Secure Lean Binary Code

Project: Research project

Project Details

Description

Abstract Modern software engineering practice heavily relies on third party libraries, existing frameworks, high level programming languages, and agile development methodologies, which allows us to build more complex software and deliver it faster. However, on the other hand, such practice causes some negative consequences such as bloatware and feature creep. When such an application is running in the system, inside its address space, they are unused (library) code, which exposes extra attack surface that gives an attacker more choices in launching, for example, code reuse attacks. The unused yet shared library code also reduces the software diversity among the applications. Removing such unused code from each address space will not only lead to leaner and more efficient code, but also enable the computer systems to achieve better 'vertical' application-application isolation, reduced attack surface, and enhanced diversity. In this proposed project, we aim to build infrastructure and technologies for software customization, especially for libraries at binary code level. Upon completion of the project, we will have a set of new capabilities to achieve better isolation, less sharing, and less dependencies between code, and to implicitly diversify software.

StatusActive
Effective start/end date3/1/16 → …

Funding

  • U.S. Navy: $504,930.00

Fingerprint

Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.