skip to main content
10.1145/3141235.3141240acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article
Public Access

Zipr++: Exceptional Binary Rewriting

Published: 03 November 2017 Publication History

Abstract

Current software development methodologies and practices, while enabling the production of large complex software systems, can have a serious negative impact on software quality. These negative impacts include excessive and unnecessary software complexity, higher probability of software vulnerabilities, diminished execution performance in both time and space, and the inability to easily and rapidly deploy even minor updates to deployed software, to name a few. Consequently, there has been growing interest in the capability to do late-stage software (i.e., at the binary level) manipulation to address these negative impacts. Unfortunately, highly robust, late-stage manipulation of arbitrary binaries is difficult due to complex implementation techniques and the corresponding software structures. Indeed, many binary rewriters have limitations that constrain their use. For example, to the best of our knowledge, no binary rewriters handle applications that include and use exception handlers-a feature used in programming languages such as C++, Ada, Common Lisp, ML, to name a few.
This paper describes how Zipr, an efficient binary rewriter, manipulates applications with exception handlers and tables which are required for unwinding the stack. While the technique should be applicable to other binary rewriters, it is particularly useful for Zipr because the recovery of the IR exposed in exception handling tables significantly improves the runtime performance of Zipr'ed binaries-average performance overhead on the full SPEC CPU2006 benchmark is reduced from 15% to 3%.

References

[1]
[n. d.]. The DWARF Debugging Standard. ([n. d.]). http://www.dwarfstd.org
[2]
AdaCore. 2017. AWS Ada Web Server. (2017). http://libre.adacore.com/tools/aws/
[3]
Kapil Anand, Matthew Smithson, Khaled Elwazeer, Aparna Kotha, Jim Gruen, Nathan Giles, and Rajeev Barua. 2013. A compiler-level intermediate representation based binary analysis and rewriting system. In Proceedings of the 8th ACM European Conference on Computer Systems - EuroSys '13. ACM Press, New York, New York, USA, 295. https://doi.org/10.1145/2465351.2465380
[4]
Mahmoud Elnaggar, Jason Hiser, Tony Lin, Anh Nguyen-Tuong, Michele Co, Jack Davidson, and Nicola Bezzo. 2017. Online Control Adaptation for Safe and Secure Autonomous Vehicle Operations. In NASA/ESA Conference on Adaptive Hardware and Systems.
[5]
William H. Hawkins, Michele Co, Jason D. Hiser, Anh Nguyen-Tuong, and Jack W. Davidson. 2017. Zipr: Efficient Static Binary Rewriting for Security. In The 47th IEEE/IFIP International Conference on Dependable Systems and Networks.
[6]
William H. Hawkins, Jason D. Hiser, and Jack W. Davidson. 2016. Dynamic Canary Randomization for Improved Software Security. In Proceedings of the 11th Annual Cyber and Information Security Research Conference on - CISRC '16. ACM Press, New York, New York, USA, 1--7. https://doi.org/10.1145/2897795.2897803
[7]
Michael A. Laurenzano, Mustafa M. Tikir, Laura Carrington, and Allan Snavely. 2010. PEBIL: Efficient static binary instrumentation for Linux. In 2010 IEEE International Symposium on Performance Analysis of Systems & Software (ISPASS). IEEE, 175--183. https://doi.org/10.1109/ISPASS.2010.5452024
[8]
Benjamin D. Rodes, Anh Nguyen-Tuong, Jason D. Hiser, John C. Knight, Michele Co, and Jack W. Davidson. 2013. Defense against Stack-Based Attacks Using Speculative Stack Layout Transformation. Springer Berlin Heidelberg, Berlin, Heidelberg, 308--313. https://doi.org/10.1007/978-3-642-35632-2_29
[9]
Ted Romer, Geoff Voelker, Dennis Lee, Alec Wolman, Wayne Wong, Hank Levy, Brian Bershad, and Brad Chen. 1997. Instrumentation and Optimization of Win32/Intel Executables Using Etch. In Proceedings of the USENIX Windows NT Workshop (NT'97). USENIX Association, Berkeley, CA, USA, 1--1. http://dl.acm.org/citation.cfm?id=1267658.1267659
[10]
Amitabh Srivastava, Alan Eustace, Amitabh Srivastava, and Alan Eustace. 1994. ATOM: A System for Building Customized Program Analysis Tools. In Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation - PLDI '94, Vol. 29. ACM Press, New York, New York, USA, 196--205. https://doi.org/10.1145/178243.178260
[11]
Standard Performance Evaluation Corporation. 2006. SPEC CPU2006 Benchmarks. (2006). http://www.spec.org/osg/cpu2006.
[12]
Ian Lance Taylor. 2011. Airs - Ian Lance Taylor. (2011). http://www.airs.com/blog/archives/460
[13]
L. Van Put, D. Chanet, B. De Bus, B. De Sutter, and K. De Bosschere. 2005. DIABLO: a reliable, retargetable and extensible link-time rewriting framework. In Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, 2005. IEEE, 7--12. https://doi.org/10.1109/ISSPIT.2005.1577061
[14]
Mike Walker. 2015. Machine vs. Machine: Lessons from the First Year of Cyber Grand Challenge | USENIX. (2015). https://www.usenix.org/node/190798
[15]
Ruoyu Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, and Giovanni Vigna. [n. d.]. Ramblr: Making Reassembly Great Again. ([n. d.]). https://doi.org/10.14722/ndss.2017.23225
[16]
Shuai Wang, Pei Wang, and Dinghao Wu. 2015. Reassembleable Disassembling. In 24th USENIX Security Symposium (USENIX Security 15). USENIX Association, Washington, D.C., 627--642. https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/wang-shuai
[17]
Shuai Wang, Pei Wang, and Dinghao Wu. 2016. UROBOROS: Instrumenting Stripped Binaries with Static Reassembling. In 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER). IEEE, 236--247. https://doi.org/10.1109/SANER.2016.106
[18]
Richard Wartell, Vishwath Mohan, Kevin W. Hamlen, and Zhiqiang Lin. 2012. Binary Stirring: Self-randomizing Instruction Addresses of Legacy x86 Binary Code. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS '12). ACM, New York, NY, USA, 157--168. https://doi.org/10.1145/2382196.2382216
[19]
Richard Wartell, Vishwath Mohan, Kevin W. Hamlen, and Zhiqiang Lin. 2012. Securing Untrusted Code via Compiler-agnostic Binary Rewriting. In Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC '12). ACM, New York, NY, USA, 299--308. https://doi.org/10.1145/2420950.2420995
[20]
Mingwei Zhang, Rui Qiao, Niranjan Hasabnis, R. Sekar, Mingwei Zhang, Rui Qiao, Niranjan Hasabnis, and R. Sekar. 2014. A platform for secure static binary instrumentation. ACM SIGPLAN Notices 49, 7 (sep 2014), 129--140. https://doi.org/10.1145/2674025.2576208

