ReArm-ing Software for Attack: ONR funds Lu’s Vulnerability Research

 

To quell the size and complexity of software vulnerability, Long Lu, an assistant professor in the computer science (CS) department, may have the answer.

Lu has been awarded a grant from the Office of Naval Research (ONR) for his research project entitled ReARM: Protecting ARM Binaries via Load-time Reduction and Run-time Read Protection.

According to Lu, his research examines software de-bloating, a term for removing unusable code from software. This unusable code increases the attack surface of the software. Removing it from the software is a “promising countermeasure” against exploitation.

Current research in this field is still in-development and there are many challenges to overcome. Limitations currently exist such as the fact that existing work only removes a small amount of unusable code, remaining useable code is left vulnerable to attack, and that the existing work targets x86 platforms rather than Advanced RISC Machines or ARM.

In order to combat these issues, Lu will design and create ReARM, which is a framework able to “perform load-time reduction of ARM binaries” such as “on-demand and learning-based loading of code” as well as “enforce run-time read-protection of loaded code such as “transforming and mapping code to hidden, execute-only memory pages.” According to Lu, ReARM will not require any assistance from developers or end users because it will work on commercial off the shelf (COTS) binaries.

ReARM will have the ability to learn and pre-load heavily used code-pages. During program execution, ReARM will compare code transfers with code pages in order to make sure that the absent page is compliant.

“REARM dynamically transforms code being loaded. It maps code into executable-only memory pages, relocates embedded data in such pages, and updates data references and symbol information accordingly,” says Lu. This transformation, without breaking program executions or permanently changing executable files, protects loaded code (i.e., permanent code) against exploitations.

So far ReARM is able to the amount of code loaded in memory for programs, applications, and libraries all the while without interrupting normal executions. It also can mitigate the attacks on loaded code.

“In today’s cyber-sensitive society, we are fortunate to have Long as a faculty member who focuses on cyberattack research. This newly funded research overcomes many limitations and challenges which cyber researchers continually face,” says Ari Kaufman, the chair of the CS department. 

The ONR grant, which totals just under $800,000, is effective for three years from March 1, 2017 until February 29, 2020.

 

About the CS Researcher

Affiliated with the National Security Institute at Stony Brook University, Long Lu is an assistant professor in the Department of Computer Science which is part of the College of Engineering and Applied Sciences. When he isn’t teaching computer science courses in advanced computer security, he is conducting research in his Research in Software and Systems Security (RiS3 Lab. In addition to the ONR funding, he works with grad and PhD students on AFOSR and NSF research aimed at securing software and systems against critical threats. Lu, who earned his PhD at Georgia Tech, is a 2017 NSF CAREER awardee. 

 

By Katherine Kurre