Abstract
To quickly patch security vulnerabilities there has been keen interest in securing binaries in situ. Unfortunately, the state of the art in static binary rewriting does not allow the transformed program to be both space and time efficient. A primary limitation is that leading static rewriters require that the original copy of the code remains in the transformed binary, thereby incurring file size overhead of at least 100%. This paper presents Zipr, a static binary rewriter that removes this limitation and enables both space and time efficient transformation of arbitrary binaries. We describe results from applying Zipr in the DARPA Cyber Grand Challenge (CGC), the first fully automated cyber-hacking contest. The CGC rules penalized competitors for producing a patched binary whose on-disk size was 20% larger than the original, whose CPU utilization was 5% more than the original, and whose memory use was 5% more than the original. Zipr’s efficiency enabled our automated system, Xandra, to apply both code diversity and control flow integrity security techniques to secure challenge binaries provided by DARPA, resulting in Xandra having the best security score in the competition, remaining within the required space and time performance envelope, and winning a $1M cash prize.
Jason D. Hiser
Principal Scientist
Anh Nguyen-Tuong
Principal Scientist
Jack W. Davidson
Professor of Computer Science
Jack Davidson is an ACM and IEEE Fellow. His research interests include compilers, programming languages, computer architecture, embedded systems, and computer security. His current research interests are focused on the areas of computer security, run-time management of applications running on multi-core systems, and computer science education.