Der Gewinner des ISSS Excenllence Awardes, Luca DiBartolomeo, stellt anlässlich eines Webinars seine Master-Thesis vor.
Closed source programs are particularly challenging to audit.
Even on the most popular open-source operating systems, end-users are often required to run third-party binary blobs. On Android, several of these COTS binaries even run at elevated privileges.
Static rewriting offers the ability to retrofit a binary with modern security mitigations that can prevent exploitation of vulnerabilities in COTS binaries.
So far, research on static rewriting has mostly focused on challenges unique to the x86 architecture. However, the prevalence and proliferation of ARM-based devices along with the large amount of personal data (including health data and sensor data) that they process, calls for efficient introspection and analysis capabilities on the ARM platform.
We introduce Retrowrite-ARM, an efficient, precise, heuristic-free static binary rewriter for aarch64 COTS binaries that effectively symbolizes code and enables powerful instrumentation and code modification. Retrowrite-ARM addresses the major challenges in static binary rewriting such as pointer recovery (distinguishing between pointers and scalars) or symbolizing jump tables, enabling arbitrary code modifications.
Our implementation of Retrowrite-ARM is the first static rewriter that precisely and efficiently rewrites complex software such as obfuscated binaries, without the use of ad-hoc solutions or brittle heuristics. In our benchmarks, our instrumentation achieves more than twice the fuzzing speed of closed source aarch64 binaries compared to the state-of-the-art solution.