Automatic generation of opaque constants based on the k-clique problem for resilient data obfuscation

Data obfuscations are program transformations used to complicate program understanding and conceal actual values of program variables. The possibility to hide constant values is a basic building block of several obfuscation techniques. For example, in XOR Masking a constant mask is used to encode data, but this mask must be hidden too, in order to keep the obfuscation resilient to attacks. In this paper, we present a novel technique based on the k-clique problem, which is known to be NP-complete, to generate opaque constants, i.e. values that are difficult to guess by static analysis. In our experimental assessment we show that our opaque constants are computationally cheap to generate, both at obfuscation time and at runtime. Moreover, due to the NP-completeness of the k-clique problem, our opaque constants can be proven to be hard to attack with state-of-the-art static analysis tools.

[1]  Andrew Blyth,et al.  An empirical examination of the reverse engineering process for binary files , 2006, Comput. Secur..

[2]  Dawson R. Engler,et al.  KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs , 2008, OSDI.

[3]  Harvey L. Garner,et al.  RESIDUE NUMBER SYSTEM ENHANCEMENTS FOR PROGRAMMABLE PROCESSORS , 2008 .

[4]  Christopher Krügel,et al.  Limits of Static Analysis for Malware Detection , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[5]  Debin Gao,et al.  Linear Obfuscation to Combat Symbolic Execution , 2011, ESORICS.

[6]  Simson L. Garfinkel,et al.  A Survey of XOR as a Digital Obfuscation Technique in a Corpus of Real Data , 2014 .

[7]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[8]  Paolo Falcarin,et al.  Guest Editors' Introduction: Software Protection , 2011, IEEE Software.

[9]  Marco Torchiano,et al.  A family of experiments to assess the effectiveness and efficiency of source code obfuscation techniques , 2013, Empirical Software Engineering.

[10]  James C. King,et al.  Symbolic execution and program testing , 1976, CACM.

[11]  Saumya K. Debray,et al.  Deobfuscation: reverse engineering obfuscated code , 2005, 12th Working Conference on Reverse Engineering (WCRE'05).

[12]  G. Ramalingam,et al.  The undecidability of aliasing , 1994, TOPL.

[13]  Richard M. Karp,et al.  Reducibility Among Combinatorial Problems , 1972, 50 Years of Integer Programming.

[14]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[15]  Hector J. Levesque,et al.  Generating Hard Satisfiability Problems , 1996, Artif. Intell..

[16]  Clark Thomborson,et al.  Manufacturing cheap, resilient, and stealthy opaque constructs , 1998, POPL '98.

[17]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[18]  Ramarathnam Venkatesan,et al.  Iterated Transformations and Quantitative Metrics for Software Protection , 2009, SECRYPT.

[19]  Clark Thomborson,et al.  A PROVABLE SCHEME FOR HOMOMORPHIC OBFUSCATIONS IN SOFTWARE SECURITY , 2005 .

[20]  Gregory Wroblewski,et al.  General Method of Program Code Obfuscation , 2002 .

[21]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[22]  Matthew T. Karnick,et al.  A QUALITATIVE ANALYSIS OF JAVA OBFUSCATION , 2006 .