Sponsored by DARPA (Defense Advanced Research Projects Agency of the United States Department of Defense)
Compiler Security & Binary Defenses Breakdown (CS&BD)Synopsis
Our research proposal aims to provide resources (practical guides and intuitive technology) to build secure software using popular compilers (Visual Studio, GCC, Xcode and LLVM) on different platforms (x86, x64 & ARM) by enabling the appropriate security defenses switches already offered by compilers, making proactive security development easy. The second part of research is to develop technology to help IT security staff to rapidly identify binaries across organization not using security defenses, but reactive security.Milestones M1
Objective: Deep coverage and analysis of security features offered by modern compilers used to build software.
Study the security features offered by compilers/versions/platforms and compare among them for differences. Analyze generated binaries for security effectiveness, size, performance and weaknesses on multiple platforms. Test cases with known bugs will be compiled and reverse engineered to study the security defenses.M2
Objective: Assess binaries security defenses across organization systems.
Research technology that can assess binaries formats (PE, ELF and Mach-O) on multiple platforms (x86, x64 and ARM) in an effective, fast and possible agentless way to identify binary defenses or the lack thereof.
Technology: BinSecSweeper (coming soon).M3
Objective: simplify the secure software compiling process.
Technology: in development.Acknowledgements
VULNEX wishes to thanks Mudge, DARPA and BITSystems for their support and help of the success of this project sponsored by DARPA Cyber Fast Track (CFT).