Cyberattacks are enabled by software vulnerabilities that allow attackers to plant software exploits. As old vulnerabilities are found and fixed, attackers continue to find new ones. As a result, software vendors, system administrators and security professionals have come to rely increasingly on techniques that insert additional code into software for detecting and/or blocking cyber attacks in progress. This process, called software instrumentation, can be applied to the broadest range of software if it operates on binary format in which most software is distributed, rather than on source code. Moreover, binary based techniques are more general: unlike source-codebased techniques, they are not limited to a particular programming language.
One of the major challenges in binary instrumentation is the complexity of modern instruction sets. Accurate instrumentation requires the semantics of all instructions to be captured, since all of the analyses and transformations performed by the instrumentor are based on this semantics. Clearly, this is a daunting task even for a single architecture: the Intel manual describing the x86 instruction set runs to over 1500 pages describing over 1100 instructions. When this task is multiplied across different architectures such as ARM, PowerPC, SPARC, MIPS, etc, the effort involved becomes impractically large. This project will develop a novel approach that avoids the need for modeling instruction sets by leveraging knowledge embedded in retargetable code generators in today's compilers such as GCC. This approach not only simplifies the development of instrumentation, but also makes it applicable to all architectures for which a code generator is available. Using this approach, this project will develop a platform to support efficient, architecture-neutral static instrumentation of commercial off-the-shelf (COTS) binaries. Based on this platform, this project will develop several effective instrumentations for hardening software against common vulnerabilities.
