Abstract
One of the big challenges in program obfuscation consists in modifying not only the program’s straight-line code (SLC) but also the program’s control flow graph (CFG). Indeed, if only SLC is modified, the program’s CFG can be extracted and analyzed. Usually, the CFG leaks a considerable amount of information on the program’s structure.
In this work we propose a method allowing to re-write a code P into a functionally equivalent code \(P'\) such that \({\text {CFG}}(P)\) and \({\text {CFG}}(P')\) are radically different.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cappaert, J., Preneel, B.: A general model for hiding control flow. In Proceedings of the tenth annual ACM workshop on Digital rights management, pp. 35–42. ACM, 2010
Chow, S., Gu, Y., Johnson, H., Zakharov, V.A.: An approach to the obfuscation of control-flow of sequential computer programs. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 144–155. Springer, Heidelberg (2001). doi:10.1007/3-540-45439-X_10
Davi, L.V.: Code-Reuse attacks and defenses. Ph.D. thesis (2015)
Dullien, T., Rolles, R.: Graph-based comparison of executable objects (English version). In: SSTIC, vol. 5, pp. 1–3 (2005)
Eswaran, K.P., Tarjan, R.E.: Augmentation problems. SIAM J. Comput. 5(4), 653–665 (1976)
Flake, H.: Structural comparison of executable objects. In: DIMVA 2004, 6–7 July, Dortmund, Germany, pp. 161–173 (2004)
Kruegel, C., Kirda, E., Mutz, D., Robertson, W., Vigna, G.: Polymorphic worm detection using structural information of executables. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, pp. 207–226. Springer, Heidelberg (2006). doi:10.1007/11663812_11
László, T., Kiss, Á.: Obfuscating C++ programs via control flow flattening. Annales Universitatis Scientarum Budapestinensis de Rolando Eötvös Nominatae, Sectio Computatorica 30, 3–19 (2009)
Leroy, X.: The CompCert C verified compiler: documentation and user’s manual. Ph.D. thesis, Inria (2015)
Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 290–299. ACM (2003)
Popov, I.V., Debray, S.K., Andrews, G.R.: Binary obfuscation using signals. In: USENIX Security (2007)
Raghavan, S.: A note on Eswaran and Tarjan’s algorithm for the strong connectivity augmentation problem. In: Golden, B., Raghavan, S., Wasil, E. (eds.) The Next Wave in Computing, Optimization, and Decision Technologies, vol. 29. Springer, Boston (2005). doi:10.1007/0-387-23529-9_2
Rice, H.G.: Classes of recursively enumerable sets and their decision problems. Trans. Am. Math. Soc. 74(2), 358–366 (1953)
Schrittwieser, S., Katzenbeisser, S.: Code obfuscation against static and dynamic reverse engineering. In: Filler, T., Pevný, T., Craver, S., Ker, A. (eds.) IH 2011. LNCS, vol. 6958, pp. 270–284. Springer, Heidelberg (2011). doi:10.1007/978-3-642-24178-9_19
Schrittwieser, S., Katzenbeisser, S., Kinder, J., Merzdovnik, G., Weippl, E.: Protecting software through obfuscation: Can it keep pace with progress in code analysis? ACM Computing Surveys (CSUR) 49(1), 4 (2016)
Wang, C., Hill, J., Knight, J., Davidson, J.: Software tamper resistance: obstructing static analysis of programs. Technical Report CS-2000-12, University of Virginia, 12 2000 (2000)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Géraud, R., Koscina, M., Lenczner, P., Naccache, D., Saulpic, D. (2017). Generating Functionally Equivalent Programs Having Non-isomorphic Control-Flow Graphs. In: Lipmaa, H., Mitrokotsa, A., Matulevičius, R. (eds) Secure IT Systems. NordSec 2017. Lecture Notes in Computer Science(), vol 10674. Springer, Cham. https://doi.org/10.1007/978-3-319-70290-2_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-70290-2_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-70289-6
Online ISBN: 978-3-319-70290-2
eBook Packages: Computer ScienceComputer Science (R0)