Abstract
Code obfuscation and software watermarking are well known techniques designed to prevent the illegal reuse of software. Code obfuscation prevents malicious reverse engineering, while software watermarking protects code from piracy. An interesting class of algorithms for code obfuscation and software watermarking relies on the insertion of opaque predicates. It turns out that attackers based on a dynamic or an hybrid static-dynamic approach are either not precise or time consuming in eliminating opaque predicates. We present an abstract interpretation-based methodology for removing opaque predicates from programs. Abstract interpretation provides the right framework for proving the correctness of our approach, together with a general methodology for designing efficient attackers for a relevant class of opaque predicates. Experimental evaluations show that abstract interpretation based attacks significantly reduce the time needed to eliminate opaque predicates.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Arboit, G.: A Method for Watermarking Java Programs via Opaque Predicates. In: Proc. Int. Conf. Electronic Commerce Research (ICECR-5) (2002)
Collberg, C., Thomborson, C., Low, D.: Manufacturing Cheap, Resilient, and Stealthy Opaque Constructs. In: Proc. ACM POPL 1998, pp. 184–196 (1998)
Collberg, C., Thomborson, C., Low, D.: A Taxonomy of Obfuscating Transformations. Technical Report 148, The University of Auckland, New Zealand (1997)
Collberg, C., Carter, E., Debray, S., Huntwork, A., Linn, C., Stepp, M.: Dynamic Path-Based Software Watermarking. In: Proc. ACM PLDI 2004, pp. 107–118 (2004)
Collberg, C., Myles, G., Huntwork, A.: SandMark - A Tool for Software Protection Research. IEEE Security and Privacy 1(4), 40–49 (2003)
Collberg, C.: CSc620: Security through Obscurity. Handouts of a course (2002), available at www.cs.arizona.edu/~collberg/Teaching/620/2002/Handouts/Handout-13.ps
Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Proc. ACM POPL 1977, pp. 238–252 (1977)
Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: Proc. ACM POPL 1978, pp. 84–97 (1978)
Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: Proc. ACM POPL 1979, pp. 269–282 (1979)
Dalla Preda, M., Giacobazzi, R.: Semantic-based code obfuscation by abstract interpretation. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 1325–1336. Springer, Heidelberg (2005)
Dalla Preda, M., Giacobazzi, R.: Control Code Obfuscation by Abstract Interpretation. In: Proc. 3rd IEEE International Conference on Software Engineering and Formal Methods (SEFM 2005), pp. 301–310 (2005)
Giacobazzi, R., Ranzato, F., Scozzari, F.: Making abstract interpretations complete. J. ACM 47(2), 361–416 (2000)
Granger, P.: Static analysis of linear congruence equality among variables of a program. In: Abramsky, S. (ed.) CAAP 1991 and TAPSOFT 1991. LNCS, vol. 493, pp. 169–192. Springer, Heidelberg (1991)
Hormkovic, J.: Algorithmics for Hard Problems. Springer, Heidelberg (2002)
Linn, C., Debray, S.: Obfuscation of Executable Code to Improve Resistance to Static Disassembly. In: Proc. 10th ACM Conference on Computer and Communications Security (CCS 2003) (2003)
Madou, M., Anckaert, B., De Sutter, B., De Bosschere, K.: Hybrid Static-Dynamic Attacks Against Software Protection Mechanisms. In: Proc. 5th ACM Workshop on Digital Rights Management (DRM 2005) (2005)
Madou, M., Van Put, L., De Bosschere, K.: Loco: An Interactive Code (De)Obfuscation tool. In: Proc. ACM SIGPLAN Workshop on Partial Evaluation and Program Manipulation (PEPM 2006) (2006)
Maebe, J., Ronsse, M., De Bosschere, K.: DIOTA: Dynamic Instrumentation, Optimization and Transformation of Applications. In: Proc. 4th Workshop on Binary Translation (WBT 2002) (2002)
Majumdar, A., Thomborson, C.: Securing Mobile Agents Control Flow Using Opaque Predicates. In: Khosla, R., Howlett, R.J., Jain, L.C. (eds.) KES 2005. LNCS (LNAI), vol. 3684, Springer, Heidelberg (2005)
Michael, C., McGraw, G., Schatz, M., Walton, C.: Genetic Algorithms for Dynamic Test Data Generation. In: Proc. ASE 1997, pp. 307–308 (1997)
Minè, A.: The octagon abstract domain. In: Proc. Analysis, Slicing and Transformation (AST 2001), pp. 310–319 (2001)
Monden, A., Iida, H., Matsumoto, K., Inoue, K., Torii, K.: A Practical Method for Watermarking Java Programs. In: Proc. 24th Computer Software and Applications Conference, pp. 191–197 (2000)
Myles, G., Collberg, C.: Software Watermarking via Opaque Predicates: Implementation, Analysis, and Attacks. In: Proc. Int. Conf. Electronic Commerce Research (ICECR-7) (2004)
Palsberg, J., Krishnaswamy, S., Kwon, M., Ma, D., Shao, Q., Zhang, Y.: Experience with Software Watermarking. In: Proc. 16th Annual Computer Security Applications Conference (ACSAC 2000), pp. 308–316 (2000)
Schwarz, B., Debray, S., Andrews, G.: PLTO: A Link-Time Optimizer for the Intel IA-32 Architecture. In: Proc. Workshop on Binary Translation (WBT 2001) (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dalla Preda, M., Madou, M., De Bosschere, K., Giacobazzi, R. (2006). Opaque Predicates Detection by Abstract Interpretation. In: Johnson, M., Vene, V. (eds) Algebraic Methodology and Software Technology. AMAST 2006. Lecture Notes in Computer Science, vol 4019. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11784180_9
Download citation
DOI: https://doi.org/10.1007/11784180_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-35633-2
Online ISBN: 978-3-540-35636-3
eBook Packages: Computer ScienceComputer Science (R0)