SOK

(State of) the Art of War: Offensive Techniques in Binary Analysis

Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Andrew Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Kruegel, Giovanni Vigna

Research output: Chapter in Book/Report/Conference proceedingConference contribution

134 Citations (Scopus)

Abstract

Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level, semantically rich information about data structures and control constructs makes the analysis of program properties harder to scale. However, the importance of binary analysis is on the rise. In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed. In this paper, we present a binary analysis framework that implements a number of analysis techniques that have been proposed in the past. We present a systematized implementation of these techniques, which allows other researchers to compose them and develop new approaches. In addition, the implementation of these techniques in a unifying framework allows for the direct comparison of these apporaches and the identification of their advantages and disadvantages. The evaluation included in this paper is performed using a recent dataset created by DARPA for evaluating the effectiveness of binary vulnerability analysis techniques. Our framework has been open-sourced and is available to the security community.

Original languageEnglish (US)
Title of host publicationProceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages138-157
Number of pages20
ISBN (Electronic)9781509008247
DOIs
StatePublished - Aug 16 2016
Externally publishedYes
Event2016 IEEE Symposium on Security and Privacy, SP 2016 - San Jose, United States
Duration: May 23 2016May 25 2016

Other

Other2016 IEEE Symposium on Security and Privacy, SP 2016
CountryUnited States
CitySan Jose
Period5/23/165/25/16

Fingerprint

Binary codes
Data structures

Keywords

  • attacks and defenses
  • security architectures
  • system security

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Software

Cite this

Shoshitaishvili, Y., Wang, R., Salls, C., Stephens, N., Polino, M., Dutcher, A., ... Vigna, G. (2016). SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis. In Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016 (pp. 138-157). [7546500] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SP.2016.17

SOK : (State of) the Art of War: Offensive Techniques in Binary Analysis. / Shoshitaishvili, Yan; Wang, Ruoyu; Salls, Christopher; Stephens, Nick; Polino, Mario; Dutcher, Andrew; Grosen, John; Feng, Siji; Hauser, Christophe; Kruegel, Christopher; Vigna, Giovanni.

Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016. Institute of Electrical and Electronics Engineers Inc., 2016. p. 138-157 7546500.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Shoshitaishvili, Y, Wang, R, Salls, C, Stephens, N, Polino, M, Dutcher, A, Grosen, J, Feng, S, Hauser, C, Kruegel, C & Vigna, G 2016, SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis. in Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016., 7546500, Institute of Electrical and Electronics Engineers Inc., pp. 138-157, 2016 IEEE Symposium on Security and Privacy, SP 2016, San Jose, United States, 5/23/16. https://doi.org/10.1109/SP.2016.17
Shoshitaishvili Y, Wang R, Salls C, Stephens N, Polino M, Dutcher A et al. SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis. In Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016. Institute of Electrical and Electronics Engineers Inc. 2016. p. 138-157. 7546500 https://doi.org/10.1109/SP.2016.17
Shoshitaishvili, Yan ; Wang, Ruoyu ; Salls, Christopher ; Stephens, Nick ; Polino, Mario ; Dutcher, Andrew ; Grosen, John ; Feng, Siji ; Hauser, Christophe ; Kruegel, Christopher ; Vigna, Giovanni. / SOK : (State of) the Art of War: Offensive Techniques in Binary Analysis. Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 138-157
@inproceedings{44c55c598a8f4c96ac5fb81b81d060f4,
title = "SOK: (State of) the Art of War: Offensive Techniques in Binary Analysis",
abstract = "Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level, semantically rich information about data structures and control constructs makes the analysis of program properties harder to scale. However, the importance of binary analysis is on the rise. In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed. In this paper, we present a binary analysis framework that implements a number of analysis techniques that have been proposed in the past. We present a systematized implementation of these techniques, which allows other researchers to compose them and develop new approaches. In addition, the implementation of these techniques in a unifying framework allows for the direct comparison of these apporaches and the identification of their advantages and disadvantages. The evaluation included in this paper is performed using a recent dataset created by DARPA for evaluating the effectiveness of binary vulnerability analysis techniques. Our framework has been open-sourced and is available to the security community.",
keywords = "attacks and defenses, security architectures, system security",
author = "Yan Shoshitaishvili and Ruoyu Wang and Christopher Salls and Nick Stephens and Mario Polino and Andrew Dutcher and John Grosen and Siji Feng and Christophe Hauser and Christopher Kruegel and Giovanni Vigna",
year = "2016",
month = "8",
day = "16",
doi = "10.1109/SP.2016.17",
language = "English (US)",
pages = "138--157",
booktitle = "Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - SOK

T2 - (State of) the Art of War: Offensive Techniques in Binary Analysis

AU - Shoshitaishvili, Yan

AU - Wang, Ruoyu

AU - Salls, Christopher

AU - Stephens, Nick

AU - Polino, Mario

AU - Dutcher, Andrew

AU - Grosen, John

AU - Feng, Siji

AU - Hauser, Christophe

AU - Kruegel, Christopher

AU - Vigna, Giovanni

PY - 2016/8/16

Y1 - 2016/8/16

N2 - Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level, semantically rich information about data structures and control constructs makes the analysis of program properties harder to scale. However, the importance of binary analysis is on the rise. In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed. In this paper, we present a binary analysis framework that implements a number of analysis techniques that have been proposed in the past. We present a systematized implementation of these techniques, which allows other researchers to compose them and develop new approaches. In addition, the implementation of these techniques in a unifying framework allows for the direct comparison of these apporaches and the identification of their advantages and disadvantages. The evaluation included in this paper is performed using a recent dataset created by DARPA for evaluating the effectiveness of binary vulnerability analysis techniques. Our framework has been open-sourced and is available to the security community.

AB - Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level, semantically rich information about data structures and control constructs makes the analysis of program properties harder to scale. However, the importance of binary analysis is on the rise. In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed. In this paper, we present a binary analysis framework that implements a number of analysis techniques that have been proposed in the past. We present a systematized implementation of these techniques, which allows other researchers to compose them and develop new approaches. In addition, the implementation of these techniques in a unifying framework allows for the direct comparison of these apporaches and the identification of their advantages and disadvantages. The evaluation included in this paper is performed using a recent dataset created by DARPA for evaluating the effectiveness of binary vulnerability analysis techniques. Our framework has been open-sourced and is available to the security community.

KW - attacks and defenses

KW - security architectures

KW - system security

UR - http://www.scopus.com/inward/record.url?scp=84987622050&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84987622050&partnerID=8YFLogxK

U2 - 10.1109/SP.2016.17

DO - 10.1109/SP.2016.17

M3 - Conference contribution

SP - 138

EP - 157

BT - Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -