A Goal-Oriented Approach to Software Obfuscation
نویسندگان
چکیده
Various software obfuscation techniques have been proposed. However, there are few discussions on proper use of these obfuscations against imaginable threats. An ad-hoc use of obfuscations cannot guarantee that a program is sufficiently protected. For a systematic use of obfuscations and the verification of the result, this paper proposes a goal oriented approach to obfuscation. Specifically, we (1) define the capability of an imaginary cracker, (2) identify the cracker’s goal, (3) conduct a goaloriented analysis, (4) select obfuscations to disrupt all subgoals, and (5) apply selected obfuscations to the program. As a case study, we define a security goal and a threat model for a Java implementation of a cryptomeria cipher (C2) program, and then, based on the model, we demonstrate how the goal oriented analysis is conducted and obfuscation techniques are applied to places where they are needed.
منابع مشابه
On Secure and Usable Program Obfuscation: A Survey
Program obfuscation is a widely employed approach for software intellectual property protection. However, general obfuscation methods (e.g., lexical obfuscation, control obfuscation) implemented in mainstream obfuscation tools are heuristic and have little security guarantee. Recently in 2013, Garg et al. have achieved a breakthrough in secure program obfuscation with a graded encoding mechanis...
متن کاملSemantic-Based Code Obfuscation by Abstract Interpretation
Interpretation Mila Dalla Preda and Roberto Giacobazzi Dipartimento di Informatica, Università di Verona Strada Le Grazie 15, 37134 Verona (Italy) [email protected] | [email protected] Abstract. In this paper we introduce a semantic-based approach for code obfuscation. The aim of code obfuscation is to prevent malicious users to disclose properties of the original source program. ...
متن کاملExploit Dynamic Data Flows to Protect Software Against Semantic Attacks
Unauthorized code modification based on reverse engineering is a serious threat for software industry. Virtual machine based code obfuscation is emerging as a powerful technique for software protection. However, the current code obfuscation techniques are vulnerable under semantic attacks which use dynamic profiling to transform an obfuscated program to construct a simpler program that is funct...
متن کاملASIC design protection against reverse engineering during the fabrication process using automatic netlist obfuscation design flow
Fab-less business model in semiconductor industry has led to serious concerns about trustworthy hardware. In untrusted foundries and manufacturing companies, submitted layout may be analyzed and reverse engineered to steal the information of a design or insert malicious Trojans. Understanding the netlist topology is the ultimate goal of the reverse engineering process. In this paper, we propose...
متن کاملThe Devil ’ s Right Hand : An Investigation on Malware - oriented
Malicious software, also known as malware, represents the profitable art of destruction, as it is able to do any kind of harm to a system in a stealthy manner as well as to hide its existence. Furthermore, its rise has prevailed and there is no end in sight. Its most valuable tool, obfuscation, is mainly responsible for this achievement. Obfuscation techniques are applied to protect assets of m...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008