Open AccessDOI
Obfuscator-LLVM: software protection for the masses
Pascal Junod,Julien Rinaldini,Johan Wehrli,Julie Michielin +3 more
- pp 3-9
TLDR
This paper presents and discusses a software obfuscation prototype tool based on the LLVM compilation suite that supports basic instruction substitutions, insertion of bogus control-flow constructs mixed with opaque predicates, control- Flow flattening, procedures merging as well as a code tamper-proofing algorithm embedding code and data checksums directly in the control- flow flattening mechanism.Abstract:
Software security with respect to reverse-engineering is a challenging discipline that has been researched for several years and which is still active. At the same time, this field is inherently practical, and thus of industrial relevance: indeed, protecting a piece of software against tampering, malicious modifications or reverse-engineering is a very difficult task. In this paper, we present and discuss a software obfuscation prototype tool based on the LLVM compilation suite. Our tool is built as different passes, where some of them have been open-sourced and are freely available, that work on the LLVM Intermediate Representation (IR) code. This approach brings several advantages, including the fact that it is language-agnostic and mostly independent of the target architecture. Our current prototype supports basic instruction substitutions, insertion of bogus control-flow constructs mixed with opaque predicates, control-flow flattening, procedures merging as well as a code tamper-proofing algorithm embedding code and data checksums directly in the control-flow flattening mechanism.read more
Citations
More filters
Proceedings ArticleDOI
Asm2Vec: Boosting Static Representation Robustness for Binary Clone Search against Code Obfuscation and Compiler Optimization
TL;DR: An assembly code representation learning model that can find and incorporate rich semantic relationships among tokens appearing in assembly code and significantly outperforms existing methods against changes introduced by obfuscation and optimizations is developed.
Proceedings ArticleDOI
Code obfuscation against symbolic execution attacks
TL;DR: This paper addresses the problem of characterizing the resilience of code obfuscation transformations against automated symbolic execution attacks, complementing existing works that measure the potency of obfuscation Transformations against human-assisted attacks through user studies.
Proceedings ArticleDOI
LOOP: Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code
TL;DR: In this article, a Logic Oriented Opaque Predicate Detection Tool (LOOP) is proposed to detect opaque predicates in obfuscated binary code by symbolic execution along a trace.
Proceedings ArticleDOI
When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries
Aylin Caliskan,Fabian Yamaguchi,Edwin Dauber,Richard Harang,Konrad Rieck,Rachel Greenstadt,Arvind Narayanan +6 more
TL;DR: It is shown that programmers who would like to remain anonymous need to take extreme countermeasures to protect their privacy, using both obfuscated binaries, and real-world code found "in the wild" in single-author GitHub repositories and the recently leaked Nulled.IO hacker forum.
Proceedings ArticleDOI
Cryptographic Function Detection in Obfuscated Binaries via Bit-Precise Symbolic Loop Mapping
TL;DR: This paper proposes a novel technique called bit-precise symbolic loop mapping to identify cryptographic functions in obfuscated binary code, and develops a prototype called CryptoHunt, a general approach to detecting commonly used cryptographic functions under different control and data obfuscation scheme combinations.
References
More filters
Book
Compilers: Principles, Techniques, and Tools
TL;DR: This book discusses the design of a Code Generator, the role of the Lexical Analyzer, and other topics related to code generation and optimization.
Proceedings ArticleDOI
Fully homomorphic encryption using ideal lattices
TL;DR: This work proposes a fully homomorphic encryption scheme that allows one to evaluate circuits over encrypted data without being able to decrypt, and describes a public key encryption scheme using ideal lattices that is almost bootstrappable.
Proceedings ArticleDOI
LLVM: a compilation framework for lifelong program analysis & transformation
Chris Lattner,Vikram Adve +1 more
TL;DR: The design of the LLVM representation and compiler framework is evaluated in three ways: the size and effectiveness of the representation, including the type information it provides; compiler performance for several interprocedural problems; and illustrative examples of the benefits LLVM provides for several challenging compiler problems.
Book ChapterDOI
On the (Im)possibility of Obfuscating Programs
TL;DR: It is proved that obfuscation is impossible, by constructing a family of functions F that are inherently unobfuscatable in the following sense: there is a property π : F → {0, 1} such that given any program that computes a function f ∈ F, the value π(f) can be efficiently computed.
A Taxonomy of Obfuscating Transformations
TL;DR: It is argued that automatic code obfuscation is currently the most viable method for preventing reverse engineering and the design of a code obfuscator is described, a tool which converts a program into an equivalent one that is more diicult to understand and reverse engineer.