characterizing the strength of software obfuscation
play

Characterizing the Strength of Software Obfuscation Against - PowerPoint PPT Presentation

Jan 11, 2024 •108 likes •815 views

Fakultt fr Informatik T echnische Universitt Mnchen Dagstuhl Seminar 17281 Characterizing the Strength of Software Obfuscation Against Automated Attacks Sebastian Banescu, BMW Group Outline 1 Introduction 2 Obfuscation in Theory 3

  1. Fakultät für Informatik T echnische Universität München Dagstuhl Seminar 17281 Characterizing the Strength of Software Obfuscation Against Automated Attacks Sebastian Banescu, BMW Group

  2. Outline 1 Introduction 2 Obfuscation in Theory 3 Obfuscation in Practice 4 Characterizing the Strength of Obfuscation July 9 – 14, 2017 Sebastian Banescu, BMW Group 2

  3. Introduction Question: What is the goal of “software obfuscation”? July 9 – 14, 2017 Sebastian Banescu, BMW Group 3

  4. Introduction Question: What is the goal of “software obfuscation”? 1. Protect data in transit against man-in-the-middle July 9 – 14, 2017 Sebastian Banescu, BMW Group 3

  5. Introduction Question: What is the goal of “software obfuscation”? 1. Protect data in transit against man-in-the-middle 2. Protect software against remote attackers , who exploit vulnerabilities (e.g. buffer overflows) July 9 – 14, 2017 Sebastian Banescu, BMW Group 3

  6. Introduction Question: What is the goal of “software obfuscation”? 1. Protect data in transit against man-in-the-middle 2. Protect software against remote attackers , who exploit vulnerabilities (e.g. buffer overflows) 3. Protect software against malicious users who want to reverse engineer it July 9 – 14, 2017 Sebastian Banescu, BMW Group 3

  7. Introduction Question: What is the goal of “software obfuscation”? 1. Protect data in transit against man-in-the-middle 2. Protect software against remote attackers , who exploit vulnerabilities (e.g. buffer overflows) 3. Protect software against malicious users who want to reverse engineer it Answer: The 3rd option July 9 – 14, 2017 Sebastian Banescu, BMW Group 3

  8. Introduction Informal Definition of Obfuscation: To obfuscate a program P means to transform it into an equivalent program P ′ from which it is harder to extract information than from P . July 9 – 14, 2017 Sebastian Banescu, BMW Group 4

  9. Introduction Informal Definition of Obfuscation: To obfuscate a program P means to transform it into an equivalent program P ′ from which it is harder to extract information than from P . Benefits of obfuscation : Obfuscation aims to raise the bar for reverse engineering Obfuscation is last layer of defense against attackers (e.g. if attacker bypasses firewall and OS authentication) July 9 – 14, 2017 Sebastian Banescu, BMW Group 4

  10. Introduction Informal Definition of Obfuscation: To obfuscate a program P means to transform it into an equivalent program P ′ from which it is harder to extract information than from P . Benefits of obfuscation : Obfuscation aims to raise the bar for reverse engineering Obfuscation is last layer of defense against attackers (e.g. if attacker bypasses firewall and OS authentication) Possible remarks : This sounds fishy! Are there any theoretical foundations or guarantees of obfuscation? July 9 – 14, 2017 Sebastian Banescu, BMW Group 4

  11. Outline 1 Introduction 2 Obfuscation in Theory 3 Obfuscation in Practice 4 Characterizing the Strength of Obfuscation July 9 – 14, 2017 Sebastian Banescu, BMW Group 5

  12. Black Box Obfuscation Formal Definition of Black-Box Obfuscation: A probabilistic algorithm O is an obfuscator if the following conditions hold: For every program P , the obfuscated program O ( P ) has the same functionality (e.g. input-output behavior) July 9 – 14, 2017 Sebastian Banescu, BMW Group 6

  13. Black Box Obfuscation Formal Definition of Black-Box Obfuscation: A probabilistic algorithm O is an obfuscator if the following conditions hold: For every program P , the obfuscated program O ( P ) has the same functionality (e.g. input-output behavior) The memory size increase and execution slowdown of O ( P ) w.r.t. P are less than polynomial July 9 – 14, 2017 Sebastian Banescu, BMW Group 6

