Advanced search
1 file | 1.80 MB

Feedback-driven binary code diversification

Bart Coppens (UGent) , Bjorn De Sutter (UGent) and Jonas Maebe (UGent)
Author
Organization
Abstract
As described in many blog posts and in the scientific literature, exploits for software vulnerabilities are often engineered on the basis of patches. For example, "Microsoft Patch Tuesday" is often followed by "Exploit Wednesday" during which yet unpatched systems become vulnerable to patch-based exploits. Part of the patch engineering includes the identification of the vulnerable binary code by means of reverse-engineering tools and diffing add-ons. In this article we present a feedback-driven compiler tool flow that iteratively transforms code until diffing tools become ineffective enough to close the "Exploit Wednesday" window of opportunity. We demonstrate the tool's effectiveness on a set of real-world patches and against the latest version of BinDiff.
Keywords
program matching, patches, binary diffing, software diversity, Security, Compiler transformations, Measurement, Experimentation

Downloads

  • (...).pdf
    • full text
    • |
    • UGent only
    • |
    • PDF
    • |
    • 1.80 MB

Citation

Please use this url to cite or link to this publication:

Chicago
Coppens, Bart, Bjorn De Sutter, and Jonas Maebe. 2013. “Feedback-driven Binary Code Diversification.” Acm Transactions on Architecture and Code Optimization 9 (4).
APA
Coppens, B., De Sutter, B., & Maebe, J. (2013). Feedback-driven binary code diversification. ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION, 9(4).
Vancouver
1.
Coppens B, De Sutter B, Maebe J. Feedback-driven binary code diversification. ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION. ACM; 2013;9(4).
MLA
Coppens, Bart, Bjorn De Sutter, and Jonas Maebe. “Feedback-driven Binary Code Diversification.” ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION 9.4 (2013): n. pag. Print.
@article{3223531,
  abstract     = {As described in many blog posts and in the scientific literature, exploits for software vulnerabilities are often engineered on the basis of patches. For example, {\textacutedbl}Microsoft Patch Tuesday{\textacutedbl} is often followed by {\textacutedbl}Exploit Wednesday{\textacutedbl} during which yet unpatched systems become vulnerable to patch-based exploits. Part of the patch engineering includes the identification of the vulnerable binary code by means of reverse-engineering tools and diffing add-ons. In this article we present a feedback-driven compiler tool flow that iteratively transforms code until diffing tools become ineffective enough to close the {\textacutedbl}Exploit Wednesday{\textacutedbl} window of opportunity. We demonstrate the tool's effectiveness on a set of real-world patches and against the latest version of BinDiff.},
  articleno    = {24},
  author       = {Coppens, Bart and De Sutter, Bjorn and Maebe, Jonas},
  issn         = {1544-3566},
  journal      = {ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION},
  keyword      = {program matching,patches,binary diffing,software diversity,Security,Compiler transformations,Measurement,Experimentation},
  language     = {eng},
  number       = {4},
  pages        = {25},
  publisher    = {ACM},
  title        = {Feedback-driven binary code diversification},
  url          = {http://dx.doi.org/10.1145/2400682.2400683},
  volume       = {9},
  year         = {2013},
}

Altmetric
View in Altmetric
Web of Science
Times cited: