Thu 16 Jun 2016 11:30 - 12:00 at Grand Ballroom Santa Ynez - Down to the Metal II Chair(s): Hans-J. Boehm

We address the problem of finding similar procedures in stripped binaries. We present a new statistical approach for measuring the similarity between two procedures. Our notion of similarity allows us to find similar code even when it has been compiled using different compilers, or has been modified. The main idea is to use similarity by composition: decompose the code into smaller comparable fragments, define semantic similarity between fragments, and use statistical reasoning to lift fragment similarity to similarity between procedures. We have implemented our approach in a tool called Esh, and applied it to find various prominent vulnerabilities across compilers and versions, including Heartbleed, Shellshock and Venom. We show that Esh produces high accuracy results, with few to no false positives – a crucial factor in the scenario of vulnerability search in stripped binaries.

Thu 16 Jun

Displayed time zone: Tijuana, Baja California change

10:30 - 12:00
Down to the Metal IIResearch Papers at Grand Ballroom Santa Ynez
Chair(s): Hans-J. Boehm Google
10:30
30m
Talk
Stratified Synthesis: Automatically Learning the x86-64 Instruction Set
Research Papers
Stefan Heule Stanford University, Eric Schkufza VMware Research Group, Rahul Sharma Stanford University, Alex Aiken Stanford University
DOI Pre-print Media Attached
11:00
30m
Talk
Remix: Online Detection and Repair of Cache Contention for the JVM
Research Papers
Ariel Eizenberg University of Pennsylvania, Shiliang Hu Intel Corporation, Gilles Pokam Intel Corporation, Joseph Devietti University of Pennsylvania
Media Attached
11:30
30m
Talk
Statistical Similarity of Binaries
Research Papers
Yaniv David Technion, Nimrod Partush Technion, Eran Yahav Technion
Media Attached