Title: FINDING AND REMEDYING HIGH-LEVEL SECURITY ISSUES IN BINARY CODE

David Dewey

School of Computer Science

College of Computing

Georgia Institute of Technology

Date: Monday, August 10, 2015

Time: 11:00am - 1:00pm EDT

Location: Klaus 3126 (GTISC war room)

Committee:

Dr. Patrick Traynor (Advisor, School of Computer Science, Georgia Tech) Dr. Mustaque Ahamad (School of Computer Science, Georgia Tech) Dr. Sasha Boldyreva (School of Computer Science, Georgia Tech) Dr. William Harris (School of Computer Science, Georgia Tech) Dr. Jonathon Giffin (Senior Software Engineering, Fortify Software, an HP Company)

Abstract:

C++ and Microsoft's Component Object Model (COM) are examples of a

C++ high-level language

and development framework that were built on top of the lower-level, primitive language, C. C was never designed to support concepts like object orientation, type enforcement, and language independence. Further, these languages and frameworks are designed to compile and run directly on the processor where these concepts are also not supported. Other high-level languages that do support these concepts make use of a runtime or virtual machine to create a computing model to suit their needs. By forcing these high-level concepts into a primitive computing model, many security issues have been introduced. Existing binarylevel security analysis tools and runtime enforcement frameworks operate at the lowest level of context. As such, they struggle to detect and remedy higher-level security issues. In this dissertation, a framework for elevating the context of binary code is presented. By bringing the context for analysis closer to where these security issues are introduced, this framework allows for higher-level analyses and enforcement frameworks to be developed.