BitBlaze: Binary Analysis for COTS Protection and Malicious Code Defense (BitBlaze)
National Science Foundation and Defense Advanced Research Projects Agency
Binary analysis is imperative for protecting COTS programs and defending against the myriad of malicious code, where source code is unavailable, and the binary may even be obfuscated. Binary analysis provides the ground truth about program behavior since computers execute binaries (executables), not source code. However, binary analysis is challenging due to the lack of higher-level semantics. Many higher-level techniques are often inadequate for analyzing even benign binaries, let alone potentially malicious binaries. Thus, we need to develop tools which work for binary code and analyze COTS software and malicious binaries.
The BitBlaze project aims to design and develop a powerful binary analysis platform to (1) analyze and develop novel COTS protection and diagnostic mechanisms and (2) analyze, understand, and develop defenses against malicious code. The BitBlaze project also strives to open new application areas of binary analysis, which provide sound and effective solutions to applications beyond software security, such as protocol reverse engineering and fingerprint generation. BitBlaze has two central research directions: (1) the design and development of the underlying binary analysis platform, and (2) applying it to address real-world security problems.