PSI: A Platform for Secure Static Binary Instrumentation
Introduction
Program instrumentation techniques form the basis of many recent software security defenses, including defenses against common exploits and security policy enforcement. As compared to source-code instrumentation, binary instrumentation is easier to use and more broadly applicable due to theready availability of binary code. Two key features neededfor security instrumentations are (a) it should be applied to all application code, including code contained in various system and application libraries, and (b) it should be non-bypassable. So far, dynamic binary instrumentation (DBI) techniques have provided these features, whereas static bi-nary instrumentation (SBI) techniques have lacked them.These features, combined with ease of use, have made DBI the de facto choice for security instrumentations. However,DBI techniques can incur high overheads in several commonusage scenarios, such as application startups, system-calls,and many real-world applications. We therefore develop a newplatform for secure static binary instrumentation (PSI) that overcomes these drawbacks of DBI techniques, whileretaining the security, robustness and ease-of-use features.We illustrate the versatility of PSI by developing severalinstrumentation applications: basic block counting, shadowstack defense against control-flow hijack and return-orientedprogramming attacks, and system call and library policy en-forcement. While being competitive with the best DBI toolson CPU-intensive SPEC 2006 benchmark, PSI provides an order of magnitude reduction in overheads on a collection of real-world applicationsStatus
PSI is alpha software. It is provided for research and evaluation purposes only.Download
Virtual Box VM shipped under GPL: psi-vbox-v1.0.tar.gz.