Abstract
One of the big challenges in program obfuscation consists in modifying not only the program’s straight-line code (SLC) but also the program’s control flow graph (CFG). Indeed, if only SLC is modified, the program’s CFG can be extracted and analyzed. Usually, the CFG leaks a considerable amount of information on the program’s structure.
In this work we propose a method allowing to re-write a code P into a functionally equivalent code \(P'\) such that \({\text {CFG}}(P)\) and \({\text {CFG}}(P')\) are radically different.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cappaert, J., Preneel, B.: A general model for hiding control flow. In Proceedings of the tenth annual ACM workshop on Digital rights management, pp. 35–42. ACM, 2010
Chow, S., Gu, Y., Johnson, H., Zakharov, V.A.: An approach to the obfuscation of control-flow of sequential computer programs. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 144–155. Springer, Heidelberg (2001). doi:10.1007/3-540-45439-X_10
Davi, L.V.: Code-Reuse attacks and defenses. Ph.D. thesis (2015)
Dullien, T., Rolles, R.: Graph-based comparison of executable objects (English version). In: SSTIC, vol. 5, pp. 1–3 (2005)
Eswaran, K.P., Tarjan, R.E.: Augmentation problems. SIAM J. Comput. 5(4), 653–665 (1976)
Flake, H.: Structural comparison of executable objects. In: DIMVA 2004, 6–7 July, Dortmund, Germany, pp. 161–173 (2004)
Kruegel, C., Kirda, E., Mutz, D., Robertson, W., Vigna, G.: Polymorphic worm detection using structural information of executables. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, pp. 207–226. Springer, Heidelberg (2006). doi:10.1007/11663812_11
László, T., Kiss, Á.: Obfuscating C++ programs via control flow flattening. Annales Universitatis Scientarum Budapestinensis de Rolando Eötvös Nominatae, Sectio Computatorica 30, 3–19 (2009)
Leroy, X.: The CompCert C verified compiler: documentation and user’s manual. Ph.D. thesis, Inria (2015)
Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 290–299. ACM (2003)
Popov, I.V., Debray, S.K., Andrews, G.R.: Binary obfuscation using signals. In: USENIX Security (2007)
Raghavan, S.: A note on Eswaran and Tarjan’s algorithm for the strong connectivity augmentation problem. In: Golden, B., Raghavan, S., Wasil, E. (eds.) The Next Wave in Computing, Optimization, and Decision Technologies, vol. 29. Springer, Boston (2005). doi:10.1007/0-387-23529-9_2
Rice, H.G.: Classes of recursively enumerable sets and their decision problems. Trans. Am. Math. Soc. 74(2), 358–366 (1953)
Schrittwieser, S., Katzenbeisser, S.: Code obfuscation against static and dynamic reverse engineering. In: Filler, T., Pevný, T., Craver, S., Ker, A. (eds.) IH 2011. LNCS, vol. 6958, pp. 270–284. Springer, Heidelberg (2011). doi:10.1007/978-3-642-24178-9_19
Schrittwieser, S., Katzenbeisser, S., Kinder, J., Merzdovnik, G., Weippl, E.: Protecting software through obfuscation: Can it keep pace with progress in code analysis? ACM Computing Surveys (CSUR) 49(1), 4 (2016)
Wang, C., Hill, J., Knight, J., Davidson, J.: Software tamper resistance: obstructing static analysis of programs. Technical Report CS-2000-12, University of Virginia, 12 2000 (2000)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Géraud, R., Koscina, M., Lenczner, P., Naccache, D., Saulpic, D. (2017). Generating Functionally Equivalent Programs Having Non-isomorphic Control-Flow Graphs. In: Lipmaa, H., Mitrokotsa, A., Matulevičius, R. (eds) Secure IT Systems. NordSec 2017. Lecture Notes in Computer Science(), vol 10674. Springer, Cham. https://doi.org/10.1007/978-3-319-70290-2_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-70290-2_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-70289-6
Online ISBN: 978-3-319-70290-2
eBook Packages: Computer ScienceComputer Science (R0)