Presentation | 2021-01-26 Detection of Vulnerability Inducing Code Optimization Based on Binary Code Yuka Azuma, Nagisa Ishiura, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | In this paper, we propose a method to detect vulnerability inducing code elimination by compiler optimization. It is reported that security codes, which are intended to protect programs against invalid memory accesses or to scrub secret information in memories, can be eliminated by compiler optimization. This paper attempts to detect such code elimination by binary comparison. A pair of binary codes are generated from a given source code and are compared; one is obtained with a typical set of optimization options and the other by suppressing the problematic optimization. Since the two binaries are often too different to reveal the code elimination, comparison is done focusing on specific instructions. When the code elimination is detected, the source code is minimized to identify the code fragment that caused the difference. A detection tool implemented in Perl5 has been run on 5 programs consisting of about 200 to 51400 lines, to detect one case of guard elimination and two cases of dead store elimination. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Software vulnerability / Compiler optimization / Guard elimination / Dead store elimination |
Paper # | VLD2020-65,CPSY2020-48,RECONF2020-84 |
Date of Issue | 2021-01-18 (VLD, CPSY, RECONF) |
Conference Information | |
Committee | CPSY / RECONF / VLD / IPSJ-ARC / IPSJ-SLDM |
---|---|
Conference Date | 2021/1/25(2days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | Online |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | FPGA Applications, etc. |
Chair | Hidetsugu Irie(Univ. of Tokyo) / Yuichiro Shibata(Nagasaki Univ.) / Daisuke Fukuda(Fujitsu Labs.) / Hiroshi Inoue(Kyushu Univ.) / Yuichi Nakamura(NEC) |
Vice Chair | Michihiro Koibuchi(NII) / Kota Nakajima(Fujitsu Lab.) / Kentaro Sano(RIKEN) / Yoshiki Yamaguchi(Tsukuba Univ.) / Kazutoshi Kobayashi(Kyoto Inst. of Tech.) |
Secretary | Michihiro Koibuchi(Hokkaido Univ.) / Kota Nakajima(Nagoya Inst. of Tech.) / Kentaro Sano(e-trees.Japan) / Yoshiki Yamaguchi(NEC) / Kazutoshi Kobayashi(Hitachi) / (Osaka Univ.) / (Fujitsu lab.) |
Assistant | Shugo Ogawa(Hitachi) / Eiji Arima(Univ. of Tokyo) / Hiroki Nakahara(Tokyo Inst. of Tech.) / Yukitaka Takemura(INTEL) / Takuma Nishimoto(Hitachi) |
Paper Information | |
Registration To | Technical Committee on Computer Systems / Technical Committee on Reconfigurable Systems / Technical Committee on VLSI Design Technologies / Special Interest Group on System Architecture / Special Interest Group on System and LSI Design Methodology |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Detection of Vulnerability Inducing Code Optimization Based on Binary Code |
Sub Title (in English) | |
Keyword(1) | Software vulnerability |
Keyword(2) | Compiler optimization |
Keyword(3) | Guard elimination |
Keyword(4) | Dead store elimination |
Keyword(5) | |
Keyword(6) | |
1st Author's Name | Yuka Azuma |
1st Author's Affiliation | Kwansei Gakuin University(Kwansei Gakuin Univ.) |
2nd Author's Name | Nagisa Ishiura |
2nd Author's Affiliation | Kwansei Gakuin University(Kwansei Gakuin Univ.) |
Date | 2021-01-26 |
Paper # | VLD2020-65,CPSY2020-48,RECONF2020-84 |
Volume (vol) | vol.120 |
Number (no) | VLD-337,CPSY-338,RECONF-339 |
Page | pp.pp.148-153(VLD), pp.148-153(CPSY), pp.148-153(RECONF), |
#Pages | 6 |
Date of Issue | 2021-01-18 (VLD, CPSY, RECONF) |