Obfuscated integration of software protections
- Author
- Jens Van den Broeck, Bart Coppens (UGent) and Bjorn De Sutter (UGent)
- Organization
- Abstract
- To counter man-at-the-end attacks such as reverse engineering and tampering, software is often protected with techniques that require support modules to be linked into the application. It is well known, however, that attackers can exploit the modular nature of applications and their protections to speed up the identification and comprehension process of the relevant code, the assets, and the applied protections. To counter that exploitation of modularity at different levels of granularity, the boundaries between the modules in the program need to be obfuscated. We propose to do so by combining three cross-boundary protection techniques that thwart the disassembly process and in particular the reconstruction of functions: code layout randomization, interprocedurally coupled opaque predicates, and code factoring with intraprocedural control flow idioms. By means of an experimental evaluation on realistic use cases and state-of-the-art tools, we demonstrate our technique's potency and resilience to advanced attacks. All relevant code is publicly available online.
- Keywords
- Computer Networks and Communications, Software, Safety, Risk, Reliability and Quality, Information Systems, Man-at-the-end attacks, Control flow graph reconstruction, Reverse engineering, Resilience, Potency
Downloads
-
(...).pdf
- full text (Published version)
- |
- UGent only
- |
- |
- 1.03 MB
Citation
Please use this url to cite or link to this publication: http://hdl.handle.net/1854/LU-8655049
- MLA
- Van den Broeck, Jens, et al. “Obfuscated Integration of Software Protections.” INTERNATIONAL JOURNAL OF INFORMATION SECURITY, vol. 20, 2021, pp. 73–101, doi:10.1007/s10207-020-00494-8.
- APA
- Van den Broeck, J., Coppens, B., & De Sutter, B. (2021). Obfuscated integration of software protections. INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 20, 73–101. https://doi.org/10.1007/s10207-020-00494-8
- Chicago author-date
- Van den Broeck, Jens, Bart Coppens, and Bjorn De Sutter. 2021. “Obfuscated Integration of Software Protections.” INTERNATIONAL JOURNAL OF INFORMATION SECURITY 20: 73–101. https://doi.org/10.1007/s10207-020-00494-8.
- Chicago author-date (all authors)
- Van den Broeck, Jens, Bart Coppens, and Bjorn De Sutter. 2021. “Obfuscated Integration of Software Protections.” INTERNATIONAL JOURNAL OF INFORMATION SECURITY 20: 73–101. doi:10.1007/s10207-020-00494-8.
- Vancouver
- 1.Van den Broeck J, Coppens B, De Sutter B. Obfuscated integration of software protections. INTERNATIONAL JOURNAL OF INFORMATION SECURITY. 2021;20:73–101.
- IEEE
- [1]J. Van den Broeck, B. Coppens, and B. De Sutter, “Obfuscated integration of software protections,” INTERNATIONAL JOURNAL OF INFORMATION SECURITY, vol. 20, pp. 73–101, 2021.
@article{8655049, abstract = {{To counter man-at-the-end attacks such as reverse engineering and tampering, software is often protected with techniques that require support modules to be linked into the application. It is well known, however, that attackers can exploit the modular nature of applications and their protections to speed up the identification and comprehension process of the relevant code, the assets, and the applied protections. To counter that exploitation of modularity at different levels of granularity, the boundaries between the modules in the program need to be obfuscated. We propose to do so by combining three cross-boundary protection techniques that thwart the disassembly process and in particular the reconstruction of functions: code layout randomization, interprocedurally coupled opaque predicates, and code factoring with intraprocedural control flow idioms. By means of an experimental evaluation on realistic use cases and state-of-the-art tools, we demonstrate our technique's potency and resilience to advanced attacks. All relevant code is publicly available online.}}, author = {{Van den Broeck, Jens and Coppens, Bart and De Sutter, Bjorn}}, issn = {{1615-5262}}, journal = {{INTERNATIONAL JOURNAL OF INFORMATION SECURITY}}, keywords = {{Computer Networks and Communications,Software,Safety,Risk,Reliability and Quality,Information Systems,Man-at-the-end attacks,Control flow graph reconstruction,Reverse engineering,Resilience,Potency}}, language = {{eng}}, pages = {{73--101}}, title = {{Obfuscated integration of software protections}}, url = {{http://doi.org/10.1007/s10207-020-00494-8}}, volume = {{20}}, year = {{2021}}, }
- Altmetric
- View in Altmetric
- Web of Science
- Times cited: