AsiaIPEX is a one-stop-shop for players in the IP industry, facilitating IP trade and connection to the IP world. Whether you are a patent owner interested in selling your IP, or a manufacturer looking to buy technologies to upgrade your operation, you will find the portal a useful resource.

Back to search results

BISTRO: A Tool for Binary Component Extraction and Embedding

Summary: Researchers at Purdue University have developed BISTRO, a systematic approach to binary functional component extraction and embedding. BISTRO automatically performs the extraction of a functional component, with its instructions and data section entries non-contiguously located in the virtual address space, from an original binary program. This technology is also capable of embedding a binary component of any size and at any user-specified location in a target binary program without requiring symbolic information, relocation information, or compiler support. For both extraction and embedding, BISTRO preserves the functionalities of the target binary program and the extracted component by accurately patching them, using the same approach and technique. BISTRO performs extraction and embedding operations efficiently. After embedding, the "stretched" target binary program only incurs minor time and space overhead.

Technology Benefits: Does not require relocation information or special compiler supportWorks for both user-level programs and kernel-level programs Preserves the functionality of the target binary program and the extracted componentThe target binary incurs lower time and space overhead

Technology Application: Computer Security

Detailed Technology Description: Dongyan XuPurdue Computer Science

Countries: United States

Application No.: None

*Abstract

*Background: In software security and malware analysis, researchers often need to manipulate binary program, benign or malicious, without source code. A useful pair of binary manipulation primitives is binary functional component extraction and embedding. This pair is used for extracting a functional component from a binary program and for embedding a functional component in a binary program, respectively. Such primitives are applicable to a wide range of security scenarios such as legacy program hardening, binary semantic patching, and malware function analysis. Unfortunately, existing binary rewriting techniques are inadequate to support binary function carving and embedding.

*IP Issue Date: None

*IP Type: Utility

*Stage of Development: Prototype Testing

*Web Links: Purdue Office of Technology CommercializationPurdueInnovation and EntrepreneurshipDongyan XuComputer Science

Country/Region: USA

For more information, please click Here