Projects


Centaur: Symbolic Execution of Android Framework with Application to Exploit Generation

centaur

Android Framework is a layer of software that exists in every Android system managing resources of all Android apps. A vulnerability in Android Framework can lead to severe hacks, such as destroying user data and leaking private information. With tens of millions of Android devices unpatched due to Android fragmentation, vulnerabilities in Android Framework certainly attract attackers to exploit them. So far, enormous manual effort is needed to craft such exploits. To our knowledge, no research has been done on automatic generation of exploits that take advantage of Android Framework vulnerabilities.

We make a first step towards this goal by applying symbolic execution of Android Framework to finding bugs and generating exploits. We have built the first system for symbolic execution of Android Framework. It fundamentally changes the state of the art in exploit generation on the Android system, and has been applied to constructing new techniques for finding vulnerabilities.

Related Publications:

MobiSys 2017 "System Service Call-oriented Symbolic Execution of Android Framework with Applications to Vulnerability Discovery and Exploit Generation"
Lannan Luo*, Qiang Zeng*, Chen Cao, Kai Chen, Jian Liu, Limin Liu, Neng Gao, Min Yang, Xinyu Xing, and Peng Liu (*Co-first authors).
In Proceedings of the 15th ACM International Conference on Mobile Systems, Applications, and Services (MobiSys), Niagara Falls, NY, June 19th-23rd, 2017.
>> [PDF]

[Back to top]

SSN: Repackage-proofing Android Apps

ssn

App repackaging has become a severe threat to the Android ecosystem. While various protection techniques, such as watermarking and repackaging detection, have been proposed, a defense that stops repackaged apps from working on user devices, i.e., repackage-proofing, is missing. We propose a technique that builds a reliable and stealthy repackage-proofing capability into Android apps. We have built a prototype. The evaluation shows that the technique is effective and efficient.

Related Publications:

DSN 2016 "Repackage-proofing Android Apps."
Lannan Luo, Yu Fu, Dinghao Wu, Sencun Zhu, and Peng Liu.
In Proceedings of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Toulouse, France, June 28-July 1, 2016.
>> [PDF]

[Back to top]

SolMiner: Mining Distinct Solutions in Programs

solminer

On the Internet many websites provide venues for programming practice and contests. While these websites can automatically judge the correctness of a submission, none extracts distinct solutions from the submissions and provides them to learners. How to automatically identify distinct solutions from a large number of submissions is a challenging and unresolved problem. Due to diverse coding styles and high programming flexibility, submissions implementing the same solution may appear very different from each other; in addition, dealing with submissions at scale imposes extra challenges.

We propose SolMiner, a solution miner, that automatically mines distinct solutions from a large number of submissions. SolMiner leverages static program analysis, data mining, and machine learning to automatically measure the similarity between submissions and identify distinct solutions. We have built a prototype of SolMiner and evaluated it. The evaluation shows that the technique is effective and efficient.

Related Publications:

ICSE-SEET   2016 "SolMiner: Mining Distinct Solutions in Programs."
Lannan Luo, and Qiang Zeng.
In Proceedings of the 38th International Conference on Software Engineering (ICSE), SEET, Austin, TX, May 14-22, 2016.
>> [PDF]

[Back to top]

Algorithmic Plagiarism Detection

Algorithmic Plagiarism Detection

Identifying an algorithm directly in binary code has many important applications. For example, one application is to detect intellectual property infringement that a protected algorithm presents in a software product without proper license. Another application is to detect cryptographic algorithms which have been increasingly employed by modern malware to circumvent detection, hide network communications, and protect payloads among other purposes. In this project, we develop a semantics-based binary-oriented obfuscation-resilient tool to automatically identify algorithms within binary code. We have developed a prototype. In evaluation, our tool successfully detected the present of six cryptographic algorithms in thirteen benchmark programs ranging from small to large real-world production software.

Related Publications:

TSE 2017 "Semantics-Based Obfuscation-Resilient Binary Code Similarity Comparison with Applications to Software and Algorithm Plagiarism Detection"
Lannan Luo, Jiang Ming, Dinghao Wu, Peng Liu, and Sencun Zhu.
IEEE Transactions on Software Engineering (TSE), 2017.
>> [PDF]

[Back to top]

CoP: A Binary-Oriented Obfuscation-Resilient Software Plagiarism Detection Approach

cop

Existing code similarity comparison methods, whether source or binary code based, are mostly not resilient to obfuscations. In the case of software plagiarism, emerging obfuscation techniques have made automated detection increasingly difficult.

In this project, we propose a binary-oriented, obfuscation-resilient method based on a new concept, longest common subsequence of semantically equivalent basic blocks, which combines rigorous program semantics with longest common subsequence based fuzzy matching. We model the semantics of a basic block by a set of symbolic formulas representing the input-output relations of the block. This way, the semantics equivalence (and similarity) of two blocks can be checked by a theorem prover. We then model the semantics similarity of two paths using the longest common subsequence with basic blocks as elements. This novel combination has resulted in strong resiliency to code obfuscation.

We have developed a prototype and our experimental results show that our method is effective and practical when applied to real-world software.

Related Publications:

FSE 2014 "Semantics-Based Obfuscation-Resilient Binary Code Similarity Comparison with Applications to Software Plagiarism Detection."
Lannan Luo, Jiang Ming, Dinghao Wu, Peng Liu, and Sencun Zhu.
In Proceedings of the 22nd ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE), Hong Kong, China, November 16-22, 2014.
>> [PDF]
TSE 2017 "Semantics-Based Obfuscation-Resilient Binary Code Similarity Comparison with Applications to Software and Algorithm Plagiarism Detection"
Lannan Luo, Jiang Ming, Dinghao Wu, Peng Liu, and Sencun Zhu.
IEEE Transactions on Software Engineering (TSE), 2017.
>> [PDF]

[Back to top]

BIM Data Hub: Integrating BIMserver and OpenStudio for Energy Efficient Building

BIM Data Hub

This project proposes an integrated approach at the data level to combining BIMserver and OpenStudio to build a unified EEB data exchange model. Our first step is to build an information exchange bridge between BIMserver and OpenStudio, which will enable different design and simulation tools that are connected to either of them to interoperate and exchange needed data. The integrated approach, which organizes the data flow in a unified model, enabling effective exchange of data, is currently in a beta-testing phase.

Related Publications:

ASCE 2013 "Integrating BIMserver and OpenStudio for Energy Efficient Building."
Nan Yu, Yufei Jiang, Lannan Luo, Sanghoon Lee, Abdou Jallow, Dinghao Wu, John Messner, Robert Leicht, and John Yen.
In Proceedings of the 2013 ASCE International Workshop on Computing in Civil Engineering (ASCE), pages 516-523, Los Angeles, CA, USA, June 23-25, 2013.
>> [PDF]

[Back to top]