[PRL] Thesis Defense: Efficient, Transparent,
and Comprehensive Runtime Code Manipulation
Mitchell Wand
wand at ccs.neu.edu
Fri Aug 13 12:42:54 EDT 2004
From: CSAIL Event Calendar <eventcalendar at csail.mit.edu>
Sender: seminars-bounces at lists.csail.mit.edu
To: seminars at csail.mit.edu
Cc:
Subject: TALK:8-26-04 Thesis Defense: Efficient, Transparent, and Compr
Date: Fri, 13 Aug 2004 11:55:14 -0400
Thesis Defense: Efficient, Transparent, and Comprehensive Runtime Code Manipulation
Speaker: Derek L. Bruening
Host: Thesis Advisor: Saman Amarasinghe
Host Affiliation: Committee: Martin Rinard, Frans Kaashoek, Arvind
Date: 8-26-2004
Time: 2:00 PM - 4:00 PM
Refreshments: 1:45 PM
Location: 32-D463 Star
Abstract:
This thesis investigates the challenges of building a software system for
general-purpose runtime code manipulation. Modern applications, with
dynamically-loaded modules and dynamically-generated code, are assembled at
runtime. Observing and potentially manipulating every instruction, which
is critical for program analysis, instrumentation, trace gathering,
optimization, and similar tools, was once feasible at compile time; it can
now only be done at runtime. Runtime code manipulation has been used in
special-purpose systems (often with hardware support) and in toy systems,
but no general framework has been developed that allows fine-grained and
comprehensive code manipulation without high overheads.
We present DynamoRIO, the first software system that can manipulate, at
runtime, and with zero impact, every instruction an arbitrary application
executes. Zero impact requires matching native application behavior
through full transparency and negligible performance overhead. DynamoRIO
is comprehensive, both in its ability to manipulate every single executed
instruction and in handling every application, including those with
dynamically-loaded, generated, or even modified code. Furthermore, this is
achieved despite the formidable obstacles inherent in the IA-32
architecture, and requires no modification to the hardware, operating
system, or application. Our system provides these capabilities with only
an average ten percent time and memory overhead across benchmarks on both
Windows and Linux.
DynamoRIO exports an interface for building custom runtime code
manipulation tools of all types. It has been used by many researchers,
with several hundred downloads of our public release, and is being
commercialized in a product for protection against remote security
exploits, one of numerous applications of runtime code manipulation.
Relevant URL(S):
For more information please contact: Mary McDavitt, 617-253-9620, mmcdavit at csail.mit.edu
_______________________________________________
Seminars mailing list
Seminars at lists.csail.mit.edu
http://lists.csail.mit.edu/mailman/listinfo/seminars
More information about the PRL
mailing list