35th Annual Computer Security Applications Conference (ACSAC 2019)

Full Program »
Paper
View File
ACM
Presentation
View File
pdf

How to Kill Symbolic Deobfuscation for Free (or: Unleashing the Potential of Path-Oriented Protections)

Code obfuscation is a major tool for protecting software intellectual property from attacks such as reverse engineering or code tampering. Yet, recently proposed (automated) attacks based on Dynamic Symbolic Execution (DSE) show very promising results, hence threatening software integrity. Current defenses are not fully satisfactory, being either not efficient against symbolic reasoning, or affecting runtime performance too much, or being too easy to spot. We present and study a new class of anti-DSE protections coined as path-oriented protections targeting the weakest spot of DSE, namely path exploration. We propose a lightweight, efficient, resistant and analytically-proved class of obfuscation algorithms designed to hinder DSE-based attacks. Extensive evaluation against several deobfuscation goals and search heuristics demonstrates that these approaches critically counter symbolic deobfuscation while yielding only a very slight overhead.

Sebastien Bardin
CEA LIST

Richard Bonichon
CEA LIST

Jean-Yves Marion
LORIA, Universite de Lorraine, CNRS, Inria

Mathilde Ollivier
CEA LIST

 



Powered by OpenConf®
Copyright©2002-2020 Zakon Group LLC