Barua wins NSF grant for new binary rewriter

news story image

Associate Professor Rajeev Barua is the principal investigator for a three-year, $349,059 National Science Foundation Computer Systems Research award, “Binary rewriting without relocation information.”

Binary executables and binary rewriters
A binary executable program is a program in machine (binary) code. Although people write programs in high-level computer languages such as C++ or Java, computers don’t—in fact cannot—directly run those programs. Because computers only can run programs written in binary code (1's and 0's only), software developers use translation programs called “compilers” to change their high-level language programs into binary code. The resulting programs are called "binary executables” because they are written in binary code and now can be executed (run) by computers.

Traditionally, the binary executable is not transformed any further; rather it is simply run on the computer. Barua’s research observes that there is an opportunity to do better. The binary executable can be rewritten and improved in various ways, for example, to have a faster run-time speed, lower energy or memory use, better reliability or more secure execution. Programs that do this are called binary rewriters.

As an example, a binary rewriter can insert security checks into the program that would thwart malicious software attacks. A denial-of-service attack may run a legitimate program with inputs that cause it to allocate too much memory, thereby crashing the system. A binary rewriter Barua has developed can rewrite programs automatically to ensure that they obey memory quotas. If a rewritten program then tries to allocate too much memory, it will be gracefully terminated, rather than crashing the whole system with it.

Other security applications could involve rewriting programs to prevent sensitive information such as personal or financial information from being accessed on one's computer without permission. Barua’s rewriter inserts code that simultaneously protects against all such attacks.

Barua’s new research
Binary rewriters have a severe limitation—they are unable to rewrite binary executables that have no relocation information. Because virtually all commercial binary executables lack relocation information, they cannot be rewritten by existing rewriters. The ability to get around this issue is critical to making binary rewriting technology applicable in practice.

The NSF funding will allow Barua to develop a binary rewriter that can be used to statically transform binary code that lacks relocation information and to do so without the overhead of dynamic binary rewriting.

One of the most challenging problems in trying to rewrite binaries without relocation information is that it becomes hard to distinguish code from data; it would break the program to mistake data as code and rewrite it. Barua’s method will use a combination of better analysis to distinguish code from data, and a speculative scheme which allows recovery from incorrect disassembly, and nevertheless ensure correctness.

This research will allow any binary to be rewritten, unleashing innovation and engendering a new class of commercial applications that would boost the productivity and security of computer programs.

Published August 31, 2009