BinRec: dynamic binary lifting and recompilation

Anil Altinay, Joseph Nash, Taddeus Kroes, Prabhu Rajasekaran, Dixin Zhou, Adrian Dabrowski, David Gens, Yeoul Na, Stijn Volckaert, Cristiano Giuffrida, Herbert Bos, Michael Franz

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

Binary lifting and recompilation allow a wide range of install-Time program transformations, such as security hardening, deobfuscation, and reoptimization. Existing binary lifting tools are based on static disassembly and thus have to rely on heuristics to disassemble binaries. In this paper, we present BinRec, a new approach to heuristic-free binary recompilation which lifts dynamic traces of a binary to a compiler-level intermediate representation (IR) and lowers the IR back to a "recovered" binary. This enables BinRec to apply rich program transformations, such as compiler-based optimization passes, on top of the recovered representation. We identify and address a number of challenges in binary lifting, including unique challenges posed by our dynamic approach. In contrast to existing frameworks, our dynamic frontend can accurately disassemble and lift binaries without heuristics, and we can successfully recover obfuscated code and all SPEC INT 2006 benchmarks including C++ applications. We evaluate BinRec in three application domains: i) binary reoptimization, ii) deobfuscation (by recovering partial program semantics from virtualization-obfuscated code), and iii) binary hardening (by applying existing compiler-level passes such as AddressSanitizer and SafeStack on binary code).

Original languageEnglish
Title of host publicationEuroSys '20
Subtitle of host publicationProceedings of the Fifteenth European Conference on Computer Systems
PublisherAssociation for Computing Machinery, Inc
Pages1-16
Number of pages16
ISBN (Electronic)9781450368827
DOIs
Publication statusPublished - 15 Apr 2020
Event15th European Conference on Computer Systems, EuroSys 2020 - Heraklion, Greece
Duration: 27 Apr 202030 Apr 2020

Conference

Conference15th European Conference on Computer Systems, EuroSys 2020
CountryGreece
CityHeraklion
Period27/04/2030/04/20

Fingerprint Dive into the research topics of 'BinRec: dynamic binary lifting and recompilation'. Together they form a unique fingerprint.

Cite this