  14. Black Box Obfuscation Formal Definition of Black-Box Obfuscation: A probabilistic algorithm O is an obfuscator if the following conditions hold: For every program P , the obfuscated program O ( P ) has the same functionality (e.g. input-output behavior) The memory size increase and execution slowdown of O ( P ) w.r.t. P are less than polynomial Any probabilistic polynomial time attacker only has a negligible probability of guessing any bit of information about P , given O ( P ) July 9 – 14, 2017 Sebastian Banescu, BMW Group 6

  15. Black Box Obfuscation Formal Definition of Black-Box Obfuscation: A probabilistic algorithm O is an obfuscator if the following conditions hold: For every program P , the obfuscated program O ( P ) has the same functionality (e.g. input-output behavior) The memory size increase and execution slowdown of O ( P ) w.r.t. P are less than polynomial Any probabilistic polynomial time attacker only has a negligible probability of guessing any bit of information about P , given O ( P ) In 2001 Barak et al. (2001) proved there exists no general obfuscator applicable to all programs July 9 – 14, 2017 Sebastian Banescu, BMW Group 6

  16. Black Box Obfuscation Formal Definition of Black-Box Obfuscation: A probabilistic algorithm O is an obfuscator if the following conditions hold: For every program P , the obfuscated program O ( P ) has the same functionality (e.g. input-output behavior) The memory size increase and execution slowdown of O ( P ) w.r.t. P are less than polynomial Any probabilistic polynomial time attacker only has a negligible probability of guessing any bit of information about P , given O ( P ) In 2001 Barak et al. (2001) proved there exists no general obfuscator applicable to all programs There may exist obfuscators for some programs which leak bits of information, but are “good enough” for some practical scenarios July 9 – 14, 2017 Sebastian Banescu, BMW Group 6

  17. Indistinguishability Obfuscation Garg et al. (2013) proposed indistinguishability obfuscation: The obfuscated versions of 2 semantically equivalent programs cannot be distinguished July 9 – 14, 2017 Sebastian Banescu, BMW Group 7

  18. Indistinguishability Obfuscation Garg et al. (2013) proposed indistinguishability obfuscation: The obfuscated versions of 2 semantically equivalent programs cannot be distinguished Goldwasser and Rothblum (2007) proved this obfuscation is the best-possible obfuscation July 9 – 14, 2017 Sebastian Banescu, BMW Group 7

  19. Indistinguishability Obfuscation Garg et al. (2013) proposed indistinguishability obfuscation: The obfuscated versions of 2 semantically equivalent programs cannot be distinguished Goldwasser and Rothblum (2007) proved this obfuscation is the best-possible obfuscation Implementations still far from being practical: Banescu et al. (2015); Barak (2016) July 9 – 14, 2017 Sebastian Banescu, BMW Group 7

  20. Indistinguishability Obfuscation Garg et al. (2013) proposed indistinguishability obfuscation: The obfuscated versions of 2 semantically equivalent programs cannot be distinguished Goldwasser and Rothblum (2007) proved this obfuscation is the best-possible obfuscation Implementations still far from being practical: Banescu et al. (2015); Barak (2016) The rest of this talk will focus on practical code obfuscation July 9 – 14, 2017 Sebastian Banescu, BMW Group 7

  21. Outline 1 Introduction 2 Obfuscation in Theory 3 Obfuscation in Practice 4 Characterizing the Strength of Obfuscation July 9 – 14, 2017 Sebastian Banescu, BMW Group 8

  22. Obfuscation in Practice What types of obfuscation transformations exist? Code vs. Data Static vs. Dynamic Source code vs. IR vs. Machine code etc. July 9 – 14, 2017 Sebastian Banescu, BMW Group 9

  23. Obfuscation in Practice What types of obfuscation transformations exist? Code vs. Data Static vs. Dynamic Source code vs. IR vs. Machine code etc. How many obfuscation transformations are there? Scramble identifiers Instruction substitution Garbage code insertion Merging and splitting functions Opaque predicates Control-flow flattening Virtualization obfuscation White-box cryptography etc. July 9 – 14, 2017 Sebastian Banescu, BMW Group 9

  24. Software Diversity via Obfuscation Transformations 1. Software developer distributes software X to all end-users July 9 – 14, 2017 Sebastian Banescu, BMW Group 10

