Zhen Huang (Pennsylvania State University), Gang Tan (Pennsylvania State University)

The existence of pre-patch windows allows adversaries to exploit vulnerabilities before they are patched. Prior work has proposed to harden programs with security workarounds to enable users to mitigate vulnerabilities before a patch is available. However, it requires access to the source code of the programs. This paper introduces RVM, an approach to automatically hardening binary code with security workarounds. RVM statically analyzes binary code of programs to identify error-handling code in the programs, in order to synthesize security workarounds. We designed and implemented a prototype of RVM for Windows and Linux binaries. We evaluate the coverage and performance of RVM on binaries of popular Windows and Linux applications containing real-world vulnerabilities.

View More Papers

The hard things about analyzing 1’s and 0’s...

Dr. David Brumley, Carnegie Mellon University - ForAllSecure

Read More

Sn4ke: Practical Mutation Analysis of Tests at Binary Level

Mohsen Ahmadi (Arizona State University), Pantea Kiaei (Worcester Polytechnic Institute), Navid Emamdoost (University of Minnesota)

Read More

B2R2: Building an Efficient Front-End for Binary Analysis

Minkyu Jung (KAIST), Soomin Kim (KAIST), HyungSeok Han (KAIST), Jaeseung Choi (KAIST), Sang Kil Cha (KAIST)

Read More

Binary Code Patching: An Ancient Art Refined for the...

Dr. Barton P. Miller (Vilas Distinguished Achievement Professor at The University of Wisconsin-Madison)

Read More