Binary Analysis for Autonomous Hacking: Invited Abstract

G. Vigna
{"title":"Binary Analysis for Autonomous Hacking: Invited Abstract","authors":"G. Vigna","doi":"10.1145/2897845.2901788","DOIUrl":null,"url":null,"abstract":"Despite the rise of interpreted languages and the World Wide Web, binary analysis has remained the focus of much research in computer security. There are several reasons for this. First, interpreted languages are either interpreted by binary programs or Just-In-Time compiled down to binary code. Second, \"core\" OSconstructs and performance-critical applications are still writtenin languages (usually, C or C++) that compile down to binary code. Third, the rise of the Internet of Things is powered by devices that are, in general, very resource-constrained. Without cycles to waste on interpretation or Just-In-Time compilation, the firmware of these devices tends to be written in languages (again, usually C) that compile to binary. Unfortunately, many of these languages provide few security guarantees, often leading to vulnerabilities. For example, buffer overflows stubbornly remain as one of the most common discovered software flaws despite efforts to develop technologies to mitigate such vulnerabilities. Worse, the wider class of memory corruption vulnerabilities\", the vast majority of which also stem from the use of unsafe languages, make up a substantial portion of the most common vulnerabilities. This problem is not limited to software on general-purpose computing devices: remotely exploitable vulnerabilities have been discovered in devices ranging from smart locks, to pacemakers, to automobiles. However, finding vulnerabilities in binaries and generating patches that fix exploitable flaws is challenging because of the lack of high-level abstractions, such as type information and control ow constructs. Current approaches provide tools to support the manual analysis of binaries, but are far from being completely automated solutions to the vulnerability analysis of binary programs. To foster research in automated binary analysis, in October of 2013, DARPA announced the DARPA Cyber Grand Challenge (CGC). Like DARPA Grand Challenges in other fields (such as robotics and autonomous vehicles), the CGC pits teams from around the world against each other in a competition in which the participants are autonomous systems. During the CGC competition, these systems must identify, exploit, and patch vulnerabilities in binary programs, without any human in the loop. Millions of dollars in prize money were announced: the top 7 teams to complete the CGC Qualifying Event (held in June, 2015) received 750,000 USD, and the top 3 teams in the CGC Final Event (held in August, 2016) will receive 2,000,000 USD, 1,000,000 USD, and 750,000 USD, respectively. The Shellphish hacking team is one of the qualified teams. This talk presents some insights into the field of automated binary analysis exploitation and patching, gained through the participation in the CGC competition. In addition, the talk provides a discussion of the use of competitions to foster both research and education, based on the experience in designing and running a large-scale live security hacking competition (called the iCTF) for the past 13 years.","PeriodicalId":166633,"journal":{"name":"Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security","volume":"66 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2897845.2901788","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Despite the rise of interpreted languages and the World Wide Web, binary analysis has remained the focus of much research in computer security. There are several reasons for this. First, interpreted languages are either interpreted by binary programs or Just-In-Time compiled down to binary code. Second, "core" OSconstructs and performance-critical applications are still writtenin languages (usually, C or C++) that compile down to binary code. Third, the rise of the