Code Sanitization for Vulnerability Pruning and Exploitation Mitigation

Automatic bug detection during development and protection of established software through reflective alleviations

Team

Despite the best efforts of scientists to ensure effective protection for systems software, close to 60 security bugs are detected every month. To address this challenge, the CodeSan project proposes an inclusive method that ameliorates code quality. It proposes automatic bug detection during development and protection of established software through reflective alleviations. CodeSan can reliably defend large software systems such as Google Chromium and Mozilla Firefox.

CodeSan will sanitize software by

Automating bug discovery during development through software testing.
Protecting deployed software through reflective mitigations.

CodeSan trades formal completeness for practical scalability in three steps. First, policy-based sanitization makes undefined behavior (through violations of memory safety, type safety, or API flow safety) explicit and detectable given concrete test inputs. Second, automatic test case generation increases testing coverage for large programs without the need for pre-existing test cases, enabling broader and automated use of policy-based sanitization. Third, for deployed software, reflective mitigations place runtime checks precisely where they are needed based on data-flow and control-flow coverage from our testing efforts. CodeSan complements formal approaches by protecting software that is currently out of reach due to its size, complexity, or low-level nature.

CodeSan is a compelling, comprehensive, and adaptive approach to thoroughly address undefined behavior for complex software. The three proposed actions complement each other naturally and will immediately guard large software systems such as Google Chromium, Mozilla Firefox, the Android system, or the Linux kernel, making them resilient against attacks.

In keeping with PI Mathias Payer’s track record on open sourcing his group’s research artifacts on cast sanitization, transformative fuzzing, or control-flow hijacking mitigations, all prototypes produced during CodeSan will be released as open-source.

The 60-month project was initiated in March 2020 with a grant from the ERC.

Suggested Reading

https://cordis.europa.eu/project/id/850868

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.