Abstract
Abstract
Obfuscation is the art of making code hard to reverse engineer and understand. In this paper, we propose a formal model for specifying and understanding the strength of obfuscating transformations with respect to a given attack model. The idea is to consider the attacker as an abstract interpreter willing to extract information about the program’s semantics. In this scenario, we show that obfuscating code is making the analysis imprecise, namely making the corresponding abstract domain incomplete. It is known that completeness is a property of the abstract domain and the program to analyse. We introduce a framework for transforming abstract domains, i.e., analyses, towards incompleteness. The family of incomplete abstractions for a given program provides a characterisation of the potency of obfuscation employed in that program, i.e., its strength against the attack specified by those abstractions. We show this characterisation for known obfuscating transformations used to inhibit program slicing and automated disassembly.
- BGI+12 On the (im)possibility of obfuscating programsJ ACM20125926291567710.1145/2160158.21601591281.68118Google ScholarDigital Library
- BJ72 Residuation theory1972OxfordPergamon Press0301.06001Google Scholar
- BN15 Obfuscation—a User’s Guide for Privacy and Protest2015CambridgeMIT Press10.7551/mitpress/9780262029735.001.0001Google Scholar
- CC77 Cousot P, Cousot R (1977) Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fix-points. In: Conference Record of the 4th ACM Symposium on Principles of Programming Languages (POPL ’77). ACM Press, pp 238–252Google Scholar
- CC79b Cousot P, Cousot R (1979) Systematic design of program analysis frameworks. In: Conference Record of the 6th ACM Symposium on Principles of Programming Languages (POPL ’79). ACM Press, pp 269–282Google Scholar
- CC92a Abstract interpretation frameworksJ Logic Comput199224511547119500610.1093/logcom/2.4.5110783.68073Google ScholarCross Ref
- CC92b Cousot P, Cousot R (1992) Comparing the Galois connection and widening/narrowing approaches to abstract interpretation (invited paper). In: Bruynooghe M, Wirsing M (eds) Proc. of the 4th Internat. Symp. on Programming Language Implementation and Logic Programming (PLILP ’92), vol. 631 of Lecture Notes in Computer Science. Springer, New York, pp 269–295Google Scholar
- CFG+95 Cortesi A, Filé G, Giacobazzi R, Palamidessi C, Ranzato F (1995) Complementation in abstract interpretation. In: Mycroft A (ed) Proceedings of the 2nd International Static Analysis Symposium (SAS ’95), vol. 983 of Lecture Notes in Computer Science. Springer, New York, pp 100–117Google Scholar
- CFR+91 Efficiently computing static single assignment form and the control dependence graphACM Trans Program Lang Syst199113445149010.1145/115372.115320Google ScholarDigital Library
- CN09 Surreptitious Software: obfuscation, watermarking, and tamperproofing for software protection2009BostonAddison-Wesley ProfessionalGoogle ScholarDigital Library
- Cou99 Cousot P (1999) The calculational design of a generic abstract interpreter. In: Broy M, Steinbrüggen R (eds) Calculational system design, vol 173. NATO science series, Series F: computer and systems sciences, vol 173. IOS Press, Amsterdam, pp 421–505Google Scholar
- CTL98 Collberg C, Thomborson CD, Low D (1998) Manufactoring cheap, resilient, and stealthy opaque constructs. In: Proc. of Conf. Record of the 25st ACM Symp. on Principles of Programming Languages (POPL ’98). ACM Press, pp 184–196Google Scholar
- DG05 Dalla Preda M, Giacobazzi R (2005) Semantic-based code obfuscation by abstract interpretation. In: Proc. of the 32nd International Colloquium on Automata, Languages and Programming (ICALP ’05), vol. 3580 of Lecture Notes in Computer Science. Springer, New York, pp. 1325–1336Google Scholar
- DG09 Semantics-based code obfuscation by abstract interpretationJ Comput Secur200917685590810.3233/JCS-2009-03451081.68576Google ScholarCross Ref
- DTM07 Drape S, Thomborson C, Majumdar A (2007) Specifying imperative data obfuscations. In: Garay JA, Lenstra AK, Mambo M, Peralta R (eds) ISC—Information Security, vol. 4779 of Lecture Notes in Computer Science. Springer, New York, pp 299–314Google Scholar
- FR96 Filé G, Ranzato F (1996) Complementation of abstract domains made easy. In: Maher M (ed) Proceedings of the 1996 Joint International Conference and Symposium on Logic Programming (JICSLP ’96). The MIT Press, Cambridge, pp 348–362Google Scholar
- GGH+13 Garg S, Gentry C, Halevi S, Raykova M, Sahai A, Waters B (2013) Candidate indistinguishability obfuscation and functional encryption for all circuits. In: 54th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2013. IEEE Computer Society, Berkeley, pp 40–49Google Scholar
- Gia08 Giacobazzi R (2008) Hiding information in completeness holes—new perspectives in code obfuscation and watermarking. In: Proc. of The 6th IEEE International Conferences on Software Engineering and Formal Methods (SEFM’08). IEEE Press, pp 7–20Google Scholar
- GL91 Using program slicing in software maintenanceIEEE Trans Softw Eng199117875176110.1109/32.83912Google ScholarDigital Library
