Abstract
Opaque Predicates are one of the most covert methods employed by obfuscators to mitigate the risk of reverse engineering of code. Detecting the presence of opaque predicates in a program is an arduous problem since, it is challenging to differentiate between the conditional expressions present in the program and the extraneous expressions added by the obfuscator. This paper addresses a number of limitations encountered in the previous work due to dynamic analysis and proposes an improved algorithm for the detection of opaque predicates, with better efficiency and runtime. We propose a two phased approach for detecting the presence of opaque predicates - building an extractor to extract mathematical expressions from conditional statements and a decision engine which determines if the expressions are opaque predicates or not.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Schrittwieser, S., et al.: Protecting software through obfuscation: can it keep pace with progress in code analysis? ACM Comput. Surveys 49(1), 4 (2016)
Banescu, S., Ochoa, M., Pretschner, A.: A frame- work for measuring software obfuscation resilience against automated attacks. In: 2015 IEEE/ACM 1st International Workshop on Software Protection (SPRO), pp. 45–51. IEEE (2015)
Breaking Down Binary Ninjas Low Level IL (2017). http://bit.ly/binjaIL
Collberg, C.: Surreptitious Software. In: Opaque Predicates, pp. 246–253 (2009)
Dalla Preda, M., Madou, M., De Bosschere, K., Giacobazzi, R.: Opaque predicates detection by abstract interpretation. In: Johnson, M., Vene, V. (eds.) AMAST 2006. LNCS, vol. 4019, pp. 81–95. Springer, Heidelberg (2006). https://doi.org/10.1007/11784180_9
Ganesh, V., Dill, D.L.: A decision procedure for bit-vectors and arrays. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 519–531. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-73368-3_52
Ming, J. et al.: Loop: Logic-oriented opaque predicate detection in obfuscated binary code. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 757–768. ACM (2015)
STP - Simple Theorem Prover (2008). https://github.com/stp/stp
Xu, D., Ming, J., Wu, D.: Generalized dynamic opaque predicates: a new control flow obfuscation method. In: Bishop, M., Nascimento, A.C.A. (eds.) ISC 2016. LNCS, vol. 9866, pp. 323–342. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45871-7_20
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Prakash, R.K.R., Amritha, P.P., Sethumadhavan, M. (2017). Opaque Predicate Detection by Static Analysis of Binary Executables. In: Thampi, S., Martínez Pérez, G., Westphall, C., Hu, J., Fan, C., Gómez Mármol, F. (eds) Security in Computing and Communications. SSCC 2017. Communications in Computer and Information Science, vol 746. Springer, Singapore. https://doi.org/10.1007/978-981-10-6898-0_21
Download citation
DOI: https://doi.org/10.1007/978-981-10-6898-0_21
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-6897-3
Online ISBN: 978-981-10-6898-0
eBook Packages: Computer ScienceComputer Science (R0)