Securing untrusted code via compiler-agnostic binary rewriting

Abstract

Binary code from untrusted sources remains one of the primary vehicles for malicious software attacks. This paper presents Reins, a new, more general, and lighter-weight binary rewriting and in-lining system to tame and secure untrusted binary programs. Unlike traditional monitors, Reins requires no cooperation from code-producers in the form of source code or debugging symbols, requires no client-side support infrastructure (e.g., a virtual machine or hypervisor), and preserves the behavior of even complex, event-driven, x86 native COTS binaries generated by aggressively optimizing compilers. This makes it exceptionally easy to deploy. The safety of programs rewritten by Reins is independently machine-verifiable, allowing rewriting to be deployed as an untrusted third-party service. An implementation of Reins for Microsoft Windows demonstrates that it is effective and practical for a real-world OS and architecture, introducing only about 2.4% runtime overhead to rewritten binaries.