[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
research-article

Experimental assessment of XOR-Masking data obfuscation based on K-Clique opaque constants

Published: 01 April 2020 Publication History

Highlights

A novel data obfuscation scheme is proposed
Opaque predicates are exploited to make the obfuscation scheme resilient to static analysis
This novel data obfuscation scheme is sound and obfuscated code has acceptable performance overhead.

Abstract

Data obfuscations are program transformations used to complicate program understanding and conceal actual values of program variables. The possibility to hide constant values is a basic building block of several obfuscation techniques. In XOR-Masking, a constant mask is used to obfuscate data, but this mask must be hidden too, in order to keep the obfuscation resilient to attacks.
In this paper, we present a novel extension of XOR-Masking where the mask is an opaque constant, i.e. a value that is difficult to guess by static analysis. In fact, opaque constants are constructed such that static analysis should solve the k-clique problem, which is known to be NP-complete, to identify the mask value.
In our experimental assessment we apply obfuscation to 12 real Java applications. We observe that obfuscation does not alter the program correctness and we record performance overhead due to obfuscation, in terms of execution time and memory consumption.

References

[1]
B. Abrath, B. Coppens, S. Volckaert, J. Wijnant, B. De Sutter, Tightly-coupled self-debugging software protection, Proceedings of the 6th Workshop on Software Security, Protection, and Reverse Engineering, ACM, 2016, p. 7.
[2]
B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan, K. Yang, On the (im) possibility of obfuscating programs, J. ACM (JACM) 59 (2) (2012) 6.
[3]
Cannell, J., 2013. Obfuscation: Malwares best friend.
[4]
M. Ceccato, P. Tonella, C. Basile, B. Coppens, B. De Sutter, P. Falcarin, M. Torchiano, How professional hackers understand protected code while performing attack tasks, 2017 IEEE/ACM 25th International Conference on Program Comprehension (ICPC), IEEE, 2017, pp. 154–164.
[5]
M. Ceccato, P. Tonella, C. Basile, P. Falcarin, M. Torchiano, B. Coppens, B. De Sutter, Understanding the behaviour of hackers while performing attack tasks in a professional setting and in a public challenge, Emp. Softw. Eng. 24 (1) (2019) 240–286.
[6]
C. Collberg, C. Thomborson, D. Low, A Taxonomy of Obfuscating Transformations, Technical Report 148, Dept. of Computer Science, The Univ. of Auckland, 1997.
[7]
C. Collberg, C. Thomborson, D. Low, Manufacturing cheap, resilient, and stealthy opaque constructs, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, ACM, 1998, pp. 184–196.
[8]
C.S. Collberg, C. Thomborson, Watermarking, tamper-proofing, and obfuscation: tools for software protection, IEEE Trans. Softw. Eng. 28 (2002) 735–746,.
[9]
P. Falcarin, C. Collberg, M. Atallah, M. Jakubowski, Guest editors’ introduction: software protection, Software, IEEE 28 (2) (2011) 24–27.
[10]
M.R. Garey, D.S. Johnson, Computers and intractability, 29, wh freeman New York, 2002.
[11]
S. Garg, C. Gentry, S. Halevi, M. Raykova, A. Sahai, B. Waters, Candidate indistinguishability obfuscation and functional encryption for all circuits, Foundations of Computer Science (FOCS), 2013 IEEE 54th Annual Symposium on, IEEE, 2013, pp. 40–49.
[12]
M.H. Jakubowski, C.W. Saw, R. Venkatesan, Iterated transformations and quantitative metrics for software protection., SECRYPT, 2009, pp. 359–368.
[13]
M. Karnick, J. MacBride, S. McGinnis, Y. Tang, R. Ramachandran, A qualitative analysis of java obfuscation, Proceedings of 10th IASTED International Conference on Software Engineering and Applications, Dallas TX, USA, 2006.
[14]
R.M. Karp, Complexity of Computer Computations: Proceedings of a symposium on the Complexity of Computer Computations, held March 20–22, 1972, at the IBM Thomas J. Watson Research Center, Yorktown Heights, New York, and sponsored by the Office of Naval Research, Mathematics Program, IBM World Trade Corporation, and the IBM Research Mathematical Sciences Department, Springer US, Boston, MA, 1972, pp. 85–103.
[15]
A. Moser, C. Kruegel, E. Kirda, Limits of static analysis for malware detection, Computer security applications conference, 2007. ACSAC 2007. Twenty-third annual, IEEE, 2007, pp. 421–430.
[16]
J. Palsberg, S. Krishnaswamy, M. Kwon, D. Ma, Q. Shao, Y. Zhang, Experience with software watermarking, Proceedings 16th Annual Computer Security Applications Conference (ACSAC’00), IEEE, 2000, pp. 308–316.
[17]
G. Ramalingam, The undecidability of aliasing, ACM Trans. Program. Lang. Syst. (TOPLAS) 16 (5) (1994) 1467–1471.
[18]
B. Selman, D.G. Mitchell, H.J. Levesque, Generating hard satisfiability problems, Artif. Intell. 81 (1) (1996) 17–29.
[19]
I. Sutherland, G.E. Kalb, A. Blyth, G. Mulley, An empirical examination of the reverse engineering process for binary files, Computers & Security 25 (3) (2006) 221–228.
[20]
R. Tiella, M. Ceccato, Automatic generation of opaque constants based on the k-clique problem for resilient data obfuscation, 2017 IEEE 24th International Conference on Software Analysis, Evolution and Reengineering (SANER), IEEE, 2017, pp. 182–192.
[21]
S.K. Udupa, S.K. Debray, M. Madou, Deobfuscation: Reverse engineering obfuscated code, Proceedings of the 12th Working Conference on Reverse Engineering, IEEE Computer Society, Washington, DC, USA, 2005, pp. 45–54,.
[22]
Z. Wang, J. Ming, C. Jia, D. Gao, Linear obfuscation to combat symbolic execution, Computer Security–ESORICS 2011, Springer, 2011, pp. 210–226.
[23]
G. Wroblewski, General Method of Program Code Obfuscation, Wroclaw University of Technology, Institute of Engineering Cybernetics, 2002., 2002, Ph.D. thesis.
[24]
D. Xu, J. Ming, D. Wu, Generalized dynamic opaque predicates: A new control flow obfuscation method, International Conference on Information Security, Springer, 2016, pp. 323–342.
[25]
C. Zarate, S.L. Garfinkel, A. Heffernan, K. Gorak, S. Horras, A Survey of XOR as a Digital Obfuscation Technique in a Corpus of Real Data, Technical Report, DTIC Document, 2014.

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Journal of Systems and Software
Journal of Systems and Software  Volume 162, Issue C
Apr 2020
224 pages

Publisher

Elsevier Science Inc.

United States

Publication History

Published: 01 April 2020

Author Tags

  1. Data obfuscation
  2. Program transformation
  3. Obfuscation overhead

Qualifiers

  • Research-article

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 0
    Total Downloads
  • Downloads (Last 12 months)0
  • Downloads (Last 6 weeks)0
Reflects downloads up to 21 Dec 2024

Other Metrics

Citations

View Options

View options

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media