SaTC: TTP: Medium: The Tigress Endpoint Protection Tool

In Computer Security, an endpoint is any piece of software under the control of a user who, if malicious, can gain an advantage by inspecting, reverse engineering, or tampering with the software. Vulnerable endpoints are ubiquitous and include software in automobiles, mobile phones, medical devices, smart meters, and IoT devices in smart homes. An endpoint security tool transforms software that will run on a device that is under the control of a potential adversary in order to delay the inspection of, tampering with, or reverse engineering the software.

The project's impacts are that the investigators provide an endpoint security tool, Tigress, that aids commercial developers in securing their software assets against endpoint attacks. Tigress also gives the academic computer security community a competent adversary that allows more eective research into malware and software analysis. The project's novelties are that the investigators make available a comprehensive tool that can protect any kind of asset, in any kind of application, against any kind of endpoint attack.

In this project the investigators transition Tigress to practice. Specically, Tigress' library of transformations are extended with protections against fuzzing, symbolic analysis, code-byte tampering, and emulation. Furthermore, performance of generated code is improved, allowing Tigress-generated code to run on low-powered devices, and investigators publish comprehensive security evaluation information so that developers know the level of protection Tigress aords their applications.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.