Securing untrusted code via compiler-agnostic binary rewriting

Wartell, Richard; Mohan, Vishwath; Hamlen, Kevin W.; Lin, Zhiqiang

doi:10.1145/2420950.2420995

Cited by 57 publications

(38 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Richard et al [1] proposed a code rewrite and in-lining system (REINS) method to protect the code from malicious software attacks of untrusted sources. It's a software-based approach to detect attacks.…”

Section: Related Workmentioning

confidence: 99%

Hardware-Assisted System for Program Execution Security of SOC

et al. 2016

View full text Add to dashboard Cite

Abstract. With the rapid development of embedded systems, the systems' security has become more and more important. Most embedded systems are at the risk of series of software attacks, such as buffer overflow attack, Trojan virus. In addition, with the rapid growth in the number of embedded systems and wide application, followed embedded hardware attacks are also increasing. This paper presents a new hardware assisted security mechanism to protect the program's code and data, monitoring its normal execution. The mechanism mainly monitors three types of information: the start/end address of the program of basic blocks; the lightweight hash value in basic blocks and address of the next basic block. These parameters are extracted through additional tools running on PC. The information will be stored in the security module. During normal program execution, the security module is designed to compare the real-time state of program with the information in the security module. If abnormal, it will trigger the appropriate security response, suspend the program and jump to the specified location. The module has been tested and validated on the SOPC with OR1200 processor. The experimental analysis shows that the proposed mechanism can defence a wide range of common software and physical attacks with low performance penalties and minimal overheads.

show abstract

Section: Related Workmentioning

confidence: 99%

Hardware-Assisted System for Program Execution Security of SOC

et al. 2016

View full text Add to dashboard Cite

show abstract

“…Zipr addresses many of the problems suffered by existing static binary rewriters such as high space overhead (as much as 2X), the inability to translate arbitrarily compiled programs (such as code compiled to be position independent), high runtime overhead, and requiring additional compiler information which may not be available [2,6,15,23,28,30,32,33,37].…”

Section: Ziprmentioning

confidence: 99%

Kevlar: Transitioning Helix for Research to Practice

Davidson¹,

Knight²,

Co³

et al. 2016

View full text Add to dashboard Cite

“…Other post link time rewriters like REINS [50] and the tool by Zhang and Sekar [53] suffer from similar drawbacks as SecondWrite, in that their handling of indirect control flow and memory accesses also inflates the executable size even before any actual code hardening has been applied.…”

Section: Post Link-time Binary Rewritingmentioning

confidence: 99%

“…All post-link-time rewriter developers target and evaluate desktop computers and applications [40,45,3,53,50], where code size and file size are not really concerns. Furthermore, with desktop operating systems, all rewritten code can simply be reallocated contiguously in a completely different range of the address space.…”

Section: Post Link-time Binary Rewritingmentioning

confidence: 99%

Link-time smart card code hardening

Keulenaer

Maebe

Bosschere

et al. 2015

Int. J. Inf. Secur.

View full text Add to dashboard Cite

This paper presents a feasibility study to protect smart card software against fault-injection attacks by means of link-time code rewriting. This approach avoids the drawbacks of source code hardening, avoids the need for manual assembly writing, and is applicable in conjunction with closed third-party compilers. We implemented a range of cookbook code hardening recipes in a prototype link-time rewriter and evaluate their coverage and associated overhead to conclude that this approach is promising. We demonstrate that the overhead of using an automated link-time approach is not significantly higher than what can be obtained with compile-time hardening or with manual hardening of compiler-generated assembly code.

show abstract

Securing untrusted code via compiler-agnostic binary rewriting

Cited by 57 publications

References 26 publications

Hardware-Assisted System for Program Execution Security of SOC

Hardware-Assisted System for Program Execution Security of SOC

Kevlar: Transitioning Helix for Research to Practice

Link-time smart card code hardening

Contact Info

Product

Resources

About