Advanced search
1 file | 1.03 MB Add to list

Obfuscated integration of software protections

Jens Van den Broeck (UGent) , Bart Coppens (UGent) and Bjorn De Sutter (UGent)
Author
Organization
Abstract
To counter man-at-the-end attacks such as reverse engineering and tampering, software is often protected with techniques that require support modules to be linked into the application. It is well known, however, that attackers can exploit the modular nature of applications and their protections to speed up the identification and comprehension process of the relevant code, the assets, and the applied protections. To counter that exploitation of modularity at different levels of granularity, the boundaries between the modules in the program need to be obfuscated. We propose to do so by combining three cross-boundary protection techniques that thwart the disassembly process and in particular the reconstruction of functions: code layout randomization, interprocedurally coupled opaque predicates, and code factoring with intraprocedural control flow idioms. By means of an experimental evaluation on realistic use cases and state-of-the-art tools, we demonstrate our technique's potency and resilience to advanced attacks. All relevant code is publicly available online.
Keywords
Computer Networks and Communications, Software, Safety, Risk, Reliability and Quality, Information Systems, Man-at-the-end attacks, Control flow graph reconstruction, Reverse engineering, Resilience, Potency

Downloads

  • (...).pdf
    • full text (Published version)
    • |
    • UGent only
    • |
    • PDF
    • |
    • 1.03 MB

Citation

Please use this url to cite or link to this publication:

MLA
Van den Broeck, Jens, et al. “Obfuscated Integration of Software Protections.” INTERNATIONAL JOURNAL OF INFORMATION SECURITY, vol. 20, 2021, pp. 73–101, doi:10.1007/s10207-020-00494-8.
APA
Van den Broeck, J., Coppens, B., & De Sutter, B. (2021). Obfuscated integration of software protections. INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 20, 73–101. https://doi.org/10.1007/s10207-020-00494-8
Chicago author-date
Van den Broeck, Jens, Bart Coppens, and Bjorn De Sutter. 2021. “Obfuscated Integration of Software Protections.” INTERNATIONAL JOURNAL OF INFORMATION SECURITY 20: 73–101. https://doi.org/10.1007/s10207-020-00494-8.
Chicago author-date (all authors)
Van den Broeck, Jens, Bart Coppens, and Bjorn De Sutter. 2021. “Obfuscated Integration of Software Protections.” INTERNATIONAL JOURNAL OF INFORMATION SECURITY 20: 73–101. doi:10.1007/s10207-020-00494-8.
Vancouver
1.
Van den Broeck J, Coppens B, De Sutter B. Obfuscated integration of software protections. INTERNATIONAL JOURNAL OF INFORMATION SECURITY. 2021;20:73–101.
IEEE
[1]
J. Van den Broeck, B. Coppens, and B. De Sutter, “Obfuscated integration of software protections,” INTERNATIONAL JOURNAL OF INFORMATION SECURITY, vol. 20, pp. 73–101, 2021.
@article{8655049,
  abstract     = {To counter man-at-the-end attacks such as reverse engineering and tampering, software is often protected with techniques that require support modules to be linked into the application. It is well known, however, that attackers can exploit the modular nature of applications and their protections to speed up the identification and comprehension process of the relevant code, the assets, and the applied protections. To counter that exploitation of modularity at different levels of granularity, the boundaries between the modules in the program need to be obfuscated. We propose to do so by combining three cross-boundary protection techniques that thwart the disassembly process and in particular the reconstruction of functions: code layout randomization, interprocedurally coupled opaque predicates, and code factoring with intraprocedural control flow idioms. By means of an experimental evaluation on realistic use cases and state-of-the-art tools, we demonstrate our technique's potency and resilience to advanced attacks. All relevant code is publicly available online.},
  author       = {Van den Broeck, Jens and Coppens, Bart and De Sutter, Bjorn},
  issn         = {1615-5262},
  journal      = {INTERNATIONAL JOURNAL OF INFORMATION SECURITY},
  keywords     = {Computer Networks and Communications,Software,Safety,Risk,Reliability and Quality,Information Systems,Man-at-the-end attacks,Control flow graph reconstruction,Reverse engineering,Resilience,Potency},
  language     = {eng},
  pages        = {73--101},
  title        = {Obfuscated integration of software protections},
  url          = {http://dx.doi.org/10.1007/s10207-020-00494-8},
  volume       = {20},
  year         = {2021},
}

Altmetric
View in Altmetric
Web of Science
Times cited: