Keywords:  Security Engineering and Design,

2016

Blazar: Secure and Practical Program Hardening

Dawn Song, Professor, Department of Electrical Engineering and Computer Science, UC Berkeley
Chao Zhang, Associate Professor, Institute for Network Science and Cyberspace, Tsinghua University

One root cause of cyber security threat is vulnerabilities in programs. Complex software inevitably have vulnerabilities which can allow attackers to exploit to compromise the system. We propose to design and develop a hardening solution to protect programs from attacks even when they may contain vulnerabilities. In particular, we propose a secure and practical solution, Blazar, to automatically rewrite vulnerable programs to enforce certain security policies, and thus to protect them from attacks even when the original program may contain vulnerabilities. Blazar is transparent to developers, and thus easy to use. It is designed to have low performance overhead. Blazar leverages our earlier development to build a secure and practical solution that we plan to deploy in practice.