A Framework for Obfuscated Interpretation
نویسندگان
چکیده
Software protection via obscurity is now considered fundamental for securing software systems. This paper proposes a framework for obfuscating the program interpretation instead of obfuscating the program itself. The obfuscated interpretation enables us to hide functionality of a given program P unless the interpretation being taken is revealed. The proposed framework employs a finite state machine (FSM) based interpreter to give the context-dependent semantics to each instruction in P; thus, attempts to statically analyze the relation between instructions and their semantics will not succeed. Considering that the instruction stream (execution sequence) of P varies according to the input to P, we give a systematic method to construct P whose instruction stream is always interpreted correctly regardless of its input. Our framework is easily applied to conventional computer systems by adding a FSM unit to virtual machines such as Java Virtual Machine (JVM) and Common Language Runtime (CLR).
منابع مشابه
Software Watermarking Through Obfuscated Interpretation: Implementation and Analysis
A robust software watermarking scheme under which the watermark can resist against various attacks including collusion attacks is proposed based on obfuscated interpretation. The idea is to spread the watermark over the entire program by modifying instruction frequencies. The obfuscated interpretation technique is introduced into the scheme to not only hide the functionality of a given program ...
متن کاملPROGRAMA DE PÓS-GRADUAÇÃO EM ENGENHARIA ELÉTRICA TESE DE DOUTORADO “Context-Sensitive Analysis of x86 Obfuscated Executables”
A code obfuscation intends to confuse a program in order to make it more difficult to understand while preserving its functionality. Programs may be obfuscated to protect intellectual property and to increase security of code. Programs may also be obfuscated to hide malicious behavior and to evade detection by anti-virus scanners. We introduce a method for context-sensitive analysis of binaries...
متن کاملStack Shape Analysis to Detect Obfuscated calls in Binaries
Information about calls to the operating system (or kernel libraries) made by a binary executable maybe used to determine whether the binary is malicious. Being aware of this approach, malicious programmers hide this information by making such calls without using the CALL instruction. For instance, the CALL ADDR instruction may be replaced by two PUSH instructions and a RETURN instruction, the ...
متن کاملAbstract Stack Graph to Detect Obfuscated Calls in Binaries
Information about calls to the operating system (or kernel libraries) made by a binary executable may be used to determine whether the binary is malicious. Being aware of this approach, malicious programmers hide this information by making such calls without using the call instruction. For instance, the ‘call addr’ instruction may be replaced by two push instructions and a return instruction, t...
متن کاملImplicit Robot-Human Communication in Adversarial and Collaborative Environments
Users of AI systems may rely upon them to produce plans for achieving desired objectives. Such AI systems should be able to compute obfuscated plans whose execution in adversarial situations protects privacy as well as legible plans which are easy for team-members to understand in collaborative situations. We develop a unified framework that addresses these dual problems by computing plans with...
متن کامل