- GLR15 Giacobazzi R, Logozzo F, Ranzato F (2015) Analyzing program analyses. In: Rajamani SK, Walker D (eds) Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2015. ACM, Mumbai, pp 261–273Google Scholar
- GM12 Giacobazzi R, Mastroeni I (2012) Making abstract interpretation incomplete: Modeling the potency of obfuscation. In: Static analysis—19th International Symposium, SAS 2012, Proceesings. Deauville, France, pp 129–145Google Scholar
- GQ01 Giacobazzi R, Quintarelli E (2001) Incompleteness, counterexamples and refinements in abstract model-checking. In: Cousot P (ed) Proc. of The 8th Internat. Static Analysis Symp. (SAS’01), vol. 2126 of Lecture Notes in Computer Science. Springer, New York, pp 356–373Google Scholar
- GR97 Giacobazzi R, Ranzato F (1997) Refining and compressing abstract domains. In: Degano P, Gorrieri R, Marchetti-Spaccamela A (eds) Proc. of the 24th Internat. Colloq. on Automata, Languages and Programming (ICALP ’97), vol. 1256 of Lecture Notes in Computer Science. Springer, New York, pp 771–781Google Scholar
- GR98 Uniform closures: order-theoretically reconstructing logic program semantics and abstract domain refinementsInform Comput19981452153190164160110.1006/inco.1998.27240921.68057Google ScholarDigital Library
- GRS00 Making abstract interpretation completeJ ACM2000472361416176944610.1145/333979.3339891133.68370Google ScholarDigital Library
- HRB90 Interprocedural slicing using dependence graphsACM Trans Program Lang Syst1990121266010.1145/77606.77608Google ScholarDigital Library
- Jan67 Residuated closure operatorsPort Math19672622212522493310204.02702Google Scholar
- JGM12 Jones ND, Giacobazzi R, Mastroeni I (2012) Obfuscation by partial evaluation of distorted interpreters. In: Kiselyov O and Thompson S (eds) Proc. of the ACM SIGPLAN Symp. on Partial Evaluation and Semantics-Based Program Manipulation (PEPM’12). ACM Press, pp 63–72Google Scholar
- JGS93 Partial evaluation and automatic program generation1993Upper Saddle RiverPrentice-Hall Inc0875.68290Google ScholarDigital Library
- LD03 Linn C, Debray S (2003) Obfuscation of executable code to improve resistance to static disassembly. In: CCS ’03: Proceedings of the 10th ACM conference on Computer and communications security. ACM, pp 290–299Google Scholar
- LL09 Laviron V, Logozzo F (2009) Refining abstract interpretation-based static analyses with hints. In: Proc. of APLAS’09, vol. 5904 of Lecture Notes in Computer Science. Springer, New York, pp 343–358Google Scholar
- MDT07 Majumdar A, Drape SJ, Thomborson CD (2007) Slicing obfuscations: design, correctness, and evaluation. In: DRM ’07: Proceedings of the 2007 ACM workshop on Digital Rights Management. ACM, pp 70–81Google Scholar
- MG15 Mastroeni I, Giacobazzi R (2015) Weakening residuation in adjoining closures. Order. RR 95/2015. http://hdl.handle.net/11562/925745 (to appear)Google Scholar
- MZ08 Mastroeni I, Zanardini D (2008) Data dependencies and program slicing: From syntax to abstract semantics. In: Proc. of the ACM SIGPLAN Symp. on Partial Evaluation and Semantics-Based Program Manipulation (PEPM’08). ACM Press, pp 125–134Google Scholar
- Rep91 Algebraic properties of program integrationSci Comput Program199117139215114795010.1016/0167-6423(91)90039-Z0745.68029Google ScholarDigital Library
- RT96 Reps T, Turnidge T (1996) Program specialization via program slicing. In Danvy O, Glueck R, Thiemann P (eds) Proceedings of the Dagstuhl seminar on Partial evaluation. Springer, New York, pp 409–429Google Scholar
- RY89 Reps T, Yang W (1989) The semantics of program slicing and program integration. In: Diaz J, Orejas F (eds)Proc. of the Colloq. on Current Issues in Programming Languages, vol. 352 of Lecture Notes in Computer Science. Springer, New York, pp 360–374Google Scholar
- Wei81 Weiser M (1981) Program slicing. In: ICSE ’81: Proceedings of the 5th international conference on Software engineering. IEEE Press, pp 439–449Google Scholar
Index Terms
- Maximal incompleteness as obfuscation potency
Recommendations
Analysis on Technique for Code Obfuscation
CNCIT '23: Proceedings of the 2023 2nd International Conference on Networks, Communications and Information TechnologyCode obfuscation is used to reduce legibility of the code, and protect the critical code information from being stolen by reverse engineering. For the characteristic that obfuscation can be used for assembly and source code, the main method and ...
Semantics-based code obfuscation by abstract interpretation
In recent years code obfuscation has attracted research interest as a promising technique for protecting secret properties of programs. The basic idea of code obfuscation is to transform programs in order to hide their sensitive information while ...
Unveiling metamorphism by abstract interpretation of code properties
Metamorphic code includes self-modifying semantics-preserving transformations to exploit code diversification. The impact of metamorphism is growing in security and code protection technologies, both for preventing malicious host attacks, e.g., in ...
Comments