Award Abstract # 1652790
CAREER: Advanced Trace-Oriented Binary Code Analysis
| NSF Org: |
CNS
Division Of Computer and Network Systems
|
| Recipient: |
THE PENNSYLVANIA STATE UNIVERSITY
|
| Initial Amendment Date:
|
March 21, 2017 |
| Latest Amendment Date:
|
March 25, 2025 |
| Award Number: |
1652790 |
| Award Instrument: |
Continuing Grant |
| Program Manager: |
Selcuk Uluagac
suluagac@nsf.gov
(703)292-4540
CNS
Division Of Computer and Network Systems
CSE
Directorate for Computer and Information Science and Engineering
|
| Start Date: |
April 1, 2017 |
| End Date: |
September 30, 2025 (Estimated) |
| Total Intended Award
Amount: |
$494,703.00 |
| Total Awarded Amount to
Date: |
$509,103.00 |
| Funds Obligated to Date:
|
FY 2017 = $94,413.00
FY 2018 = $96,616.00
FY 2019 = $98,878.00
FY 2020 = $101,202.00
FY 2021 = $103,594.00
FY 2022 = $14,400.00
|
| History of Investigator:
|
-
Dinghao
Wu
(Principal Investigator)
|
| Recipient Sponsored Research
Office: |
Pennsylvania State Univ University Park
201 OLD MAIN
UNIVERSITY PARK
PA
US
16802-1503
(814)865-1372
|
| Sponsor Congressional
District: |
15
|
| Primary Place of
Performance: |
Pennsylvania State Univ University Park
313E IST Building
State College
PA
US
16802-1503
|
Primary Place of
Performance
Congressional District: |
15
|
| Unique Entity Identifier
(UEI): |
NPM2J7MSCF61
|
| Parent UEI: |
|
| NSF Program(s): |
Secure &Trustworthy Cyberspace
|
| Primary Program Source:
|
01002223DB NSF RESEARCH & RELATED ACTIVIT
01001718DB NSF RESEARCH & RELATED ACTIVIT
01001819DB NSF RESEARCH & RELATED ACTIVIT
01001920DB NSF RESEARCH & RELATED ACTIVIT
01002021DB NSF RESEARCH & RELATED ACTIVIT
01002122DB NSF RESEARCH & RELATED ACTIVIT
|
| Program Reference
Code(s): |
025Z,
1045,
7434,
9178,
9251
|
| Program Element Code(s):
|
806000
|
| Award Agency Code: |
4900
|
| Fund Agency Code: |
4900
|
| Assistance Listing
Number(s): |
47.070
|
ABSTRACT
Binary code analysis is very attractive from a security viewpoint. First, in many tasks such as malware analysis, the source code of the program under examination is often absent, and the analysis has to be done on binary code. Second, even the source code is available, binary analysis allows us to reason about the real instructions executed on hardware and avoid the well-known WYSINWYX problem, What You See Is Not What You Execute. Third, some program behaviors, such as cache access patterns, are only exhibited in the low-level code. On the other hand, binary code analysis is faced with an increasing challenge caused by the emerging, readily available code obfuscation techniques. Traditional signature-based malware detection is often problematic as it relies on file hashes and byte (or instruction) signatures which are not very resilient to obfuscation.
This project tackles the challenge by proposing several advanced methods that combine techniques from the behavior and semantics perspectives. Two new concepts, System Call Sliced Segment Equivalence Checking and N-gram Basic Block Semantics Memoization, are proposed to achieve better obfuscation resiliency and scalability. Compared with the existing approaches, these methods are based on the strong principles of program semantics and logics, more resilient to automatic obfuscation schemes, and more scalable with the proposed advanced semantics memoization techniques. In addition, the application is extended to side-channel detection with a new rigorous model. Upon completion, the project will make a significant contribution to binary code analysis in general. It will advance the state of the art of malware analysis and side-channel detection and help better defend cyber attacks, leading to more secure cyber space. Broader impact will also result from the education and dissemination initiatives.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
(Showing: 1 - 10 of 36)
(Showing: 1 - 36 of 36)
Bao, Qinkun and Wang, Zihao and Li, Xiaoting and Larus, James R and Wu, Dinghao
"Abacus: Precise Side-Channel Analysis"
Proceedings of the 43rd International Conference on Software Engineering (ICSE 2021)
, 2021
https://doi.org/
Citation
Details
Chen, Yongheng and Zhong, Rui and Hu, Hong and Zhang, Hangfan and Yang, Yupeng and Wu, Dinghao and Lee, Wenke
"One Engine to Fuzz 'em All: Generic Language Processor Testing with Semantic Validation"
Proceedings of the 42nd IEEE Symposium on Security and Privacy (IEEE S&P 2021)
, 2021
https://doi.org/
Citation
Details
Chen, Yongheng and Zhong, Rui and Yang, Yupeng and Hu, Hong and Wu, Dinghao and Lee, Wenke
"ยตFUZZ: Redesign of Parallel Fuzzing using Microservice Architecture"
Proceedings of the 32nd USENIX Security Symposium (USENIX Security '23)
, 2023
Citation
Details
Jiang, Yufei and Bao, Qinkun and Wang, Shuai and Liu, Xiao and Wu, Dinghao.
