Compilation and binary editing for performance and security
作者: Jeffrey K. Hollingsworth , Tugrul Ince
DOI:
关键词:
摘要: Traditionally, execution of a program follows straight and inflexible path starting from source code, extending through compiled executable file on disk, culminating in an image memory. This dissertation enables more flexible programs new compilation mechanisms binary editing techniques. To assist analysis functions binaries, mechanism generates data representing control flow graphs each function. These allow tools to identify the boundaries basic blocks types edges between them without examining individual instructions. A similar is used create individually relocatable that can be relocated anywhere memory at runtime simplify instrumentation. The concept generating components also applied function-level granularity. Through link-time function relocation, unused shared libraries are moved section not loaded into runtime, reducing footprint these libraries. Moreover, relocation extended where continuously random addresses thwart system intrusion attacks. techniques presented above result 74% reduction parsing times as well 85% code segment libraries, while simplifying instrumentation code. provide way make return-oriented programming attacks virtually impossible succeed.
参考文章(36)
Bart Demoen, Bruno De Bus, Bjorn De Sutter, Koenraad De Bosschere, P. Keyngnaert, On the static analysis of indirect control transfers in binaries parallel and distributed processing techniques and applications. ,vol. 2, pp. 1013- 1019 ,(2000)
Zhiqiang Lin, Ryan D. Riley, Dongyan Xu, Polymorphing Software by Randomizing Data Structure Layout Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 107- 126 ,(2009) , 10.1007/978-3-642-02918-9_7
Fredrik Valeur, Christopher Kruegel, Giovanni Vigna, William Robertson, Static disassembly of obfuscated binaries usenix security symposium. pp. 18- 18 ,(2004)
Ron Brightwell, Suzanne M. Kelly, Software Architecture of the Light Weight Kernel, Catamount ,(2005)
Sandeep Bhatkar, R. Sekar, Data Space Randomization international conference on detection of intrusions and malware and vulnerability assessment. pp. 1- 22 ,(2008) , 10.1007/978-3-540-70542-0_1
Raghavan Komondoor, Susan Horwitz, Using Slicing to Identify Duplication in Source Code static analysis symposium. pp. 40- 56 ,(2001) , 10.1007/3-540-47764-0_3
Najwa Aaraj, Anand Raghunathan, Niraj K. Jha, Dynamic Binary Instrumentation-Based Framework for Malware Defense international conference on detection of intrusions and malware and vulnerability assessment. pp. 64- 87 ,(2008) , 10.1007/978-3-540-70542-0_4
Edgar Gabriel, Graham E. Fagg, George Bosilca, Thara Angskun, Jack J. Dongarra, Jeffrey M. Squyres, Vishal Sahay, Prabhanjan Kambadur, Brian Barrett, Andrew Lumsdaine, Ralph H. Castain, David J. Daniel, Richard L. Graham, Timothy S. Woodall, Open MPI: Goals, Concept, and Design of a Next Generation MPI Implementation Lecture Notes in Computer Science. pp. 97- 104 ,(2004) , 10.1007/978-3-540-30218-6_19
Steve Mansfield-Devine, Android malware and mitigations Network Security. ,vol. 2012, pp. 12- 20 ,(2012) , 10.1016/S1353-4858(12)70104-6
Saumya K. Debray, William Evans, Robert Muth, Bjorn De Sutter, Compiler techniques for code compaction ACM Transactions on Programming Languages and Systems. ,vol. 22, pp. 378- 415 ,(2000) , 10.1145/349214.349233