Legacy binaries need to continue functioning even when no source code has been preserved, to support the workflows of government and industry. The binaries often lack recent improvements in compiler design and software engineering practices, causing them to be slower and less secure than modern binaries. Binary rewriting seeks to patch, optimize, instrument, or harden binaries to bridge this gap, but existing practice is limited by the underlying static analysis. We created a framework, BinRec, to use dynamic analysis to lift binaries to LLVM IR then recompile them, which overcomes the limitations of static analysis.The protection of software against memory corruption exploits has a rich history, which this thesis both systematizes and exte...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
Buffer overflow vulnerabilities present a common threat. To encounter this issue, operating system s...
Binary code from untrusted sources remains one of the primary vehicles for malicious software attack...
Legacy binaries need to continue functioning even when no source code has been preserved, to support...
Legacy binaries that do not have source code remain a vital part of our software ecosystem. Lifting ...
Compile-time specialization and feature pruning through static binary rewriting have been proposed r...
Binary lifting and recompilation allow a wide range of install-Time program transformations, such as...
Control-Flow Integrity (CFI) has been recognized as an important low-level security property. Its en...
Traditionally, execution of a program follows a straight and inflexible path starting from source co...
Binary code analysis is widely used in many applications, including reverse engineering, software fo...
This study introduces a static binary rewriting method for improving security of executable binaries...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particu...
International audienceThis paper tackles the problem of designing efficient binary-level verificatio...
International audienceThis paper tackles the problem of designing efficient binary-level verificatio...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
Buffer overflow vulnerabilities present a common threat. To encounter this issue, operating system s...
Binary code from untrusted sources remains one of the primary vehicles for malicious software attack...
Legacy binaries need to continue functioning even when no source code has been preserved, to support...
Legacy binaries that do not have source code remain a vital part of our software ecosystem. Lifting ...
Compile-time specialization and feature pruning through static binary rewriting have been proposed r...
Binary lifting and recompilation allow a wide range of install-Time program transformations, such as...
Control-Flow Integrity (CFI) has been recognized as an important low-level security property. Its en...
Traditionally, execution of a program follows a straight and inflexible path starting from source co...
Binary code analysis is widely used in many applications, including reverse engineering, software fo...
This study introduces a static binary rewriting method for improving security of executable binaries...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particu...
International audienceThis paper tackles the problem of designing efficient binary-level verificatio...
International audienceThis paper tackles the problem of designing efficient binary-level verificatio...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
Buffer overflow vulnerabilities present a common threat. To encounter this issue, operating system s...
Binary code from untrusted sources remains one of the primary vehicles for malicious software attack...