research-article

RL-Bin, Robust Low-overhead Binary Rewriter

Authors:

Amir Majlesi-Kupaei,

Khaled ElWazeer,

Rajeev BaruaAuthors Info & Claims

FEAST '17: Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation

Pages 17 - 22

https://doi.org/10.1145/3141235.3141245

Published: 03 November 2017 Publication History

Abstract

Binary rewriters are used to ensure security properties or optimize and reduce runtime of existing binary applications. Existing binary rewriters are either static or dynamic, and both have severe shortcomings. Existing static rewriters have low overhead, but cannot rewrite correctly for all binaries. Existing dynamic rewriters are robust, but have high overhead - for example, for a subset of SPEC'06 benchmarks we measured, their overhead is 1.59X for PIN and 1.32X for DynamoRIO. Because of this high overhead, they are limited to off line testing, and cannot be used in deployment.

We have built the first binary rewriter called RL-Bin which can rewrite all binaries correctly, but has low overhead (averaging 1.09X for our programs.) This makes it practical for continuous use in deployed software for the first time. This paper represents an early snapshot of on-going research, and we hope to bring this overhead down even further in the future. We have also shown how RL-Bin can be used to enforce CFI, a security mechanism.

References

[1]

Martín Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti. 2005. Control-flow integrity. In Proceedings of the 12th ACM conference on Computer and communications security. ACM, 340--353.

Digital Library

[2]

Martín Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti. 2005. A theory of secure control flow. In International Conference on Formal Engineering Methods. Springer, 111--124.

Digital Library

[3]

Kapil Anand, Matthew Smithson, Khaled Elwazeer, Aparna Kotha, Jim Gruen, Nathan Giles, and Rajeev Barua. 2013. A compiler-level intermediate representation based binary analysis and rewriting system Proceedings of the 8th ACM European Conference on Computer Systems. ACM, 295--308.

[4]

Stephen W Boyd, Gaurav S Kc, Michael E Locasto, Angelos D Keromytis, and Vassilis Prevelakis. 2010. On the general applicability of instruction-set randomization. IEEE Transactions on Dependable and Secure Computing, Vol. 7, 3 (2010), 255--270.

Digital Library

[5]

Derek L. Bruening. 2004. Efficient, transparent, and comprehensive runtime code manipulation. Ph.D. Dissertation. Massachusetts Institute of Technology.

[6]

Crispan Cowan, Calton Pu, Dave Maier, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, Qian Zhang, and Heather Hinton. 1998. Stackguard: automatic adaptive detection and prevention of buffer-overflow attacks. Usenix Security, Vol. Vol. 98. 63--78.

Digital Library

[7]

Andrew Edwards, Hoi Vo, and Amitabh Srivastava. 2001. Vulcan binary transformation in a distributed environment. (2001).

[8]

Alan Eustace and Amitabh Srivastava. 1995. ATOM: A flexible interface for building high performance program analysis tools Proceedings of the USENIX 1995 Technical Conference Proceedings. USENIX Association, 25--25.

[9]

SA Hex-Rays. 2008. IDA pro disassembler. (2008).

[10]

Vladimir Kiriansky, Derek Bruening, Saman P. Amarasinghe, et al. 2002. Secure Execution via Program Shepherding. In USENIX Security Symposium, Vol. Vol. 92. 84.

[11]

Michael A. Laurenzano, Mustafa M. Tikir, Laura Carrington, and Allan Snavely. 2010. Pebil: Efficient static binary instrumentation for linux Performance Analysis of Systems & Software (ISPASS), 2010 IEEE International Symposium on. IEEE, 175--183.

[12]

Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, Geoff Lowney, Steven Wallace, Vijay Janapa Reddi, and Kim Hazelwood. 2005. Pin: building customized program analysis tools with dynamic instrumentation Acm sigplan notices, Vol. Vol. 40. ACM, 190--200.

Digital Library

[13]

Ben Niu and Gang Tan. 2014. Modular control-flow integrity. ACM SIGPLAN Notices, Vol. 49, 6 (2014), 577--587.

Digital Library

[14]

Pádraig O'Sullivan, Kapil Anand, Aparna Kotha, Matthew Smithson, Rajeev Barua, and Angelos D. Keromytis. 2011. Retrofitting security in cots software with binary rewriting IFIP International Information Security Conference. Springer, 154--172.

[15]

Mathias Payer, Antonio Barresi, and Thomas R. Gross. 2015. Fine-grained control-flow integrity through binary hardening International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, 144--164.

[16]

Benjamin Schwarz, Saumya Debray, Gregory Andrews, and Matthew Legendre. 2001. Plto: A link-time optimizer for the Intel IA-32 architecture Proc. 2001 Workshop on Binary Translation (WBT-2001). Citeseer.

