Search Icon
Submissions

Rapid Vulnerability Mitigation with Security Workarounds

Zhen Huang (Pennsylvania State University), Gang Tan (Pennsylvania State University)

The existence of pre-patch windows allows adversaries to exploit vulnerabilities before they are patched. Prior work has proposed to harden programs with security workarounds to enable users to mitigate vulnerabilities before a patch is available. However, it requires access to the source code of the programs. This paper introduces RVM, an approach to automatically hardening binary code with security workarounds. RVM statically analyzes binary code of programs to identify error-handling code in the programs, in order to synthesize security workarounds. We designed and implemented a prototype of RVM for Windows and Linux binaries. We evaluate the coverage and performance of RVM on binaries of popular Windows and Linux applications containing real-world vulnerabilities.

Paper

View More Papers

Investigating Graph Embedding Neural Networks with Unsupervised Features Extraction...

Luca Massarelli (Sapienza University of Rome), Giuseppe A. Di Luna (CINI - National Laboratory of Cybersecurity), Fabio Petroni (Independent Researcher), Leonardo Querzoni (Sapienza University of Rome), Roberto Baldoni (Italian Presidency of Ministry Council)

Read More

Efficient Normalized Reduction and Generation of Equivalent Multivariate Binary...

Arnau Gàmez-Montolio (City, University of London; Activision Research), Enric Florit (Universitat de Barcelona), Martin Brain (City, University of London), Jacob M. Howe (City, University of London)

Read More

Understanding MPU Usage in Microcontroller-based Systems in the Wild

Wei Zhou, Zhouqi Jiang (School of Cyber Science and Engineering, Huazhong University of Science and Technology), Le Guan (School of Computing, University of Georgia)

Read More

Unlocking the Potential of Domain Aware Binary Analysis in...

Dr. Zhiqiang Lin (Distinguished Professor of Engineering at The Ohio State University)

Read More