Software protection: myth or reality?
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Tutorial notes on partial evaluation
POPL '93 Proceedings of the 20th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Encyclopedia of software engineering
Encyclopedia of software engineering
ACM Computing Surveys (CSUR)
Complementation in abstract interpretation
ACM Transactions on Programming Languages and Systems (TOPLAS)
An introduction to partial evaluation
ACM Computing Surveys (CSUR)
Future directions in program transformations
ACM SIGPLAN Notices
Manufacturing cheap, resilient, and stealthy opaque constructs
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Software watermarking: models and dynamic embeddings
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Making abstract interpretations complete
Journal of the ACM (JACM)
Systematic design of program transformation frameworks by abstract interpretation
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A unified approach to global program optimization
POPL '73 Proceedings of the 1st annual ACM SIGACT-SIGPLAN symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Elements of Software Science (Operating and programming systems series)
Elements of Software Science (Operating and programming systems series)
Constructive design of a hierarchy of semantics of a transition system by abstract interpretation
Theoretical Computer Science
Systematic design of program analysis frameworks
POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
Experience with software watermarking
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Building Diverse Computer Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Breaking Abstractions and Unstructuring Data Structures
ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Software Tamper Resistance: Obstructing Static Analysis of Programs
Software Tamper Resistance: Obstructing Static Analysis of Programs
A complexity measure based on nesting level
ACM SIGPLAN Notices
Obfuscation of executable code to improve resistance to static disassembly
Proceedings of the 10th ACM conference on Computer and communications security
Deobfuscation: Reverse Engineering Obfuscated Code
WCRE '05 Proceedings of the 12th Working Conference on Reverse Engineering
Control Code Obfuscation by Abstract Interpretation
SEFM '05 Proceedings of the Third IEEE International Conference on Software Engineering and Formal Methods
Manufacturing opaque predicates in distributed systems for code obfuscation
ACSC '06 Proceedings of the 29th Australasian Computer Science Conference - Volume 48
Independence From Obfuscation: A Semantic Framework for Dive
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Semantic-based code obfuscation by abstract interpretation
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Opaque predicates detection by abstract interpretation
AMAST'06 Proceedings of the 11th international conference on Algebraic Methodology and Software Technology
Software protection through dynamic code mutation
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Reverse engineering and reusing COBOL programs: a program transformation approach
IW-FM'97 Proceedings of the 1st Irish conference on Formal Methods
Context-sensitive analysis without calling-context
Higher-Order and Symbolic Computation
Obfuscation by partial evaluation of distorted interpreters
PEPM '12 Proceedings of the ACM SIGPLAN 2012 workshop on Partial evaluation and program manipulation
Observational Completeness on Abstract Interpretation
Fundamenta Informaticae - Logic, Language, Information and Computation
A formal framework for property-driven obfuscation strategies
FCT'13 Proceedings of the 19th international conference on Fundamentals of Computation Theory
Analyzing program dependencies for malware detection
Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014
Hi-index | 0.00 |
In recent years code obfuscation has attracted research interest as a promising technique for protecting secret properties of programs. The basic idea of code obfuscation is to transform programs in order to hide their sensitive information while preserving their functionality. One of the major drawbacks of code obfuscation is the lack of a rigorous theoretical framework that makes it difficult to formally analyze and certify the effectiveness of obfuscating techniques. We face this problem by providing a formal framework for code obfuscation based on abstract interpretation and program semantics. In particular, we show that what is hidden and what is preserved by an obfuscating transformation can be expressed as abstract interpretations of program semantics. Being able to specify what is masked and what is preserved by an obfuscation allows us to understand its potency, namely the amount of obscurity that the transformation adds to programs. In the proposed framework, obfuscation and attackers are modeled as approximations of program semantics and the lattice of abstract interpretations provides a formal tool for comparing obfuscations with respect to their potency. In particular, we prove that our framework provides an adequate setting to measure not only the potency of an obfuscation but also its resilience, i.e., the difficulty of undoing the obfuscation. We consider code obfuscation by opaque predicate insertion and we show how the degree of abstraction needed to disclose different opaque predicates allows us to compare their potency and resilience.