Skip to content

Library to hide DBI artifacts when using Intel Pin. Code from the ASIA CCS 2019 paper "SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)"

Notifications You must be signed in to change notification settings

One946/sok-dbi-security

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 

Repository files navigation

SoK: Using Dynamic Binary Instrumentation for Security

This repository hosts the code for the paper "SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)" appeared at ACM Asia CCS 2019 (find the pre-print here or on ResearchGate).

The code comprises a library of mitigations that can be integrated in existing pintools, and a set of detections for DBI that we wrote in addition to those tested with existing PoCs. We share the version used for the evaluation, and we plan to add more countermeasures and our own implementations of other detection patterns.

As this is a research prototype, please get in touch if you encounter issues: we do not expect it to work out of the box in all scenarios. The library is currently 32-bit only and was tested on Pin 3.5, Windows 7 SP1, and Visual Studio 2010.

Developers

About

Library to hide DBI artifacts when using Intel Pin. Code from the ASIA CCS 2019 paper "SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)"

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C++ 94.4%
  • C 5.6%