Visible to the public Secure Native Binary Executions--2022 Q3Conflict Detection Enabled

PI(s): Prasad Kulkarni


Scalability and Composability, Security Metrics


Our overall project goal is to develop a high-performance framework for client-side security assessment and enforcement for binary software.

In this quarter we continued our work to: (a) Develop tools and techniques to evaluate the client-side security properties of binary software, and (b) Understand the efficiency and effectiveness challenges and tradeoffs in implementing source-level (compiler-based) security techniques at the binary-level.

The major highlights in the last quarter were the following:

(a) Our paper describing our techniques, results, and observations regarding the detection of compiler-added security checks in binaries was accepted in Springer's ISPEC 2022.

(b) We presented our paper that describes our technique to identify the high-level source language from the given binary at Springer's ICR 2022 conference.

(c) We continued to develop techniques that can detect the presence of CWEs and indicators of secure coding practices adopted during the (source level) coding stage from just the binary code. We developed a method to automate determining the effectiveness of our new CWE and fault detection techniques on binaries (compared to techniques at source level).

(d) We continued our work to assess the effectiveness and efficiency of conducting control-flow integrity (CFI) on binary code as compared to performing CFI on source code.


1. Adhikari, Ashish and Kulkarni, Prasad A. (2022). Using the Strings Metadata to Detect the Source Language of the Binary. In: Daimi, K., Al Sadoon, A. (eds) Proceedings of the ICR'22 International Conference on Innovations in Computing Research. ICR 2022. Advances in Intelligent Systems and Computing, vol 1431. Springer, Cham.

2. Pramanick, Koyel and Kulkarni, Prasad A. (2022). Detect Compiler Inserted Run-time Security Checks in Binary Software. To be published in the 17th International Conference on Information Security Practice and Experience (ISPEC 2022), Taipei, Taiwan, November 23-25, 2022.