"RedDroid: Android Application Redundancy Customization Based on Static Analysis"
Proceedings - International Symposium on Software Reliability Engineering
, 2018
Citation
Details
Jing, Shixiong and Bao, Qinkun and Wang, Pei and Tang, Xulong and Wu, Dinghao
"Characterizing AI Model Inference Applications Running in the SGX Environment"
2021 IEEE International Conference on Networking, Architecture and Storage (NAS)
, 2021
https://doi.org/10.1109/NAS51552.2021.9605445
Citation
Details
Li, Menghao and Wang, Pei and Wang, Wei and Wang, Shuai and Wu, Dinghao and Liu, Jian and Rui Xue, Rui and Huo, Wei and Zou, Wei.
"Large-scale Third-party Library Detection in Android Markets"
IEEE transactions on software engineering
, 2018
Citation
Details
Liu, Songtao and Ying, Rex and Dong, Hanze and Li, Lanqing and Xu, Tingyang and Rong, Yu and Zhao, Peilin and Huang, Junzhou and Wu, Dinghao
"Local Augmentation for Graph Neural Networks"
Proceedings of the 39th International Conference on Machine Learning, PMLR
, 2022
Citation
Details
Liu, Xiao and Jiang, Yufei and Wu, Dinghao
"A Lightweight Framework for Regular Expression Verification"
Proceedings - IEEE International Symposium on High-Assurance Systems Engineering
, 2019
Citation
Details
Liu, Xiao and Li, Xiaoting and Prajapati, Rupesh and Wu, Dinghao.
"DeepFuzz: Automatic Generation of Syntax Valid C Programs for Fuzz Testing"
Proceedings of the ... AAAI Conference on Artificial Intelligence
, 2019
Citation
Details
Liu, Xiao and Wang, Shuai and Wang, Pei and Wu, Dinghao
"Automatic Grading of Programming Assignments: An Approach Based on Formal Semantics"
Proceedings - International Conference on Software Engineering
, 2019
Citation
Details
Li, Xiaoting and Liu, Xiao and Chen, Lingwei and Prajapati, Rupesh and Wu, Dinghao
"FUZZBOOST: Reinforcement Compiler Fuzzing"
Information and Communications Security: 24th International Conference, ICICS 2022, Canterbury, UK, September 58, 2022, Proceedings
, 2022
https://doi.org/10.1007/978-3-031-15777-6_20
Citation
Details
Li, Xiaoting Li and Liu, Xiao and Chen, Lingwei and Prajapati, Rupesh and Wu, Dinghao
"AlphaProg: Reinforcement Generation of Valid Programs for Compiler Fuzzing"
Proceedings of the Thirty-Fourth Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-22)
, 2022
Citation
Details
Ming, Jiang and Xu, Dongpeng and Jiang, Yufei and Wu, Dinghao
"BinSim: Trace-based Semantic Binary Diffing via System Call Sliced Segment Equivalence Checking"
Proceedings of the 26th USENIX Security Symposium
, 2017
Citation
Details
Wang, Li and Wu, Dinghao.
"Bridging the Gap Between Security Tools and SDN Controllers"
EAI Endorsed Transactions on Security and Safety
, 2018
Citation
Details
Wang, Li and Xu, Dongpeng and Ming, Jiang and Fu, Yu and Wu, Dinghao
"MetaHunt: Towards Taming Malware Mutation via Studying the Evolution of Metamorphic Virus"
SPRO'19: Proceedings of the 3rd ACM Workshop on Software Protection
, 2019
10.1145/3338503.3357720
Citation
Details
Wang, Pei and Bao, Qinkun and Wang, Li and Wang, Shuai and Chen, Zhaofeng and Wei, Tao and Wu, Dinghao
"Software Protection on the Go: A Large-Scale Empirical Study on Mobile App Obfuscation"
Proceedings of the 40th International Conference on Software Engineering (ICSE 2018)
, 2018
Citation
Details
Wang, Pei and Bao, Qinkun and Wang, Li and Wang, Shuai and Chen, Zhaofeng and Wei, Tao and Wu, Dinghao.
"Software Protection on the Go: A Large-Scale Empirical Study on Mobile App Obfuscation"
Proceedings - International Conference on Software Engineering
, 2018
Citation
Details
Wang, Pei and Wu, Dinghao and Chen, Zhaofeng and Wei, Tao
"Protecting Million-User iOS Apps with Obfuscation: Motivations, Pitfalls, and Experience"
Proceedings of the 40th International Conference on Software Engineering (ICSE 2018), Software Engineering in Practice (SEIP) Track
, 2018
Citation
Details
Wang, Pei and Wu, Dinghao and Chen, Zhaofeng and Wei, Tao.
"Protecting Million-User iOS Apps with Obfuscation: Motivations, Pitfalls, and Experience"
Proceedings - International Conference on Software Engineering
, 2018
Citation
Details
Wang, Pei and Wu, Dinghao and Zhaofeng Chen, Zhaofeng and Wei, Tao.
