Folklore confirmed: reducible flow graphs are exponentially larger
POPL '03 Proceedings of the 30th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
Oblivious Hashing: A Stealthy Software Integrity Verification Primitive
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Dynamic Self-Checking Techniques for Improved Tamper Resistance
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Protecting Software Code by Guards
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs
ISC '01 Proceedings of the 4th International Conference on Information Security
Obfuscation of executable code to improve resistance to static disassembly
Proceedings of the 10th ACM conference on Computer and communications security
SAFE-OPS: An approach to embedded software security
ACM Transactions on Embedded Computing Systems (TECS)
Soft Tamper-Proofing via Program Integrity Verification in Wireless Sensor Networks
IEEE Transactions on Mobile Computing
Hybrid static-dynamic attacks against software protection mechanisms
Proceedings of the 5th ACM workshop on Digital rights management
Control flow based obfuscation
Proceedings of the 5th ACM workshop on Digital rights management
Control Code Obfuscation by Abstract Interpretation
SEFM '05 Proceedings of the Third IEEE International Conference on Software Engineering and Formal Methods
IBM Systems Journal
Some new approaches for preventing software tampering
Proceedings of the 44th annual Southeast regional conference
Proceedings of the 9th workshop on Multimedia & security
Program obfuscation: a quantitative approach
Proceedings of the 2007 ACM workshop on Quality of protection
Mechanism for software tamper resistance: an application of white-box cryptography
Proceedings of the 2007 ACM workshop on Digital Rights Management
Binary obfuscation using signals
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
The Superdiversifier: Peephole Individualization for Software Protection
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Analysis of Program Obfuscation Schemes with Variable Encoding Technique
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Effective implementation of the cell broadband engine™ isolation loader
Proceedings of the 16th ACM conference on Computer and communications security
Semantics-based code obfuscation by abstract interpretation
Journal of Computer Security
Tamper-Tolerant Software: Modeling and Implementation
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
Delayed and controlled failures in tamper-resistant software
IH'06 Proceedings of the 8th international conference on Information hiding
Live forensics framework for wireless sensor nodes using sandboxing
Proceedings of the 6th ACM workshop on QoS and security for wireless and mobile networks
Simulation of operational semantics of machine instructions
Programming and Computing Software
Network–Level polymorphic shellcode detection using emulation
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Remote software-based attestation for wireless sensors
ESAS'05 Proceedings of the Second European conference on Security and Privacy in Ad-Hoc and Sensor Networks
Replacement attacks against VM-protected applications
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Software tamper resistance through dynamic program monitoring
DRMTICS'05 Proceedings of the First international conference on Digital Rights Management: technologies, Issues, Challenges and Systems
Call tree transformation for program obfuscation and copy protection
DRMTICS'05 Proceedings of the First international conference on Digital Rights Management: technologies, Issues, Challenges and Systems
Software-Based copy protection for temporal media during dissemination and playback
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Aligot: cryptographic function identification in obfuscated binary programs
Proceedings of the 2012 ACM conference on Computer and communications security
Software protection for dynamically-generated code
PPREW '13 Proceedings of the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop
| Hi-index | 0.00 |
Reliable execution of software on untrustworthy platforms is a difficult problem. On the one hand, the underlying system services cannot be relied upon to provide execution assurance, while on the other hand, the effect of a tampered execution can be disastrous -- consider intrusion detection programs. What is needed, in this case, is tamper resistant software. Code obfuscation has been an area of development, in part, to enhance software tamper resistance. However, most obfuscation techniques are ad hoc, without the support of sound theoretical basis or provable results. In this paper, we address one aspect of software protection by obstructing static analysis of programs. Our techniques are based, fundamentally, on the difficulty of resolving aliases in programs. The presence of aliases has been proven to greatly restrict the precision of static data-flow analysis. Meanwhile, effective alias detection has been shown to be NP-Hard. While this represents a significant hurdle for code optimization, it provides a theoretical basis for structuring tamper-resistant programs -- systematic introduction of nontrivial aliases transforms programs to a form that yields data flow information very slowly and/or with little precision. Precise alias analysis relies on the collection of static control flow information. We further hinder the analysis by a systematic "break-down" of the program control-flow; transforming high level control transfers to indirect addressing through aliased pointers. By doing so, we have made the basic control-flow analysis into a general alias analysis problem, and the data-flow analysis and control-flow analysis are made co-dependent. We present a theoretical result which shows that a precise analysis of the transformed program, in the general case, is NP-hard and demonstrate the applicability of our techniques with empirical results.