  25. Software Diversity via Obfuscation Transformations 1. Software developer distributes software X to all end-users 2. Some end-users are MATE attackers July 9 – 14, 2017 Sebastian Banescu, BMW Group 10

  26. Software Diversity via Obfuscation Transformations 1. Software developer distributes software X to all end-users 2. Some end-users are MATE attackers 3. MATE reverse engineers X and builds a hijacker of X July 9 – 14, 2017 Sebastian Banescu, BMW Group 10

  27. Software Diversity via Obfuscation Transformations 1. Software developer distributes software X to all end-users 2. Some end-users are MATE attackers 3. MATE reverse engineers X and builds a hijacker of X 4. MATE distributes hijacker to other end-users of X July 9 – 14, 2017 Sebastian Banescu, BMW Group 10

  28. Software Diversity via Obfuscation Transformations What can we do to protect victims? July 9 – 14, 2017 Sebastian Banescu, BMW Group 11

  29. Software Diversity via Obfuscation Transformations What can we do to protect victims? Give everyone a different version July 9 – 14, 2017 Sebastian Banescu, BMW Group 11

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Software Obfuscation with LLVM (Ab)using the compiler to protect code Bio Carl

Software Obfuscation with LLVM (Ab)using the compiler to protect code Bio Carl

Software Obfuscation with LLVM (Ab)using the compiler to protect code Bio Carl Svensson Head of Security, KRY/LIVI CTF: HackingForSoju Twitter: @zetatwo Email: calle.svensson@zeta-two.com Website:

266 views • 13 slides
Obfuscation Lecture 26 Different Flavours VBB Obfuscation Note: Considers only corrupt

Obfuscation Lecture 26 Different Flavours VBB Obfuscation Note: Considers only corrupt

Obfuscation Lecture 26 Different Flavours VBB Obfuscation Note: Considers only corrupt receiver x 1 Virtual f O(f) F B f(x 1) Black-Box x 2 (VBB) f(x 2) Obfuscation : A Secure (and f Family f Family b b single

466 views • 18 slides
Patchable (Indistinguishability) Obfuscation: iO for evolving software Prabhanjan Abhishek

Patchable (Indistinguishability) Obfuscation: iO for evolving software Prabhanjan Abhishek

Patchable (Indistinguishability) Obfuscation: iO for evolving software Prabhanjan Abhishek Amit Ananth Jain Sahai Software Evolution 1990 Software Evolution 1990 1995 Software Evolution 1997 1990 1995 Software Evolution 1997 1990

1.03k views • 78 slides
) UNION SELECT `This_Talk` AS ('New Optimization and Obfuscation Optimization and Obfuscation

) UNION SELECT `This_Talk` AS ('New Optimization and Obfuscation Optimization and Obfuscation

) UNION SELECT `This_Talk` AS ('New Optimization and Obfuscation Optimization and Obfuscation Techniques)%00 Techniques)%00 Roberto Salgado Co-founder of Websec Provide information security solutions Pen-testing, training

1.11k views • 93 slides
HOST Circuit Obfuscation I ECE 525 Hardware Obfuscation (Drawn from "Hardware Protection

HOST Circuit Obfuscation I ECE 525 Hardware Obfuscation (Drawn from "Hardware Protection

HOST Circuit Obfuscation I ECE 525 Hardware Obfuscation (Drawn from "Hardware Protection thr Obfuscation) Circuit modification techniques designed to conceal or lock the functionality and/or circuit structure The modifications are designed

157 views • 11 slides
Lattice-Based SNARGs and Their Application to More Efficient Obfuscation Dan Boneh, Yuval Ishai,

Lattice-Based SNARGs and Their Application to More Efficient Obfuscation Dan Boneh, Yuval Ishai,

Lattice-Based SNARGs and Their Application to More Efficient Obfuscation Dan Boneh, Yuval Ishai, Amit Sahai, and David J. Wu Program Obfuscation [BGIRSVY01, GGHRSW13] Indistinguishability obfuscation ( ) has emerged as a central hub

648 views • 36 slides
Obfuscation: know your enemy Ninon EYROLLES neyrolles@quarkslab.com Serge GUELTON

Obfuscation: know your enemy Ninon EYROLLES neyrolles@quarkslab.com Serge GUELTON

Obfuscation: know your enemy Ninon EYROLLES neyrolles@quarkslab.com Serge GUELTON sguelton@quarkslab.com Introduction Control flow obfuscation Data flow obfuscation Python obfuscation Prelude Introduction Control flow obfuscation Data

