Software Dynamic Translation (SDT) provides a powerful and flexible technology for monitoring and modifying executing binaries dynamically. Modern SDT technology has been used effectively in such diverse areas as code profiling, code compression, embedded systems and security.

In the Helix project, we will build on Strata, a portable SDT system developed at the University of Virginia, to equip Helix applications with self-regenerative capabilities. We will harness Strata's introspective monitoring facilities to provide Helix with precise sensing capabilities. The availability of such precise application state will enable the development of effective repair and recovery strategies. By effective, we seek strategies that yield high coverage of attack and threat classes while keeping the rate of false positives and negatives to a very low level. Once a repair or recovery action has been generated by the various Helix analysis engines, validated for its correctness, and vetted for its efficacy, it can then be hot-deployed throughout the Helix network by using Strata's actuation capabilities.

We also plan on exploring the use of SDT technology to develop a metamorphic shield to continuously shift the attack surface of applications. Instead of applying diversity techniques at compile-time or load-time only, we will constantly transform applications as they execute so as to make it much more difficult for adversaries to either reverse-engineer or exploit any vulnerable applications.

Related Publications

• Retargetable and Reconfigurable Software Dynamic Translation