Title :
A Framework for Measuring Software Obfuscation Resilience against Automated Attacks
Author :
Banescu, Sebastian ; Ochoa, Martin ; Pretschner, Alexander
Author_Institution :
Tech. Univ. Munchen, Munich, Germany
Abstract :
Software obfuscation of programs, with the goal of protecting against attackers having physical access to the machine executing them, is a common practice motivated by the necessity of keeping intellectual property (such as business critical algorithms) and critical data (such as cryptographic keys) secret. However, as of today, it is unclear how secure popular obfuscation operators are relative to each other or to other protection techniques. In this paper we propose a formal framework to characterize attacker models and guarantees, inspired by similar notions from cryptography. We then map prior work in the area of deobfuscation to our formal model to the possible extent. We also perform a case-study about using symbolic execution for deobfuscation, concretely mapped onto our formal model.
Keywords :
cryptography; industrial property; software reliability; attacker protection; automated attack; critical data secret; cryptography; deobfuscation; formal model; intellectual property; software obfuscation resilience measure; symbolic execution; Ciphers; Concrete; Encoding; Licenses; Software; Virtualization; deobfuscation; obfuscation; symbolic execution;
Conference_Titel :
Software Protection (SPRO), 2015 IEEE/ACM 1st International Workshop on
Conference_Location :
Florence
DOI :
10.1109/SPRO.2015.16