1.23k views • 76 slides
OBFUSCURO : : A Commodity Obfuscation Engine for Intel SGX Adil Ahmad *, Byunggill Joe*, Yuan

OBFUSCURO : : A Commodity Obfuscation Engine for Intel SGX Adil Ahmad *, Byunggill Joe*, Yuan

OBFUSCURO : : A Commodity Obfuscation Engine for Intel SGX Adil Ahmad *, Byunggill Joe*, Yuan Xiao Yinqian Zhang, Insik Shin, Byoungyoung Lee (* denotes equal contribution) Program Obfuscation Program Obfuscation Trusted Untrusted (except

1.34k views • 116 slides
Obfuscation from LWE? proofs, attacks, candidates Hoeteck Wee CNRS & ENS . . . . . .

Obfuscation from LWE? proofs, attacks, candidates Hoeteck Wee CNRS & ENS . . . . . .

Obfuscation from LWE? proofs, attacks, candidates Hoeteck Wee CNRS & ENS . . . . . . . . C x C x C x C C c obfuscation [ BGIRSVY01, H00, GR07, GGHRSW13 ] . . . . . . . . C x C x C x C C c obfuscation [

1.03k views • 92 slides
Authorship Obfuscation Using Heuristic Search Masters Thesis Defence by Janek Bevendorff on 20

Authorship Obfuscation Using Heuristic Search Masters Thesis Defence by Janek Bevendorff on 20

Authorship Obfuscation Using Heuristic Search Masters Thesis Defence by Janek Bevendorff on 20 June 2018 Supervisors: Prof. Dr. Benno Stein, PD Dr. Andreas Jakoby Unmasking for short texts Obfuscation against unmasking Obfuscation

1.38k views • 95 slides
Engineering Code Obfuscation ISSISP 2017 - Obfuscation I Christian Collberg Department of

Engineering Code Obfuscation ISSISP 2017 - Obfuscation I Christian Collberg Department of

Engineering Code Obfuscation ISSISP 2017 - Obfuscation I Christian Collberg Department of Computer Science University of Arizona http://collberg.cs.arizona.edu collberg@gmail.com Supported by NSF grants 1525820 and 1318955 and by the

924 views • 69 slides
On Inferring and Characterizing On Inferring and Characterizing Internet Routing Policies

On Inferring and Characterizing On Inferring and Characterizing Internet Routing Policies

On Inferring and Characterizing On Inferring and Characterizing Internet Routing Policies Internet Routing Policies Feng Wang Lixin Gao Department of Electrical and Computer Engineering University of Massachusetts, Amherst MA 01002, USA 1

450 views • 18 slides
Critical Factors Characterizing Projects and Lifecycle Models 30 th Pacific NW Software Quality

Critical Factors Characterizing Projects and Lifecycle Models 30 th Pacific NW Software Quality

Critical Factors Characterizing Projects and Lifecycle Models 30 th Pacific NW Software Quality Conference (PNSQC) October 8-10, 2012 Kal Toth, kalmanctoth@gmail.com Herman Migliore, herm@cecs.pdx.edu 10/8/2012 1 PNSQC 2012 Critical Factors

528 views • 29 slides
Critical Factors Characterizing Projects and Lifecycle Models 30 th Pacific NW Software Quality

Critical Factors Characterizing Projects and Lifecycle Models 30 th Pacific NW Software Quality

10/25/2013 Critical Factors Characterizing Projects and Lifecycle Models 30 th Pacific NW Software Quality Conference (PNSQC) October 8-10, 2012 31 th Pacific NW Software Quality Conference (PNSQC) October 14-15, 2013 Kal Toth,

413 views • 15 slides
Detecting and Detecting and Characterizing Heterogeneity Characterizing Heterogeneity

Detecting and Detecting and Characterizing Heterogeneity Characterizing Heterogeneity

Detecting and Detecting and Characterizing Heterogeneity Characterizing Heterogeneity (Biochemical or Conformational) (Biochemical or Conformational) by Cryo-EM by Cryo-EM Eva Nogales HHMI / UC Berkeley LBNL Seth Kostek Transcription

492 views • 34 slides
On The Complexity of Compressing Obfuscation Gilad Asharov, Naomi Ephraim, Ilan Komargodski, and

On The Complexity of Compressing Obfuscation Gilad Asharov, Naomi Ephraim, Ilan Komargodski, and

On The Complexity of Compressing Obfuscation Gilad Asharov, Naomi Ephraim, Ilan Komargodski, and Rafael Pass Cornell University and Cornell Tech CRYPTO 2018 Indistinguishability Obfuscation (iO) An obfuscator is a compiler which preserves

1.01k views • 86 slides
Introduction to Monte Carlo Event Generators Torbj orn Sj ostrand Lund University 1.

