A Tutorial on Software Obfuscation

Bănescu, Sebastian; Pretschner, Alexander

doi:10.1016/bs.adcom.2017.09.004

Cited by 29 publications

(14 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Many of these techniques are orthogonal to our work and focus on one specific transformation. For an overview over the field of obfuscation, we refer the interested reader to the tutorial by Banescu and Pretschner [3]. In the following, we discuss techniques closest to our work.…”

Section: Related Workmentioning

confidence: 99%

Technical Report: Hardening Code Obfuscation Against Automated Attacks

Schloegel¹,

Blazytko²,

Contag³

et al. 2021

Preprint

View full text Add to dashboard Cite

Software obfuscation is a crucial technology to protect intellectual property. Despite its importance, commercial and academic state-of-the-art obfuscation approaches are vulnerable to a plethora of automated deobfuscation attacks, such as symbolic execution, taint analysis, or program synthesis. While several enhanced techniques were proposed to thwart taint analysis or symbolic execution, they either impose a prohibitive runtime overhead or can be removed by compiler optimizations. In general, they suffer from focusing on a single attack vector, allowing an attacker to switch to other more effective techniques, such as program synthesis.In this work, we present LOKI, an approach for code obfuscation that is resilient against all known automated deobfuscation attacks. To this end, we deploy multiple techniques, including a generic approach to synthesize formally verified expressions of arbitrary complexity. Contrary to state-of-theart approaches that rely on a few hardcoded generation rules, our expressions are more diverse and harder to pattern match against. Moreover, LOKI protects against previously unaccounted attack vectors such as program synthesis, for which it reduces the success rate to merely 19%. Overall, our design incurs significantly less overhead while providing a much stronger protection level.

show abstract

Section: Related Workmentioning

confidence: 99%

Technical Report: Hardening Code Obfuscation Against Automated Attacks

Schloegel¹,

Blazytko²,

Contag³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…In the '80s, before an obfuscation research community was even born, malicious entities were regularly shielding malware and subverting anti-piracy licensing schemes used by vendors [9]. Some techniques like polymorphism later experienced a resurgence in the context of attack prevention [61], but it was only after the seminal taxonomy work of Collberg et al [27] that obfuscation research saw a remarkable growth in the number of proposed techniques [61].…”

Section: Code Obfuscationmentioning

confidence: 99%

“…To present obfuscation concepts relevant to the scope of this paper we mostly follow the recent classification proposed in [9].…”

Section: Code Obfuscationmentioning

confidence: 99%

“…Code obfuscation techniques combat malicious end users known as Man-At-The-End (MATE) attackers [25]. Such individuals are assumed to be extremely powerful: they can analyze a program statically or dynamically, alter the memory state and the CPU context, and simulate a hardware platform [9]. The last stand against such attacks is to devise obfuscations complex enough to economically discourage MATE actors from performing one [23].…”

Section: Code Obfuscationmentioning

confidence: 99%

See 1 more Smart Citation

Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation

Borrello,

Coppa,

D'Elia

2020

Preprint

View full text Add to dashboard Cite

Largely known for attack scenarios, code reuse techniques at a closer look reveal properties that are appealing also for program obfuscation. We explore the popular return-oriented programming paradigm under a new light, transforming program functions into chains of gadgets that coexist seamlessly with the surrounding software stack. We show how to build chains that can withstand state-to-the-art static and dynamic deobfuscation approaches, evaluating the robustness and overheads of the design over common programs. The results suggest a significant increase in the amount of resources that would be required to carry man-at-the-end attacks. CCS CONCEPTS• Security and privacy → Software and application security;• Software and its engineering → Software notations and tools.

show abstract

“…The main countermeasure against these attacks is obfuscation, which can be defined as a transformation that produces a more complex program but which has the same observable behavior [1]. Several taxonomies classify the different obfuscation methods by the abstraction level (source code, machine code), the unit (instruction, function, program), or the target (data, code) of the performed transformation [2]. According to this classification, the abstraction level of our method is machine code, its unit of transformation is function, and it mainly targets code.…”

Section: Introductionmentioning

confidence: 99%