"Field Experience with Obfuscating Million-User iOS Apps in Large Enterprise Mobile Development"
Software, practice and experience
, 2018
Citation
Details
Wang, Pei and Zhang, Jinquan and Wang, Shuai and Wu, Dinghao
"Quantitative Assessment on the Limitations of Code Randomization for Legacy Binaries"
2020 IEEE European Symposium on Security and Privacy (EuroS&P)
, 2020
https://doi.org/10.1109/EuroSP48549.2020.00009
Citation
Details
Wang, Shuai and Bao, Yuyan and Liu, Xiao and Wang, Pei and Zhang, Danfeng and Wu, Dinghao
"Identifying Cache-Based Side Channels through Secret-Augmented Abstract Interpretation"
28th USENIX Security Symposium (USENIX Security 19)
, 2019
Citation
Details
Wang, Shuai and Wang, Pei and Liu, Xiao and Zhang, Danfeng and Wu, Dinghao
"CacheD: Identifying Cache-Based Timing Channels in Production Software"
Proceedings of the 26th USENIX Security Symposium
, 2017
Citation
Details
Wang, Shuai and Wang, Pei and Wu, Dinghao
"Semantics-Aware Machine Learning for Function Recognition in Binary Code"
2017 IEEE International Conference on Software Maintenance and Evolution (ICSME)
, 2017
10.1109/ICSME.2017.59
Citation
Details
Wang, Shuai and Wang, Pei and Wu, DInghao
"Composite Software Diversification"
2017 IEEE International Conference on Software Maintenance and Evolution (ICSME)
, 2017
10.1109/ICSME.2017.61
Citation
Details
Wang, Shuai and Wang, Wenhao and Bao, Qinkun and Wang, Pei and Wang, XiaoFeng and Wu, Dinghao
"Binary Code Retrofitting and Hardening Using SGX"
FEAST '17 Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation
, 2017
10.1145/3141235.3141244
Citation
Details
Wang, Shuai and Wu, Dinghao
"In-memory fuzzing for binary code similarity analysis"
Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE 2017)
, 2017
10.1109/ASE.2017.8115645
Citation
Details
Wang, Zihao and Wang, Pei and Bao, Qinkun and Wu, Dinghao
"Source Code Implied Language Structure Abstraction through Backward Taint Analysis"
Proceedings of the 18th International Conference on Software Technologies (ICSOFT)
, 2023
https://doi.org/10.5220/0012129000003538
Citation
Details
Xiao, Feng and Zhang, Jinquan and Huang, Jianwei and Gu, Guofei and Wu, Dinghao and Liu, Peng
"Unexpected Data Dependency Creation and Chaining: A New Attack to SDN"
Proceedings of the 41st IEEE Symposium on Security and Privacy (IEEE S&P 2020)
, 2020
Citation
Details
Xia, Tianrou and Hu, Hong and Wu, Dinghao
"DeepType: Refining Indirect Call Targets with Strong Multi-layer Type Analysis"
, 2024
Citation
Details
Xu, Dongpeng and Ming, Jiang and Fu, Yu and Wu, Dinghao.
"VMHunt: A Verifiable Approach to Partially-Virtualized Binary Code Simplification"
Proceedings of the ACM Conference on Computer and Communications Security
, 2018
Citation
Details
Xue, Lei and Yan, Yuxiao and Yan, Luyi and Jiang, Muhui and Luo, Xiapu and Wu, Dinghao and Zhou, Yajin
"Parema: an unpacking framework for demystifying VM-based Android packers"
ISSTA 2021: Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis
, 2021
https://doi.org/10.1145/3460319.3464839
Citation
Details
Xue, Lei and Zhou, Hao and Luo, Xiapu and Yu, Le and Wu, Dinghao and Zhou, Yajin and Ma, Xiaobo
"PackerGrind: An Adaptive Unpacking System for Android Apps"
IEEE Transactions on Software Engineering
, v.48
, 2022
https://doi.org/10.1109/TSE.2020.2996433
Citation
Details
Zhang, Jinquan and Wang, Pei and Wu, Dinghao
"LibSteal: Model Extraction Attack towards Deep Learning Compilers by Reversing DNN Binary Library"
Proceedings of the 18th International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE)
, 2023
https://doi.org/10.5220/0011754900003464
Citation
Details
Zhang, Jinquan and Wang, Zihao and Wang, Pei and Zhong, Rui and Wu, Dinghao
"FlatD: Protecting Deep Neural Network Program from Reversing Attacks"
, 2025
Citation
Details
Zhong, Rui and Chen, Yongheng and Hu, Hong and Zhang, Hangfan and Lee, Wenke and Wu, Dinghao
"SQUIRREL: Testing Database Management Systems with Language Validity and Coverage Feedback"
CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security
, 2020
https://doi.org/10.1145/3372297.3417260
Citation
Details
(Showing: 1 - 10 of 36)
(Showing: 1 - 36 of 36)
Please report errors in award information by writing to: awardsearch@nsf.gov.
