SPAR

Security and Privacy Applied Research Lab

BitBlaze: a Binary-centric Approach to Computer Security

Dawn Song
University of California, Berkeley

Abstract

Binary analysis is imperative for protecting COTS (common off-the-shelf) programs and analyzing and defending against the myriad of malicious code, where source code is unavailable, and the binary may even be obfuscated. Also, binary analysis provides the ground truth about program behavior since computers execute binaries (executables), not source code. In this talk, I will present the BitBlaze project, a binary-centric approach to computer security: how we can address a wide-spectrum of different security problems by analyzing program binaries and automatically extracting security related properties from them. In particular, I will describe the two central research directions of BitBlaze: (1) the design and development of the underlying BitBlaze Binary Analysis Platform, and (2) applying the BitBlaze Binary Analysis Platform to addressing real-world security problems, including automatic vulnerability signature generation, a unified framework for malware analysis, and automatic deviation detection.

Biography

Dawn Song is an Assistant Professor at University of California, Berkeley. She obtained her PhD in Computer Science from UC Berkeley (2002). Her research interest lies in security and privacy issues in computer systems and networks. She is the author of more than 60 research papers in areas ranging from software security, networking security, database security, distributed systems security, to applied cryptography. She is the recipient of various awards and grants including the NSF CAREER Award, the IBM Faculty Award, the George Tallman Ladd Research Award, the Sloan Award, and the Best Paper Award in USENIX Security Symposium.