Fault injection attacks can cause errors in software for malicious purposes. Oftentimes, vulnerable points of a program are detected after its development. It is therefore critical for the user of the program to be able to apply last-minute security assurance to the executable file without having access to the source code. In this work, we explore two methodologies based on binary rewriting that aid in injecting countermeasures in the binary file. The first approach injects countermeasures by reassembling the disassembly whereas the second approach leverages a full translation to a high-level IR and lowering that back to the target architecture.
翻译:错误的注射攻击可能导致软件错误用于恶意目的。 程序开发后通常会发现程序的脆弱点。 因此,程序用户必须能够在无法获取源代码的情况下对可执行文件应用最后一分钟的安全保障。 在这项工作中,我们探索两种基于二进制重写的方法,即帮助在二进制文档中注入反措施。 第一种方法是通过重新组装拆散物来注入反措施,而第二种办法是利用高级IR的完全翻译,然后将其降低到目标结构。