CustomPro: Network Protocol Customization Through Cross-Host Feature Analysis

Abstract

The implementations of network protocols are often “bloated” due to various users’ needs and complex environment for deployment. The continual expansion of program features contribute to not only growing complexity but also increased the attack surface, making the maintenance of network protocol security very challenging. Existing works try to mitigate program bloat by source-code level static analysis (such as tainting and slicing) or dynamic techniques such as binary reuse. While source code is not always available for the former technique, the latter suffers from limited code coverage because of the incomplete input space. In this paper, we propose CustomPro, a new approach for automated customization of network protocols. We adopt whole system emulation, dynamic tainting and symbolic execution to identify desired code from the original program binaries, then leverage binary rewriting techniques to create a customized program binary that only contains the desired functionalities. We implement a prototype of CustomPro and evaluate its feasibility using OpenSSL (a widely used SSL implementation) and Mosquitto (an IoT messaging protocol implementation). The results show that CustomPro is able to create functional program binaries with only desired features and significantly reduce the potential attack surface by targeting and eliminating unwanted protocol features.