[17]

Matthew Smithson, Kapil Anand, Aparna Kotha, Khaled Elwazeer, Nathan Giles, and Rajeev Barua. 2010. Binary rewriting without relocation information. University of Maryland, Tech. Rep (2010).

[18]

Matthew Smithson, Khaled ElWazeer, Kapil Anand, Aparna Kotha, and Rajeev Barua. 2013. Static binary rewriting without supplemental information: Overcoming the tradeoff between coverage and correctness. In Reverse Engineering (WCRE), 2013 20th Working Conference on. IEEE, 52--61.

[19]

Ludo Van Put, Dominique Chanet, Bruno De Bus, Bjorn De Sutter, and Koen De Bosschere. 2005. Diablo: a reliable, retargetable and extensible link-time rewriting framework Signal Processing and Information Technology, 2005. Proceedings of the Fifth IEEE International Symposium on. IEEE, 7--12.

[20]

Zhi Wang and Xuxian Jiang. 2010. Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity. In Security and Privacy (SP), 2010 IEEE Symposium on. IEEE, 380--395.

Digital Library

[21]

Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Laszlo Szekeres, Stephen McCamant, Dawn Song, and Wei Zou. 2013. Practical control flow integrity and randomization for binary executables Security and Privacy (SP), 2013 IEEE Symposium on. IEEE, 559--573.

Cited By

Arras PAndronidis APina LMituzas KShu QGrumberg DCadar C(2022)SaBRe: load-time selective binary rewritingInternational Journal on Software Tools for Technology Transfer10.1007/s10009-021-00644-w24:2(205-223)Online publication date: 21-Jan-2022
https://doi.org/10.1007/s10009-021-00644-w
Wenzl MMerzdovnik GUllrich JWeippl E(2019)From Hack to Elaborate Technique—A Survey on Binary RewritingACM Computing Surveys10.1145/331641552:3(1-37)Online publication date: 18-Jun-2019
https://dl.acm.org/doi/10.1145/3316415
Brechelmacher OKrenn WTarrach T(2018)A Vision for Enhancing Security of Cryptography in ExecutablesEngineering Secure Software and Systems10.1007/978-3-319-94496-8_1(1-8)Online publication date: 20-Jun-2018
https://doi.org/10.1007/978-3-319-94496-8_1

Index Terms

RL-Bin, Robust Low-overhead Binary Rewriter
1. Security and privacy
  1. Software and application security
    1. Software security engineering

Recommendations

Hybrid binary rewriting for memory access instrumentation
VEE '11: Proceedings of the 7th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments

Memory access instrumentation is fundamental to many applications such as software transactional memory systems, profiling tools and race detectors. We examine the problem of efficiently instrumenting memory accesses in x86 machine code to support ...
Anywhere, any-time binary instrumentation
PASTE '11: Proceedings of the 10th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools

The Dyninst binary instrumentation and analysis framework distinguishes itself from other binary instrumentation tools through its abstract, machine independent interface; its emphasis on anywhere, any-time binary instrumentation; and its low overhead ...
Hybrid binary rewriting for memory access instrumentation
VEE '11

Memory access instrumentation is fundamental to many applications such as software transactional memory systems, profiling tools and race detectors. We examine the problem of efficiently instrumenting memory accesses in x86 machine code to support ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

FEAST '17: Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation

November 2017

78 pages

ISBN:9781450353953

DOI:10.1145/3141235

General Chairs:
Taesoo Kim
Georgia Tech, USA
,
Cliff Wang
Army Research Office, USA
,
Program Chairs:
Taesoo Kim
Georgia Tech, USA
,
Dinghao Wu
Penn State University, USA

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '17

Sponsor:

SIGSAC

CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security

November 3, 2017

Texas, Dallas, USA

Acceptance Rates

Overall Acceptance Rate 4 of 4 submissions, 100%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
142
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 17 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Arras PAndronidis APina LMituzas KShu QGrumberg DCadar C(2022)SaBRe: load-time selective binary rewritingInternational Journal on Software Tools for Technology Transfer10.1007/s10009-021-00644-w24:2(205-223)Online publication date: 21-Jan-2022
https://doi.org/10.1007/s10009-021-00644-w
Wenzl MMerzdovnik GUllrich JWeippl E(2019)From Hack to Elaborate Technique—A Survey on Binary RewritingACM Computing Surveys10.1145/331641552:3(1-37)Online publication date: 18-Jun-2019
https://dl.acm.org/doi/10.1145/3316415
Brechelmacher OKrenn WTarrach T(2018)A Vision for Enhancing Security of Cryptography in ExecutablesEngineering Secure Software and Systems10.1007/978-3-319-94496-8_1(1-8)Online publication date: 20-Jun-2018
https://doi.org/10.1007/978-3-319-94496-8_1

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents