Return to search

Finding and remedying high-level security issues in binary code

C++ and Microsoft's Component Object Model (COM) are examples of a high- level lan- guage and development framework that were built on top of the lower-level, primitive lan- guage, C. C was never designed to support concepts like object orientation, type enforcement, and language independence. Further, these languages and frameworks are designed to com- pile and run directly on the processor where these concepts are also not supported. Other high-level languages that do support these concepts make use of a runtime or virtual machine to create a computing model to suit their needs. By forcing these high-level concepts into a primitive computing model, many security issues have been introduced. Existing binary- level security analysis tools and runtime enforcement frameworks operate at the lowest level of context. As such, they struggle to detect and remedy higher-level security issues. In this dissertation, a framework for elevating the context of binary code is presented. By bringing the context for analysis closer to where these security issues are introduced, this framework allows for higher-level analyses and enforcement frameworks to be developed.

Identiferoai:union.ndltd.org:GATECH/oai:smartech.gatech.edu:1853/54338
Date07 January 2016
CreatorsDewey, David Bryan
ContributorsTraynor, Patrick G.
PublisherGeorgia Institute of Technology
Source SetsGeorgia Tech Electronic Thesis and Dissertation Archive
Languageen_US
Detected LanguageEnglish
TypeDissertation
Formatapplication/pdf

Page generated in 0.0023 seconds