DamGate: Dynamic Adaptive Multi-feature Gating in Program Binaries
作者: Yurong Chen , Tian Lan , Guru Venkataramani
关键词: Control reconfiguration 、 Overhead (computing) 、 Security policy 、 Personalization 、 Software system 、 Executable 、 Feature creep 、 Engineering 、 Feature (computer vision) 、 Real-time computing 、 Distributed computing
摘要: Feature creep has emerged as a serious threat due to the growing number of utilities and capabilities crammed into modern software systems. While feature elimination de-bloating techniques can produce slimmer executables, complete all unnecessary or unwanted features is often not possible, only tight coupling feature-related functions/codes, but also because usefulness/necessity program difficult determine statically vary during runtime. This paper presents DamGate, framework for dynamic customization, allowing vigilant management at runtime prevent violation privacy security policies. At heart this technique selective placement checker functions(known gates) feature-constituent functions that need be protected. Through execution gating validation on fly, DamGate provides differentiated control policy enables flexible reconfiguration. The proposed prototyped evaluated using LibreOffice, large-scale office suit. evaluation results show it achieve desired customization with negligible overhead.
sci-hub.se 参考文章(41)
Maverick Woo, David Brumley, Tiffany Bao, Rafael Turner, Jonathan Burket, BYTEWEIGHT: learning to recognize functions in binary code usenix security symposium. pp. 845- 860 ,(2014)
Greg Morrisett, Stephen McCamant, Evaluating SFI for a CISC architecture usenix security symposium. pp. 15- ,(2006)
Gogul Balakrishnan, Radu Gruian, Thomas Reps, Tim Teitelbaum, CodeSurfer/x86—A Platform for Analyzing x86 Executables Lecture Notes in Computer Science. pp. 250- 254 ,(2005) , 10.1007/978-3-540-31985-6_19
Mingwei Zhang, R. Sekar, Control flow integrity for COTS binaries usenix security symposium. pp. 337- 352 ,(2013)
Guoqing Xu, Nick Mitchell, Matthew Arnold, Atanas Rountev, Gary Sevitsky, None, Software bloat analysis: finding, removing, and preventing performance problems in modern large-scale object-oriented applications international conference on software engineering. pp. 421- 426 ,(2010) , 10.1145/1882362.1882448
Fan Yao, Jie Chen, Guru Venkataramani, JOP-alarm: Detecting jump-oriented programming-based anomalies in applications international conference on computer design. pp. 467- 470 ,(2013) , 10.1109/ICCD.2013.6657084
Ben Niu, Gang Tan, Modular control-flow integrity programming language design and implementation. ,vol. 49, pp. 577- 587 ,(2014) , 10.1145/2594291.2594295
Harish Patil, Cristiano Pereira, Mack Stallcup, Gregory Lueck, James Cownie, PinPlay: a framework for deterministic replay and reproducible analysis of parallel programs symposium on code generation and optimization. pp. 2- 11 ,(2010) , 10.1145/1772954.1772958
Rohit Jalan, Arun Kejariwal, Trin-Trin: Who's Calling? A Pin-Based Dynamic Call Graph Extraction Framework International Journal of Parallel Programming. ,vol. 40, pp. 410- 442 ,(2012) , 10.1007/S10766-012-0193-X
Isaac Evans, Fan Long, Ulziibayar Otgonbaatar, Howard Shrobe, Martin Rinard, Hamed Okhravi, Stelios Sidiroglou-Douskos, Control Jujutsu: On the Weaknesses of Fine-Grained Control Flow Integrity computer and communications security. pp. 901- 913 ,(2015) , 10.1145/2810103.2813646