Security by Obscurity: Code Obfuscation - PowerPoint PPT Presentation

About This Presentation
Title:

Security by Obscurity: Code Obfuscation

Description:

Current state of protecting intellectual property. Legal protection ... Ordering: spaghetti code. Computation: ex: loop transform, dead code insertion. 11/1/09 ... – PowerPoint PPT presentation

Number of Views:105
Avg rating:3.0/5.0
Slides: 9
Provided by: csS74
Learn more at: http://www.cs.sjsu.edu
Category:

less

Transcript and Presenter's Notes

Title: Security by Obscurity: Code Obfuscation


1
Security by Obscurity Code Obfuscation
  • Kai-fan Lee

2
Introduction
  • Current state of protecting intellectual property
  • Legal protection
  • Server side execution
  • Code encryption
  • Code obfuscation
  • a transformation that transforms P to P, such
    that P preserves the same observable behavior as
    P, but much more difficult to analyze

3
Goals of Obfuscation
  • Collbergs 4 criteria
  • Potency adds obscurity to confuse human reader
  • Stealth transformation should not look obvious
  • ie isPrime(37582346371)
  • Resilience hard to remove by automatic method
  • Cost should not add too much overhead

4
Classification Of Obfuscation
  • Layout Transformation
  • Preventive Transformation
  • ie Mocha (decompiler) vs. HoseMocha (obfuscator)
  • Data Transformation
  • Storage ex convert static data to procedure
  • Encoding ex redefine data value
  • Aggregation
  • Ordering
  • Control Transformation
  • Aggregation ex inline outline
  • Ordering spaghetti code
  • Computation ex loop transform, dead code
    insertion

5
Opaque Construct
  • Dead code insertion is most often used, and
    easiest to implement
  • Ex PT (5gt1)predicate always evaluated to be
    true, PF (1gt5)predicate always evaluated to be
    false

If (5gt1)T S else Sbug
If (1gt5)F Sbug S
While (E and (5gt1)T) S
  • Problem dead code can be easily removed
  • Solution Opaque construct in point p of a
    program is the variable V or a fragment of
    program P, which has a value that is well known
    during the time of obfuscation, but is very hard
    to determine after obfuscation.

6
Opaque Construct (Cont.)
  • Mathematical truth
  • ((xx2) mod 2 0)T
  • ((28x2-13x-5) mod 9 0)T
  • Decent resilience, but not very potent and
    stealthy
  • Pointer alias problem
  • NP hard to solve
  • (g ! h)T
  • (f ! h)T

7
What goes wrong?
  • Hard to debug
  • May Promote Piracy

8
Conclusion/Questions?
  • Will play an important role in the future because
    of ANDF
  • Microsoft already planned to ship their visual
    studio .NET with third party obfuscator
  • Thank You!!
Write a Comment
User Comments (0)
About PowerShow.com