Cited By
View all- Sha ZShu HXiong XKang F(2022)Model of Execution Trace Obfuscation Between ThreadsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.312315919:6(4156-4171)Online publication date: 1-Nov-2022
Enhanced branch obfuscation based on exception handling and encrypted mapping table
Article No.: 140, Pages 1 - 9
Abstract
Reverse analysis will lead to the problems of software crack, theft and tamper, where the control flow analysis will reveal the program execution logic. The conditional jump instruction contains the branch conditions and targets, and as the breaking point of control flow analysis, it will easily expose some significant branch information of the program. Based on the exception handling mechanism and encrypted mapping table, this paper proposes a enhanced branch obfuscation, which first introduces the exception code to replace the conditional jump instructions and then constructs the exception handlers to restore execution according to the mapping relation between the branch conditions and targets. Furthermore as supplement and perfect, the method rearranges the basic blocks and inserts some redundant blocks to increase the difficulty against reverse analysis. The method is evaluated from three aspects of validity, space cost and time cost. Finally the experiment results show that the branch obfuscation has a good protection performance and can resist static and dynamic analysis, and also it has an acceptable performance of space and time cost.
References
[1]
Vivek Balachandran and Sabu Emmanuel. 2013. Potent and stealthy control flow obfuscation by stack based self-modifying code. IEEE Transactions on Information Forensics and Security 8, 4 (2013), 669--681.
[2]
Sebastian Banescu, Christian Collberg, Vijay Ganesh, Zack Newsham, and Alexander Pretschner. 2016. Code obfuscation against symbolic execution attacks. In Proceedings of the 32nd Annual Conference on Computer Security Applications. ACM, 189--200.
[3]
Boaz Barak, Oded Goldreich, Russell Impagliazzo, Steven Rudich, Amit Sahai, Salil Vadhan, and Ke Yang. 2012. On the (im) possibility of obfuscating programs. Journal of the ACM (JACM) 59, 2 (2012), 6.
[4]
Philippe Beaucamps and Éric Filiol. 2007. On the possibility of practically obfuscating programs towards a unified perspective of code protection. Journal in Computer Virology 3, 1 (2007), 3--21.
[5]
Chandan Kumar Behera and D Lalitha Bhaskari. 2015. Different obfuscation techniques for code protection. Procedia Computer Science 70 (2015), 757--763.
[6]
Chandan Kumar Behera and D Lalitha Bhaskari. 2016. Code obfuscation by using floating points and conditional statements. In Proceedings of the 4th International Conference on Frontiers in Intelligent Computing: Theory and Applications (FICTA) 2015. Springer, 569--578.
[7]
Cristian Cadar and Koushik Sen. 2013. Symbolic execution for software testing: three decades later. Commun. ACM 56, 2 (2013), 82--90.
[8]
Wang Xiaochu Jia Chunfu Chen Zhe, Wang Zhi. 2015. Using Code Mobility to Obfuscate Control Flow in Binary Codes. Journal of Computer Research and Development 52, 8 (2015), 1902--1909.
[9]
Christian Collberg, Clark Thomborson, and Douglas Low. 1998. Manufacturing cheap, resilient, and stealthy opaque constructs. In Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages. ACM, 184--196.
[10]
C Collberg, C Thomborson, Douglas Low, and D Low. 1997. A taxonomy of obfuscating transformations. Department of Computer Sciences, The University of Auckland. Technical Report. Technical Report 148, July.
[11]
Mila Dalla Preda and Roberto Giacobazzi. 2005. Semantic-based code obfuscation by abstract interpretation. In International Colloquium on Automata, Languages, and Programming. Springer, 1325--1336.
[12]
Pratiksha Gautam and Hemraj Saini. 2017. A Novel Software Protection Approach for Code Obfuscation to Enhance Software Security. International Journal of Mobile Computing and Multimedia Communications (IJMCMC) 8, 1 (2017), 34--47.
[13]
Aniket Kulkarni and Ravindra Metta. 2014. A new code obfuscation scheme for software protection. In 2014 IEEE 8th International Symposium on Service Oriented System Engineering. IEEE, 409--414.
[14]
Savio Antony Sebastian, Saurabh Malgaonkar, Paulami Shah, Mudit Kapoor, and Tanay Parekhji. 2016. A Study Review on Code Obfuscation. (2016).
[15]
Monirul I Sharif, Andrea Lanzi, Jonathon T Giffin, and Wenke Lee. 2008. Impeding Malware Analysis Using Conditional Code Obfuscation. In NDSS.
[16]
Qing Su, Fan He, Naiqi Wu, and Zhiyi Lin. 2018. A Method for Construction of Software Protection Technology Application Sequence Based on Petri Net With Inhibitor Arcs. IEEE Access 6 (2018), 11988--12000.
[17]
Nandeesha Veeranna and Benjamin Carrion Schafer. 2017. Efficient behavioral intellectual properties source code obfuscation for high-level synthesis. In 2017 18th IEEE Latin American Test Symposium (LATS). IEEE, 1--6.
[18]
Chenxi Wang, Jonathan Hill, John Knight, and Jack Davidson. 2000. Software tamper resistance: Obstructing static analysis of programs. Technical Report. Technical Report CS-2000-12, University of Virginia, 12 2000.
[19]
Liu Weijie Wang Xiaochu Zhang Haining Yu Xiaoxu Chen Zhe Wang Zhi, Jia Chunfu. 2015. Branch Obfuscation to Combat symbolic Execution. Acta Electronica Sinica 43, 5 (2015), 870--878.
[20]
Xin Xie, Bin Lu, Daofu Gong, Xiangyang Luo, and Fenlin Liu. 2016. Random table and hash coding-based binary code obfuscation against stack trace analysis. IET Information Security 10, 1 (2016), 18--27.
Recommendations
Efficient Java exception handling in just-in-time compilation
Research ArticlesJava uses exceptions to provide elegant error handling capabilities during program execution. However, the presence of exception handlers complicates the job of the just-in-time (JIT) compiler, while exceptions are rarely used in most programs. This ...
Towards architecture-level middleware-enabled exception handling of component-based systems
CBSE '11: Proceedings of the 14th international ACM Sigsoft symposium on Component based software engineeringException handling is a practical and important way to improve the availability and reliability of a component-based system. The classical code-level exception handling approach is usually applied to the inside of a component, while some exceptions can ...
A catalogue of bug patterns for exception handling in aspect-oriented programs
PLoP '08: Proceedings of the 15th Conference on Pattern Languages of ProgramsAspects allow a developer to externally add new functionality to a program. This additional functionality may also throw new exceptions that will flow through the program execution until they are handled. Moreover, aspects can also be used to handle ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
May 2019
963 pages
ISBN:9781450371582
DOI:10.1145/3321408
Copyright © 2019 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 17 May 2019
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
ACM TURC 2019
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 74Total Downloads
- Downloads (Last 12 months)13
- Downloads (Last 6 weeks)1
Reflects downloads up to 31 Dec 2024
Other Metrics
Citations
Cited By
View all- Sha ZShu HXiong XKang F(2022)Model of Execution Trace Obfuscation Between ThreadsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.312315919:6(4156-4171)Online publication date: 1-Nov-2022
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in