Modern software typically integrates a number of third-party commercial components. The indiscriminate use of such components poses significant security threats to software systems because the components may harbor unintentional vulnerabilities as well as intentionally malicious behaviors. Moreover, third-party components often come only in binary form preventing most existing security-analysis tools from exposing the vulnerabilities and malicious behaviors harbored by those components themselves, as well as by software systems that integrate them. The goal of this project is to build a tool that will conduct rigorous analysis of machine code to assess its quality. The tool will automatically identify vulnerabilities in third-party components and will assist security analysts in spotting unexpected and potentially malicious behaviors in the third-party code. Moreover, the tool will integrate with CodeSonarGrammaTechs commercially successful program-analysis tool for finding defects in softwareto increase its precision and to boost its effectiveness in dealing with third-party components and libraries. We expect that the integration will significantly reduce the number of false positives reported by CodeSonar and will allow CodeSonar to identify more bugs and vulnerabilities (and, in particular, subtler bugs and vulnerabilities) in software.
Benefit: There is a strong need in the market for a tool that can rigorously and soundly analyze machine code, in particular, when neither source code nor debugging information is available. Increasingly, software systems integrate large numbers of commercial third-party components. Those components are typically distributed with no source code, and may be protected from reverse engineering. Thousands of new malware samples are detected daily. Malware is also only available in machine-code form, and is typically protected in order to thwart security analysis. The tool we propose will provide a sorely needed solution to the problem of security analysis of machine code. The tool will be able to find errors and security vulnerabilities in standalone executables. Moreover, the tool will integrate with CodeSonarthe GrammaTech commercially successful bug-finding tooland will boost the precision and rigor of the CodeSonar analysis. We expect that the integration will significantly reduce the number of false positives reported by CodeSonar and will allow CodeSonar to identify more bugs and vulnerabilities (and, in particular, subtler bugs and vulnerabilities) in software. CodeSonar already has an extensive customer base, which will pave the way towards the successful commercialization of the technology we that will develop in this project.
Keywords: Vulnerability detection, Directed proof generation, Computer Security, COTS Components, Library Summarization, Rigorous program analysis, Model checking, Machine code analysis