{"663319":{"#nid":"663319","#data":{"type":"event","title":"PhD Proposal by Chris Porter","body":[{"value":"\u003Cp\u003E\u003Cstrong\u003ETitle:\u003C\/strong\u003E Compiler-assisted Runtime Techniques for Software Debloating\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EChris Porter\u003C\/p\u003E\r\n\r\n\u003Cp\u003EPh.D. student\u003C\/p\u003E\r\n\r\n\u003Cp\u003ESchool of Computer Science\u003C\/p\u003E\r\n\r\n\u003Cp\u003EGeorgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003EDate:\u003C\/strong\u003E Monday, November 28, 2022\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ETime:\u003C\/strong\u003E 3:00 pm - 5:00 pm\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ELocation:\u003C\/strong\u003E Klaus conference room 3100, \u003Ca href=\u0022https:\/\/gatech.zoom.us\/j\/4056090241\u0022 title=\u0022https:\/\/gatech.zoom.us\/j\/4056090241\u0022\u003Ezoom\u003C\/a\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ECommittee:\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Santosh Pande (advisor), School of Computer Science, Georgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Alex Orso, School of Computer Science, Georgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Vivek Sarkar, School of Computer Science, Georgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Qirun Zhang, School of Computational Science and Engineering, Georgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003EAbstract:\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003EModern code reuse attacks take full advantage of bloated software. Attackers piece together short sequences of instructions in otherwise benign code to carry out malicious actions. Eliminating these reusable code snippets, known as gadgets, has become one of the prime focuses of attack surface reduction research. The aim is to break these chains of gadgets, thereby making such code reuse attacks impossible or substantially less common. Recent work on attack surface reduction has typically tried to eliminate such attacks by subsetting the application, e.g. via user-specified inputs, configurations, or features to achieve high gadget reductions. However, such techniques suffer from the limitations of soundness, i.e. the software might crash during no-attack executions on regular inputs, or they may be conservative and leave a large amount of attack surface untackled.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThis proposal includes two novel works that attempt to address these shortcomings. They are fully sound and obtain strong gadget reduction. In the first work, BlankIt, we target library code and achieve ~97% code reduction. In particular, we are able to debloat GNU libc, which is notorious for housing gadgets for code reuse attacks. BlankIt works by predicting the set of library functions expected to execute at library call sites; then it enables those functions just before use and disables them after returning. Mispredictions trigger an alarm and are handled gracefully without crashes. In our second work, Decker, we target application code and achieve ~70% code reduction. The percentage reduction is similar to prior art but without sacrificing soundness (i.e. it does not crash or produce incorrect output). Decker works by instrumenting the program at compile-time at key points to enable and disable code pages; then at runtime, the framework executes these permission-mapping calls with minimal overhead (~5%).\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EAs part of the proposed work, we will also show how to augment the whole-application technique with an accurate predictor to further reduce the potential attack surface. Using a predictive model in application code comes with several challenges not present when handling libraries. These include how to choose prediction points across the full callgraph, and how to perturb the application code as little as possible.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":"","field_summary_sentence":[{"value":"Compiler-assisted Runtime Techniques for Software Debloating"}],"uid":"27707","created_gmt":"2022-11-18 18:33:08","changed_gmt":"2022-11-18 18:33:08","author":"Tatianna Richardson","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2022-11-28T15:00:00-05:00","event_time_end":"2022-11-28T17:00:00-05:00","event_time_end_last":"2022-11-28T17:00:00-05:00","gmt_time_start":"2022-11-28 20:00:00","gmt_time_end":"2022-11-28 22:00:00","gmt_time_end_last":"2022-11-28 22:00:00","rrule":null,"timezone":"America\/New_York"},"extras":[],"groups":[{"id":"221981","name":"Graduate Studies"}],"categories":[],"keywords":[{"id":"102851","name":"Phd proposal"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78761","name":"Faculty\/Staff"},{"id":"78771","name":"Public"},{"id":"78751","name":"Undergraduate students"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}