BitBlaze: a Binary-centric Approach to Computer Security
Dawn Song
University of California, Berkeley
Abstract
Binary analysis is imperative for protecting COTS (common
off-the-shelf) programs and analyzing and defending against the myriad
of malicious code, where source code is unavailable, and the binary
may even be obfuscated. Also, binary analysis provides the ground
truth about program behavior since computers execute binaries
(executables), not source code. In this talk, I will present the
BitBlaze project, a binary-centric approach to computer security: how
we can address a wide-spectrum of different security problems by
analyzing program binaries and automatically extracting security
related properties from them. In particular, I will describe the two
central research directions of BitBlaze: (1) the design and
development of the underlying BitBlaze Binary Analysis Platform, and
(2) applying the BitBlaze Binary Analysis Platform to addressing
real-world security problems, including automatic vulnerability
signature generation, a unified framework for malware analysis, and
automatic deviation detection.
Biography
Dawn Song is an Assistant Professor at University of California,
Berkeley. She obtained her PhD in Computer Science from UC Berkeley
(2002). Her research interest lies in security and privacy issues in
computer systems and networks. She is the author of more than 60
research papers in areas ranging from software security, networking
security, database security, distributed systems security, to applied
cryptography. She is the recipient of various awards and grants
including the NSF CAREER Award, the IBM Faculty Award, the George
Tallman Ladd Research Award, the Sloan Award, and the Best Paper Award
in USENIX Security Symposium.