Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

access icon free Call graph obfuscation and diversification: an approach

Monetary loss due to software piracy nowadays reaches millions. In 2017, the commercial value for this concept rose to $46.3 billion. A way to mitigate this problem from the technological point of view is the use of software protection techniques, especially the obfuscation and diversification of code, highlighting the control obfuscation. There are many proposals connected with obfuscating control flow graph. However, there are few reported works that perform obfuscation of the call graph. In this study, the authors propose a novel mechanism for the static obfuscation and diversification of the call graph of a software. The mechanism is based on the routing of functions calls in order to modify the software call graph. A prototype of the proposed mechanism was developed by extending the functionalities of a compiler. The generated software differed structurally by 25% on average, compared to the original software. There was an increase in the level of obfuscation from 2 to 30% in the tests performed, with only a 3% overhead of the execution time in all cases. The proposal allows to restructure the whole call graph efficiently, increasing the level of protection without affecting significantly the software performance.

References

    1. 1)
      • 15. Fukuda, K., Tamada, H.: ‘An obfuscation method to build a fake call flow graph by hooking method calls’. 15th IEEE/ACIS Int. Conf. on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), Las Vegas, NV, USA, June 2014, pp. 16.
    2. 2)
      • 23. Toyofuku, T., Tabata, T., Sakurai, K.: ‘Program obfuscation scheme using random numbers to complicate control flow’. Embedded and Ubiquitous Computing – EUC 2005 Workshops: Proc., Berlin, Heidelberg: Springer Berlin Heidelberg, December 2005, pp. 916925.
    3. 3)
      • 4. Mason, S.: ‘Trusting your computer to be trusted’, Comput. Fraud Secur., 2005, 1, pp. 711.
    4. 4)
      • 26. Jones, L., Whelan, R., Blackthorne, J., et al: ‘Flowtables: program skeletal inversion for defeat of interprocedural analysis with unique metamorphism’. Proc. of the 5th Program Protection and Reverse Engineering Workshop, New York, NY, USA, PPREW-5, ACM, 2015, pp. 6:16:11.
    5. 5)
      • 17. Bang-Jensen, J., Gutin, G.: ‘Digraphs: theory, algorithms and applications’ (Springer-Verlag, London, UK, 2002).
    6. 6)
      • 20. Henning, J.: ‘Spec cpu2000: measuring cpu performance in the new millennium’, Computer. (Long. Beach. Calif), 2000, 33, (7), pp. 2835.
    7. 7)
      • 8. Madou, M., Anckaert, B., De Sutter, B., et al: ‘Hybrid static-dynamic attacks against software protection mechanisms’. DRM ‘05: Proc. of the 5th ACM workshop on Digital rights management, New York, NY, USA: ACM, 2005, pp. 7582.
    8. 8)
      • 16. Pryamikov, V.: ‘Call tree transformation for program obfuscation and copy protection’. Proc. of the First Int. Conf. on Digital Rights Management: Technologies, Issues, Challenges and Systems, ser. DRMTICS'05, Berlin, Heidelberg: Springer-Verlag, 2006, pp. 164179.
    9. 9)
      • 5. Das, S.K., Ho, J.W.: ‘A synopsis on node compromise detection in wireless sensor networks using sequential analysis (invited review article)’, Comput. Commun., 2011, 34, pp. 20032012.
    10. 10)
      • 18. Varnovskiya, N.P., Zakharovb, V.A., Kuzyurinc, N.N., et al: ‘The current state of art in program obfuscations: definitions of obfuscation security’, Program. Comput. Softw., 2015, 41, pp. 361372.
    11. 11)
      • 25. Wang, Y., Wang, S., Wang, P., et al: ‘Turing obfuscation’, in Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A., (Eds): ‘Security and privacy in communication networks (Cham)’ (Springer International Publishing, Cham, Switzerland, 2018), pp. 225244.
    12. 12)
