Presenting MIR a system addressing dynamic compromise by introducing a fine-grained read-write-execute (RWX) permission model at the boundaries of libraries.
Quick Jump: Installation | Run | Repo Structure | Documentation | Citing
This repo include both static and dynamic analysis tools.
sudo apt install default-jre
npm i @andromeda/mir-sa --save-dev # Then install mir-sa
If you want to install globally, so as to analyzing any program or library in the system, replace --save-dev
with -g
.
npm i @andromeda/mir-da --save-dev
If you want to install globally, so as to analyzing any program or library in the system, replace --save-dev
with -g
.
git clone https://github.com/andromeda/mir/
cd mir/dynamic
npm install
In order to quickly run static analysis:
mir-sa -p ./node_modules | jq .
In order to quickly run dynamic analysis:
mir-da -p ./node_modules
This repo hosts all the different components of the MIR paper. This repo is stractured as follows:
If you used Mir, consider citing the following paper:
@inproceedings{vasilakis2021preventing,
title={Preventing dynamic library compromise on node. js via rwx-based privilege reduction},
author={Vasilakis, Nikos and Staicu, Cristian-Alexandru and Ntousakis, Grigoris and Kallas, Konstantinos and Karel, Ben and DeHon, Andr{\'e} and Pradel, Michael},
booktitle={Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security},
pages={1821--1838},
year={2021}
}