An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs

Chow, Stanley; Gu, Yuan; Johnson, Harold J.; Zakharov, Vladimir A.

doi:10.1007/3-540-45439-x_10

Cited by 78 publications

(57 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The theoretical literature on software obfuscation appears somewhat contradictory. The np-hardness results of Wang [27] and pspace-hardness results of Chowet al [10] provide theoretical evidence that code transformations can massively increase the difficulty of reverse-engineering. In contrast, the impossibility results of Barak et al [3], essentially show that a software virtual black box generator, which can protect every program's code from revealing more than the program's input-output behavior reveals, cannot exist.…”

Section: Introduction and Overviewmentioning

confidence: 99%

White-Box Cryptography and an AES Implementation

Chow

Eisen

Johnson

et al. 2003

Lecture Notes in Computer Science

Self Cite

253

283

View full text Add to dashboard Cite

Abstract. Conventional software implementations of cryptographic algorithms are totally insecure where a hostile user may control the execution environment, or where co-located with malicious software. Yet current trends point to increasing usage in environments so threatened. We discuss encrypted-composed-function methods intended to provide a practical degree of protection against white-box (total access) attacks in untrusted execution environments. As an example, we show how aes can be implemented as a series of lookups in key-dependent tables. The intent is to hide the key by a combination of encoding its tables with random bijections representing compositions rather than individual steps, and extending the cryptographic boundary by pushing it out further into the containing application. We partially justify our aes implementation, and motivate its design, by showing how removal of parts of the recommended implementation allows specified attacks, including one utilizing a pattern in the aes SubBytes table.

show abstract

Section: Introduction and Overviewmentioning

confidence: 99%

White-Box Cryptography and an AES Implementation

Chow

Eisen

Johnson

et al. 2003

Lecture Notes in Computer Science

Self Cite

253

283

View full text Add to dashboard Cite

show abstract

“…On the side showing promise for software obfuscation are np-hardness results of C. Wang [52] (see also the earlier report [51]), the related results of Ogiso [43], and pspace-hardness results of Chow et al [15]. These suggest that one may expect code transformations to significantly (e.g.…”

Section: Positive and Negative Theoretical Resultsmentioning

confidence: 89%

Revisiting Software Protection

Oorschot

2003

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Many automatic code obfuscation tools are available nowadays both for commercial (e.g. Semantic Designs Inc.'s C obfuscator (Semantic Designs 2016), Stunnix's obfuscators (Stunnix 2016), Diablo (Maebe and Sutter 2006)) and research purposes (Chow et al 2001;Schulze and Meyer 2013;Madou et al 2006;Necula et al 2002).…”

Section: Obfuscation and Deobfuscationmentioning

confidence: 99%

A comparison of code similarity analysers

2017

View full text Add to dashboard Cite

Copying and pasting of source code is a common activity in software engineering. Often, the code is not copied as it is and it may be modified for various purposes; e.g. refactoring, bug fixing, or even software plagiarism. These code modifications could affect the performance of code similarity analysers including code clone and plagiarism detectors to some certain degree. We are interested in two types of code modification in this study: pervasive modifications, i.e. transformations that may have a global effect, and local modifications, i.e. code changes that are contained in a single method or code block. We evaluate 30 code similarity detection techniques and tools using five experimental scenarios for Java source code. These are (1) pervasively modified code, created with tools for source code and bytecode obfuscation, and boiler-plate code, (2) source code normalisation through compilation and decompilation using different decompilers, (3) reuse of optimal configurations over different data sets, (4) tool evaluation using ranked-based measures, and (5) local + global code modifications. Our experimental results show that in the presence of pervasive modifications, some of the general textual similarity measures can offer similar performance to specialised code similarity tools, whilst in the presence of boiler-plate code, highly specialised source code similarity detection techniques and tools outperform textual similarity measures. Our study strongly validates the use of compilation/decompilation as a normalisation technique. Its use reduced false classifications to zero for three of the tools. Moreover, we demonstrate that optimal configurations are very sensitive to a specific data set. After directly applying optimal configurations derived from one data set to another, the tools perform poorly on the new data set. The code similarity analysers are thoroughly evaluated not only based on several well-known pair-based and query-based error measures but also on each specific type of pervasive code modification. This broad, thorough study is the largest in existence and potentially an invaluable guide for future users of similarity detection in source code.

show abstract

An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs

Cited by 78 publications

References 13 publications

White-Box Cryptography and an AES Implementation

White-Box Cryptography and an AES Implementation

Revisiting Software Protection

A comparison of code similarity analysers

Contact Info

Product

Resources

About