Title :
Branch Obfuscation Using Code Mobility and Signal
Author :
Wang, Zhi ; Jia, Chunfu ; Liu, Min ; Yu, Xiaoxu
Author_Institution :
Coll. of Inf. Tech. Sci., Nankai Univ. Tianjin, Tianjin, China
Abstract :
The branch information is disclosed during software execution. In a malicious host, adversaries could collect predicates from leaked branch information using concolic execution technique. Exploiting collected predicates, adversaries could accurately reason about software´s internal logic, which is a significant threat to software intellectual property protection. In order to mitigate branch information leakage, this paper proposed a branch obfuscation approach that replaces explicit conditional jump instructions with implicit trap codes and bogus codes, and deploys jump conditions on the remote trusted entity. Therefore, in the malicious host the executable is incomplete that gets path selection results from the trusted entity dynamically, which reduces adversaries´ visibility on the branch information. The experimental results show that branch obfuscation could effectively mitigate the branch information leakage, yet practical in terms of performance.
Keywords :
industrial property; security of data; software engineering; bogus codes; branch information leakage; branch information leakage mitigation; branch obfuscation approach; code mobility; concolic execution technique; explicit conditional jump instructions; implicit trap codes; jump conditions; malicious host; path selection; remote trusted entity; signal; software execution; software intellectual property protection; software internal logic; Binary codes; Complexity theory; Malware; Reverse engineering; Servers; Software; Sorting; code mobility; code obfuscation; exception handling; symbolic execution;
Conference_Titel :
Computer Software and Applications Conference Workshops (COMPSACW), 2012 IEEE 36th Annual
Conference_Location :
Izmir
Print_ISBN :
978-1-4673-2714-5
Electronic_ISBN :
978-0-7695-4758-9
DOI :
10.1109/COMPSACW.2012.102
