text-only page produced automatically by Usablenet Assistive Skip all navigation and go to page content Skip top navigation and go to directorate navigation Skip top navigation and go to page navigation
National Science Foundation
design element
Search Awards
Recent Awards
Presidential and Honorary Awards
About Awards
Grant Policy Manual
Grant General Conditions
Cooperative Agreement Conditions
Special Conditions
Federal Demonstration Partnership
Policy Office Website

Award Abstract #1409738

TWC: Medium: Collaborative: Automated Reverse Engineering of Commodity Software

Division Of Computer and Network Systems
divider line
Initial Amendment Date: August 4, 2014
divider line
Latest Amendment Date: August 4, 2014
divider line
Award Number: 1409738
divider line
Award Instrument: Standard Grant
divider line
Program Manager: Sol J. Greenspan
CNS Division Of Computer and Network Systems
CSE Direct For Computer & Info Scie & Enginr
divider line
Start Date: September 1, 2014
divider line
End Date: August 31, 2017 (Estimated)
divider line
Awarded Amount to Date: $500,000.00
divider line
Investigator(s): Engin Kirda ek@ccs.neu.edu (Principal Investigator)
William Robertson (Co-Principal Investigator)
divider line
Sponsor: Northeastern University
BOSTON, MA 02115-5005 (617)373-2508
divider line
NSF Program(s): Secure &Trustworthy Cyberspace
divider line
Program Reference Code(s): 7434, 7924
divider line
Program Element Code(s): 8060


Software, including common examples such as commercial applications or embedded device firmware, is often delivered as closed-source binaries. While prior academic work has examined how to automatically discover vulnerabilities in binary software, and even how to automatically craft exploits for these vulnerabilities, the ability to answer basic security-relevant questions about closed-source software remains elusive.

This project aims to provide algorithms and tools for answering these questions. Leveraging prior work on emulator-based dynamic analyses, we propose techniques for scaling this high-fidelity analysis to capture and extract whole-system behavior in the context of embedded device firmware and closed-source applications. Using a combination of dynamic execution traces collected from this analysis platform and binary code analysis techniques, we propose techniques for automated structural analysis of binary program artifacts, decomposing system and user-level programs into logical modules through inference of high-level semantic behavior. This decomposition provides as output an automatically learned description of the interfaces and information flows between each module at a sub-program granularity. Specific activities include: (a) developing software-guided whole-system emulator for supporting sophisticated dynamic analyses for real embedded systems; (b) developing advanced, automated techniques for structurally decomposing closed-source software into its constituent modules; (c) developing automated techniques for producing high-level summaries of whole system executions and software components; and (d) developing techniques for automating the reverse engineering and fuzz testing of encrypted network protocols. The research proposed herein will have a significant impact outside of the security research community. We will incorporate the research findings of our program into our undergraduate and graduate teaching curricula, as well as in extracurricular educational efforts such as Capture-the-Flag that have broad outreach in the greater Boston and Atlanta metropolitan areas.

The close ties to industry that the collective PIs possess will facilitate transitioning the research into practical defensive tools that can be deployed into real-world systems and networks.


Please report errors in award information by writing to: awardsearch@nsf.gov.



Print this page
Back to Top of page
Research.gov  |  USA.gov  |  National Science Board  |  Recovery Act  |  Budget and Performance  |  Annual Financial Report
Web Policies and Important Links  |  Privacy  |  FOIA  |  NO FEAR Act  |  Inspector General  |  Webmaster Contact  |  Site Map
National Science Foundation Logo
The National Science Foundation, 4201 Wilson Boulevard, Arlington, Virginia 22230, USA
Tel: (703) 292-5111, FIRS: (800) 877-8339 | TDD: (800) 281-8749
  Text Only Version