEAST 2018 - Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018. Association for Computing Machinery, pp. 8-13, 2018 Workshop on Forming an Ecosystem Around Software Transformation, FEAST, held in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018, Toronto, Canada, 19/10/18. https://doi.org/10.1145/3273045.3273050

BinRec: Atack surface reduction through dynamic binary recovery. / Kroes, Taddeus; Altinay, Anil; Nash, Joseph et al.
FEAST 2018 - Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018. Association for Computing Machinery, 2018. p. 8-13.

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - BinRec

T2 - 2018 Workshop on Forming an Ecosystem Around Software Transformation, FEAST, held in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018

AU - Kroes, Taddeus

AU - Altinay, Anil

AU - Nash, Joseph

AU - Na, Yeoul

AU - Volckaert, Stijn

AU - Bos, Herbert

AU - Franz, Michael

AU - Giuffrida, Cristiano

PY - 2018/10/15

Y1 - 2018/10/15

N2 - Compile-time specialization and feature pruning through static binary rewriting have been proposed repeatedly as techniques for reducing the attack surface of large programs, and for minimizing the trusted computing base. We propose a new approach to attack surface reduction: dynamic binary lifting and recompilation. We present BinRec, a binary recompilation framework that lifts binaries to a compiler-level intermediate representation (IR) to allow complex transformations on the captured code. After transformation, BinRec lowers the IR back to a "recovered" binary, which is semantically equivalent to the input binary, but has its unnecessary features removed. Unlike existing approaches, which are mostly based on static analysis and rewriting, our framework analyzes and lifts binaries dynamically. The crucial advantage is that we can not only observe the full program including all of its dependencies, but we can also determine which program features the end-user actually uses. We evaluate the correctness and performance of Bin-Rec, and show that our approach enables aggressive pruning of unwanted features in COTS binaries.

AB - Compile-time specialization and feature pruning through static binary rewriting have been proposed repeatedly as techniques for reducing the attack surface of large programs, and for minimizing the trusted computing base. We propose a new approach to attack surface reduction: dynamic binary lifting and recompilation. We present BinRec, a binary recompilation framework that lifts binaries to a compiler-level intermediate representation (IR) to allow complex transformations on the captured code. After transformation, BinRec lowers the IR back to a "recovered" binary, which is semantically equivalent to the input binary, but has its unnecessary features removed. Unlike existing approaches, which are mostly based on static analysis and rewriting, our framework analyzes and lifts binaries dynamically. The crucial advantage is that we can not only observe the full program including all of its dependencies, but we can also determine which program features the end-user actually uses. We evaluate the correctness and performance of Bin-Rec, and show that our approach enables aggressive pruning of unwanted features in COTS binaries.

KW - Attack surface reduction

KW - Binary lifting

KW - LLVM

KW - Symbolic execution

UR - http://www.scopus.com/inward/record.url?scp=85056806630&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85056806630&partnerID=8YFLogxK

U2 - 10.1145/3273045.3273050

DO - 10.1145/3273045.3273050

M3 - Conference contribution

AN - SCOPUS:85056806630

SP - 8

EP - 13

BT - FEAST 2018 - Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2018

PB - Association for Computing Machinery

Y2 - 19 October 2018

ER -

BinRec: Atack surface reduction through dynamic binary recovery

Abstract

Conference

Keywords

UN SDGs

Access to Document

Handle.net

Other files and links

Fingerprint

Cite this