      • 12. Chen, H., Yuan, L., Wu, X., et al: ‘Control flow obfuscation with information flow tracking’. Proc. of the 42Nd Annual IEEE/ACM Int. Symp. on Microarchitecture, ser. MICRO 42, New York, NY, USA: ACM, 2009, pp. 391400.
    13. 13)
      • 1. BSA global software survey’, Available at https://gss.bsa.org/wp-content/uploads/2018/06/2018_BSA_GSS_InBrief_US.pdf, accessed 3 September 2018.
    14. 14)
      • 14. Omar, R., El-Mahdy, A., Rohou, E.: ‘Arbitrary control-flow embedding into multiple threads for obfuscation: A preliminary complexity and performance analysis’. Proc. of the 2Nd Int. Workshop on Security in Cloud Computing, ser. SCC ‘14, NewYork, NY, USA: ACM, 2014, pp. 5158.
    15. 15)
      • 2. Eilam, E.: ‘Reversing: secrets of reverse engineering’ (Wiley Publishing, Inc, Indianapolis, IN, USA, 2005).
    16. 16)
      • 7. Kim, S.S., Lee, D.G., Park, J.H.: ‘Efficient scheme of verifying integrity of application binaries in embedded operating systems’, J. Supercomput., 2012, 59, pp. 676692.
    17. 17)
      • 28. Joshi, H., Dhanasekaran, A., Dutta, R.: ‘Trading off a vulnerability: does software obfuscation increase the risk of rop attacks’, J. Cyber Secur. Mobility, 2016, 4, pp. 305324.
    18. 18)
      • 9. Schrittwieser, S., Katzenbeisser, S.: ‘Code obfuscation against static and dynamic reverse engineering’. Proc. of the 13th int. Conf. on Information hiding, ser. IH'11, Berlin, Heidelberg: Springer-Verlag, 2011, pp. 270284.
    19. 19)
      • 11. Wee, H.: ‘On obfuscating point functions’. Proc. of the thirty-seventh annual ACM symp. on Theory of computing, ser. STOC ‘05, New York, NY, USA: ACM, 2005, pp. 523532.
    20. 20)
      • 10. Collberg, C.S., Thomborson, C.: ‘Watermarking, tamper-proofing, and obfuscation - tools for software protection’, IEEE Trans. Softw. Eng., 2002, 28, pp. 735746.
    21. 21)
      • 13. Cappaert, J., Preneel, B.: ‘A general model for hiding control flow’. Proc. of the Tenth Annual ACM Workshop on Digital Rights Management, ser. DRM ‘10, New York, NY, USA: ACM, 2010, pp. 3542.
    22. 22)
      • 27. Mu, D., Guo, J., Ding, W., et al: ‘Ropob: obfuscating binary code via return oriented programming’, in Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A., (Eds): ‘Security and privacy in communication networks (Cham)’ (Springer International Publishing, Cham, Switzerland, 2018), pp. 721737.
    23. 23)
      • 3. Main, A., van Oorschot, P.C.: ‘Software protection and application security: understanding the battleground’. Int. Course on State of the Art and Evolution of Computer Security and Industrial Cryptography, Heverlee, 2003, pp. 18.
    24. 24)
      • 29. Pandey, M., Sarda, S.: ‘LLVM cookbook’ (PACKT Publishing, Birmingham, UK, 2015).
    25. 25)
      • 22. Balachandran, V., Emmanuel, S., Keong, W.: ‘Return oriented obfuscation’. Eighth Int. Conf. on Networks & Communications (NETCOM - 2016), Sydney, NSW, Australia, 2016, pp. 2536.
    26. 26)
      • 21. Balachandran, V., Keong, N.W., Emmanuel, S.: ‘Function level control flow obfuscation for software security’. 2014 Eighth Int. Conf. on Complex, Intelligent and Software Intensive Systems, Birmingham, UK, July 2014, pp. 133140.
    27. 27)
      • 6. Tsaur, W.-J.: ‘Secure communication for electronic business applications in mobile agent networks’, Expert Syst. Appl., 2012, 39, pp. 10461054.
    28. 28)
      • 24. Lan, P., Wang, P., Wang, S., et al: ‘Lambda obfuscation’, in Lin, X., Ghorbani, A., Ren, K., Zhu, S.,Zhang, A., (Eds): ‘Security and privacy in communication networks (Cham)’ (Springer International Publishing, Cham, Switzerland, 2018), pp. 206224.
    29. 29)
      • 19. Bindiff 4.2 graph comparison’, Available at http://www.zynamics.com/bindiff.html, accessed 17 September 2016.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2019.0216
Loading

Related content

content/journals/10.1049/iet-ifs.2019.0216
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address