Introduction to Monte Carlo Event Generators Torbj orn Sj ostrand Lund University 1.

CTEQ-MCnet School 2010 Lauterbad, Germany 26 July - 4 August 2010 Introduction to Monte Carlo Event Generators Torbj orn Sj ostrand Lund University 1. (today) Introduction and Overview; Monte Carlo Techniques 2. (today) Matrix

464 views • 42 slides
Lauschgert Gets in your victims traffjc and out of yours Adrian Vollmer November 29, 2019

Lauschgert Gets in your victims traffjc and out of yours Adrian Vollmer November 29, 2019

November 29, 2019 Adrian Vollmer | Lauschgert SySS GmbH Page 1 Lauschgert Gets in your victims traffjc and out of yours Adrian Vollmer November 29, 2019 @mr_mitm Adrian Vollmer | Lauschgert SySS GmbH Page 2 About me Used to

830 views • 34 slides
Object Oriented Programming in C# February 13, 2008 The C# object model 1 Implementing an

Object Oriented Programming in C# February 13, 2008 The C# object model 1 Implementing an

Object Oriented Programming in C# February 13, 2008 The C# object model 1 Implementing an object oriented language 2 1/27 Goals of the C# object system. polymorphism the ability to write code which operates on many typesrealized by

439 views • 30 slides
A General-Purpose Rule Extractor for SCFG-Based Machine Translation Greg Hanneman , Michelle

A General-Purpose Rule Extractor for SCFG-Based Machine Translation Greg Hanneman , Michelle

A General-Purpose Rule Extractor for SCFG-Based Machine Translation Greg Hanneman , Michelle Burroughs , and Alon Lavie Language Technologies Institute Carnegie Mellon University Fifth Workshop on Syntax and Structure in Statistical Translation

312 views • 28 slides
your exercise Order of Presentations Team Topic 212 Distributed file systems 209 OpenSSH:

your exercise Order of Presentations Team Topic 212 Distributed file systems 209 OpenSSH:

The iLab Experience a blended learning hands-on course concept you set the focus Create Your Own Lab July 5, 2016 your exercise Order of Presentations Team Topic 212 Distributed file systems 209 OpenSSH: More than a remote shell 207

1.21k views • 118 slides
x86 Virtualization Hardware/Software Techniques Host/Guest Communication Corentin Derbois

x86 Virtualization Hardware/Software Techniques Host/Guest Communication Corentin Derbois

x86 Virtualization Corentin Derbois, Marc Angel Virtualization 101 x86 Virtualization Hardware/Software Techniques Host/Guest Communication Corentin Derbois Marc Angel corentin@lse.epita.fr null@lse.epita.fr http://lse.epita.fr/ July

562 views • 31 slides
Tolera'ng FileSystem Mistakes with EnvyFS Swaminathan Sundararaman Lakshmi N. Bairavasundaram

Tolera'ng FileSystem Mistakes with EnvyFS Swaminathan Sundararaman Lakshmi N. Bairavasundaram

Tolera'ng FileSystem Mistakes with EnvyFS Swaminathan Sundararaman Lakshmi N. Bairavasundaram Andrea C. ArpaciDusseau NetApp, Inc. Remzi H. ArpaciDusseau University of Wisconsin Madison File Systems in Todays World Modern

941 views • 36 slides
Automatic calculation of NLO splitting functions with loops for exclusive parton shower

Automatic calculation of NLO splitting functions with loops for exclusive parton shower

Automatic calculation of NLO splitting functions with loops for exclusive parton shower Monte-Carlo Oleksandr Gituliar oleksandr.gituliar@ifj.edu.pl Institute of Nuclear Physics Polish Academy of Sciences, Cracow, Poland http://www.ifj.edu.pl

760 views • 12 slides

More recommend