TY - GEN
T1 - A binary analysis approach to retrofit security in input parsing routines
AU - Menon, Jayakrishna
AU - Hauser, Christophe
AU - Shoshitaishvili, Yan
AU - Schwab, Stephen
PY - 2018/8/2
Y1 - 2018/8/2
N2 - In spite of numerous attempts to mitigate memory corruption vulnerabilities in low-level code over the years, those remain the most common vector of software exploitation today. A common cause of such vulnerabilities is the presence of errors in string manipulation, which are often found in input parsers, where the format of input data is verified and eventually converted into an internal program representation. This process, if done manually in an ad-hoc manner, is error prone and easily leads to unsafe and potentially exploitable behavior. While principled approaches to input validation exist, such as those based on parser generators (e.g., Lex [20] and Ragel [28]), these require a formalization of the input grammar, which is not always a straightforward process and tends to dissuade programmers. As a result, a large portion of input parsing routines as found in commodity software is still implemented in an ad-hoc way, causing numerous security issues. We propose to address this problem from a post-development perspective, by targeting software presenting security risks in opaque, closed-source environments where software components have already been deployed and integrated, and where re-implementation is not an option (e.g., as part of an embedded device's proprietary firmware). Our system is able to effectively detect vulnerability patterns in binary software and to retrofit security mechanisms preventing exploitation. In a semi-automated setting, it was able to discover an unknown security bug.
AB - In spite of numerous attempts to mitigate memory corruption vulnerabilities in low-level code over the years, those remain the most common vector of software exploitation today. A common cause of such vulnerabilities is the presence of errors in string manipulation, which are often found in input parsers, where the format of input data is verified and eventually converted into an internal program representation. This process, if done manually in an ad-hoc manner, is error prone and easily leads to unsafe and potentially exploitable behavior. While principled approaches to input validation exist, such as those based on parser generators (e.g., Lex [20] and Ragel [28]), these require a formalization of the input grammar, which is not always a straightforward process and tends to dissuade programmers. As a result, a large portion of input parsing routines as found in commodity software is still implemented in an ad-hoc way, causing numerous security issues. We propose to address this problem from a post-development perspective, by targeting software presenting security risks in opaque, closed-source environments where software components have already been deployed and integrated, and where re-implementation is not an option (e.g., as part of an embedded device's proprietary firmware). Our system is able to effectively detect vulnerability patterns in binary software and to retrofit security mechanisms preventing exploitation. In a semi-automated setting, it was able to discover an unknown security bug.
UR - http://www.scopus.com/inward/record.url?scp=85052203699&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85052203699&partnerID=8YFLogxK
U2 - 10.1109/SPW.2018.00049
DO - 10.1109/SPW.2018.00049
M3 - Conference contribution
AN - SCOPUS:85052203699
SN - 9780769563497
T3 - Proceedings - 2018 IEEE Symposium on Security and Privacy Workshops, SPW 2018
SP - 306
EP - 322
BT - Proceedings - 2018 IEEE Symposium on Security and Privacy Workshops, SPW 2018
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2018 IEEE Symposium on Security and Privacy Workshops, SPW 2018
Y2 - 24 May 2018
ER -