Partial evaluation and automatic program generation
Partial evaluation and automatic program generation
Abstract debugging of higher-order imperative languages
PLDI '93 Proceedings of the ACM SIGPLAN 1993 conference on Programming language design and implementation
Operating system protection through program evolution
Computers and Security
Manufacturing cheap, resilient, and stealthy opaque constructs
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Making abstract interpretations complete
Journal of the ACM (JACM)
Systematic design of program transformation frameworks by abstract interpretation
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Systematic design of program analysis frameworks
POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
Aspects of the PGG System: Specialization for Standard Scheme
Partial Evaluation - Practice and Theory, DIKU 1998 International Summer School
Advanced Logic Program Specialisation
Partial Evaluation - Practice and Theory, DIKU 1998 International Summer School
SIMILIX: A Self-Applicable Partial Evaluator for Scheme
Partial Evaluation - Practice and Theory, DIKU 1998 International Summer School
The Semantics of Program Slicing and Program Integration
TAPSOFT '89 Proceedings of the International Joint Conference on Theory and Practice of Software Development, Volume 2: Advanced Seminar on Foundations of Innovative Software Development II and Colloquium on Current Issues in Programming Languages
On the (Im)possibility of Obfuscating Programs
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Incompleteness, Counterexamples, and Refinements in Abstract Model-Checking
SAS '01 Proceedings of the 8th International Symposium on Static Analysis
Protection of Software-Based Survivability Mechanisms
DSN '01 Proceedings of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS)
An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs
ISC '01 Proceedings of the 4th International Conference on Information Security
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A framework for obfuscated interpretation
ACSW Frontiers '04 Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation - Volume 32
Transformation by interpreter specialisation
Science of Computer Programming - Special issue on program transformation
A tour of tempo: a program specializer for the C language
Science of Computer Programming - Special issue on program transformation
Slicing as a program transformation
ACM Transactions on Programming Languages and Systems (TOPLAS)
Slicing obfuscations: design, correctness, and evaluation
Proceedings of the 2007 ACM workshop on Digital Rights Management
Data dependencies and program slicing: from syntax to abstract semantics
PEPM '08 Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Hiding Information in Completeness Holes: New Perspectives in Code Obfuscation and Watermarking
SEFM '08 Proceedings of the 2008 Sixth IEEE International Conference on Software Engineering and Formal Methods
Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection
Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection
Semantics-based code obfuscation by abstract interpretation
Journal of Computer Security
Adjoining classified and unclassified information by abstract interpretation
Journal of Computer Security
Opaque predicates detection by abstract interpretation
AMAST'06 Proceedings of the 11th international conference on Algebraic Methodology and Software Technology
Specifying imperative data obfuscations
ISC'07 Proceedings of the 10th international conference on Information Security
Making abstract interpretation incomplete: modeling the potency of obfuscation
SAS'12 Proceedings of the 19th international conference on Static Analysis
| Hi-index | 0.00 |
How to construct a general program obfuscator? We present a novel approach to automatically generating obfuscated code P2 from any program P whose source code is given. Start with a (program-executing) interpreter interp for the language in which P is written. Then "distort" interp so it is still correct, but its specialization P2 w.r.t. P is transformed code that is equivalent to the original program, but harder to understand or analyze. Potency of the obfuscator is proved with respect to a general model of the attacker, modeled as an approximate (abstract) interpreter. A systematic approach to distortion is to make program P obscure by transforming it to P2 on which (abstract) interpretation is incomplete. Interpreter distortion can be done by making residual in the specialization process sufficiently many interpreter operations to defeat an attacker in extracting sensible information from transformed code. Our method is applied to: code flattening, data-type obfuscation, and opaque predicate insertion. The technique is language independent and can be exploited for designing obfuscating compilers.