Internet of Things is powered by devices that are, in general, very resource-constrained. Without cycles to waste on interpretation or Just-In-Time compilation, the firmware of these devices tends to be written in languages (again, usually C) that compile to binary. Unfortunately, many of these languages provide few security guarantees, often leading to vulnerabilities. For example, buffer overflows stubbornly remain as one of the most common discovered software flaws despite efforts to develop technologies to mitigate such vulnerabilities. Worse, the wider class of memory corruption vulnerabilities", the vast majority of which also stem from the use of unsafe languages, make up a substantial portion of the most common vulnerabilities. This problem is not limited to software on general-purpose computing devices: remotely exploitable vulnerabilities have been discovered in devices ranging from smart locks, to pacemakers, to automobiles. However, finding vulnerabilities in binaries and generating patches that fix exploitable flaws is challenging because of the lack of high-level abstractions, such as type information and control ow constructs. Current approaches provide tools to support the manual analysis of binaries, but are far from being completely automated solutions to the vulnerability analysis of binary programs. To foster research in automated binary analysis, in October of 2013, DARPA announced the DARPA Cyber Grand Challenge (CGC). Like DARPA Grand Challenges in other fields (such as robotics and autonomous vehicles), the CGC pits teams from around the world against each other in a competition in which the participants are autonomous systems. During the CGC competition, these systems must identify, exploit, and patch vulnerabilities in binary programs, without any human in the loop. Millions of dollars in prize money were announced: the top 7 teams to complete the CGC Qualifying Event (held in June, 2015) received 750,000 USD, and the top 3 teams in the CGC Final Event (held in August, 2016) will receive 2,000,000 USD, 1,000,000 USD, and 750,000 USD, respectively. The Shellphish hacking team is one of the qualified teams. This talk presents some insights into the field of automated binary analysis exploitation and patching, gained through the participation in the CGC competition. In addition, the talk provides a discussion of the use of competitions to foster both research and education, based on the experience in designing and running a large-scale live security hacking competition (called the iCTF) for the past 13 years.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
自主黑客的二进制分析:特邀摘要
尽管解释语言和万维网的兴起,二进制分析仍然是计算机安全研究的焦点。这有几个原因。首先,解释性语言要么由二进制程序解释,要么被即时编译成二进制代码。其次,“核心”操作系统结构和性能关键型应用程序仍然是用编译成二进制代码的语言(通常是C或c++)编写的。第三,物联网的兴起是由通常资源非常有限的设备驱动的。由于没有在解释或即时编译上浪费周期,这些设备的固件倾向于用编译为二进制的语言(通常是C语言)编写。不幸的是,许多这些语言提供的安全保证很少,经常导致漏洞。例如,缓冲区溢出仍然是最常见的软件缺陷之一,尽管人们努力开发技术来减轻此类漏洞。更糟糕的是,更广泛的“内存损坏漏洞”,其中绝大多数也源于使用不安全语言,构成了最常见漏洞的很大一部分。这个问题并不局限于通用计算设备上的软件:从智能锁、起搏器到汽车等设备中都发现了可远程利用的漏洞。然而,查找二进制文件中的漏洞并生成修补程序以修复可利用的缺陷是具有挑战性的,因为缺乏高级抽象,例如类型信息和控制结构。目前的方法提供了支持手工分析二进制文件的工具,但远远不能完全自动化地解决二进制程序的漏洞分析。为了促进自动化二进制分析的研究,2013年10月,DARPA宣布了DARPA网络大挑战(CGC)。就像DARPA在其他领域(如机器人和自动驾驶汽车)的大挑战一样,CGC让来自世界各地的团队在一个竞赛中相互竞争,参与者是自动系统。在CGC竞赛期间,这些系统必须在没有人参与的情况下识别、利用和修补二进制程序中的漏洞。数百万美元的奖金揭晓:完成2015年6月举行的CGC资格赛的前7名队伍将获得75万美元的奖金,完成2016年8月举行的CGC总决赛的前3名队伍将分别获得200万美元、100万美元和75万美元的奖金。Shellphish黑客团队是合格的团队之一。本演讲将介绍通过参加CGC竞赛而获得的对自动化二进制分析开发和补丁领域的一些见解。此外,讲座还将根据过去13年来设计和运行大型实时安全黑客竞赛(称为iCTF)的经验,讨论如何利用竞赛来促进研究和教育。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Generally Hybrid Proxy Re-Encryption: A Secure Data Sharing among Cryptographic Clouds Hardening OpenStack Cloud Platforms against Compute Node Compromises Data Exfiltration in the Face of CSP Anonymous Identity-Based Broadcast Encryption with Constant Decryption Complexity and Strong Security FLEX: A Flexible Code Authentication Framework for Delegating Mobile App Customization
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1