Securing Software at the Binary Level

Date: 
Tuesday, February 21, 2012 - 8:53am

UCSB COMPUTER SCIENCE DEPARTMENT PRESENTS:

Tuesday, March 6, 2012
3:30 – 4:30 PM
Computer Science Conference Room, Harold Frank Hall Rm. 1132

HOST: Giovanni Vigna

SPEAKER: Stephen McCamant
Project Research Scientist, UC Berkeley
.
Title: Securing Software at the Binary Level

Abstract:

Analyzing software at the binary (machine code) level can improve
accuracy and provide language-independence, but a lack of source-level
structure also makes analysis more challenging. Binary code analysis is
especially needed in the security context, since neither malware nor
vulnerable commercial software typically comes with source code. In this
talk I’ll describe three application areas in which program analysis
techniques can make our software systems more secure, and in which the
binary-level perspective is fruitful. First I’ll show how to transform
programs at the instruction level to enforce a security (module
isolation) policy, such as for a web-browser plugin. Second, I’ll tell
how to measure a program’s adherence to a quantitative information-flow
policy to avoid revealing too much private information. Third, I’ll use
symbolic execution to generate test cases that reveal incorrect behavior
in CPU emulators. I’ll also discuss what I see as some of the most
interesting directions for future applications of binary analysis to
security, including better recovery of structural information.

Bio:

Stephen McCamant is a project (research) scientist at the University of
California, Berkeley, where he works primarily with the BitBlaze group.
His core research focus is the application of program analysis
techniques for software security and correctness. He is especially
interested in binary code analysis and transformation, hybrid
dynamic/static techniques and symbolic execution, information flow/taint
analysis, and applications of decision procedures. He received his Ph.D
from the Massachusetts Institute of Technology in 2008, with a
dissertation on “Quantitative Information-Flow Tracking for Real
Systems”; other projects at MIT included predicting incompatible
software upgrades (an ACM SIGSOFT Distinguished Paper), and
software-based fault isolation (a USENIX Security Best Paper). Earlier
he received the M.S. and B.A. from MIT and UC Berkeley respectively.