Cited By

View all
  • (2022)START: A Framework for Trusted and Resilient Autonomous Vehicles (Practical Experience Report)2022 IEEE 33rd International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE55969.2022.00018(73-84)Online publication date: Oct-2022
  • (2022)Update with careJournal of Systems and Software10.1016/j.jss.2022.111381191:COnline publication date: 1-Sep-2022
  • (2021)Verification of Functional Correctness of Code Diversification TechniquesNASA Formal Methods10.1007/978-3-030-76384-8_11(160-179)Online publication date: 19-May-2021
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
FEAST '17: Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation
November 2017
78 pages
ISBN:9781450353953
DOI:10.1145/3141235
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2017

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. binary rewriter
  2. binary rewriting
  3. exception handling
  4. security
  5. static rewriting

Qualifiers

  • Research-article

Funding Sources

Conference

CCS '17
Sponsor:

Acceptance Rates

Overall Acceptance Rate 4 of 4 submissions, 100%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)197
  • Downloads (Last 6 weeks)30
Reflects downloads up to 14 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2022)START: A Framework for Trusted and Resilient Autonomous Vehicles (Practical Experience Report)2022 IEEE 33rd International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE55969.2022.00018(73-84)Online publication date: Oct-2022
  • (2022)Update with careJournal of Systems and Software10.1016/j.jss.2022.111381191:COnline publication date: 1-Sep-2022
  • (2021)Verification of Functional Correctness of Code Diversification TechniquesNASA Formal Methods10.1007/978-3-030-76384-8_11(160-179)Online publication date: 19-May-2021
  • (2020)On the Impact of Exception Handling Compatibility on Binary InstrumentationProceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation10.1145/3411502.3418428(23-28)Online publication date: 13-Nov-2020
  • (2020)Binary Quilting to Generate Patched Executables without CompilationProceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation10.1145/3411502.3418424(3-8)Online publication date: 13-Nov-2020
  • (2019)From Hack to Elaborate Technique—A Survey on Binary RewritingACM Computing Surveys10.1145/331641552:3(1-37)Online publication date: 18-Jun-2019
  • (2019)Automatically Patching Vulnerabilities of Binary Programs via Code Transfer From Correct VersionsIEEE Access10.1109/ACCESS.2019.29019517(28170-28184)Online publication date: 2019
  • (2018)A Vision for Enhancing Security of Cryptography in ExecutablesEngineering Secure Software and Systems10.1007/978-3-319-94496-8_1(1-8)Online publication date: 20-Jun-2018

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media