Presentation is loading. Please wait.

Presentation is loading. Please wait.

Preventing Reverse Engineering by Obfuscating Bharath Kumar.

Published byLizbeth Chapman Modified over 9 years ago

Similar presentations

Presentation on theme: "Preventing Reverse Engineering by Obfuscating Bharath Kumar."— Presentation transcript:

1 Preventing Reverse Engineering by Obfuscating Bharath Kumar

2 Reverse Engineering  Process of backtracking through the software process  Obtaining source code from binary/ byte code.  Understanding programs to realize intent.  Intellectual property issues.

3 Example public class TreeEnum { Vector treesBasedOnNumber; private Vector getTrees(int numberOfNodes) { if (numberOfNodes == 0) return null; if (numberOfNodes <= treesBasedOnNumber.size()) { // System.out.println("Trying for " + (numberOfNodes - 1) + " with " + treesBasedOnNumber.size()); Object o = treesBasedOnNumber.get(numberOfNodes - 1); if (o instanceof Vector) return (Vector)o; else return null; } return null; }

4 Reverse engineered! public synchronized class TreeEnum { Vector treesBasedOnNumber; private Vector getTrees(int i) { if (i == 0) return null; if (i > treesBasedOnNumber.size()) return null; Object object = treesBasedOnNumber.get(i - 1); if (object instanceof Vector) return (Vector)object; else return null; }

5 Approaches against reverse engineering  Legal battles  Service based software  Thin mobile code  Code encryption  Distributing binaries  Obfuscation

6 Obfuscation  Obfuscate – “to confuse”  Alter code so as to confuse reverse engineer, but preserve functionality  Behavior preserving transformations on code that preserve function but reduce readability or understandability  How do we confuse the reader?

7 Software metrics  Program length  Complexity of program increases with the number of operators and operands in P.  Cyclomatic complexity  Complexity increases with the number of predicates in a function.  Nesting complexity  Complexity increases with the number of nesting level of conditionals in a program.  Data flow complexity  Complexity increases with the number of inter- block variable references.

8 Software metrics…  Fan-in/fan-out complexity  Complexity increases with the number of formal parameters to a function, and with the number of global data structures read or updated in the function.  Data structure complexity  Complexity increases with the complexity of the static data structures in the program. Variables, Vectors, Records.  OO Metrics  Complexity increases with  Level of inheritance  Coupling  Number of methods triggered by another method  Non-cohesiveness

9 A classification of obfuscations  Layout transformations  Change formatting information  Control transformations  Alter program control and computation  Aggregation transformations  Refactor program using aggregation methods  Data transformations  Storage and encoding information

10 Some metrics for obfuscations  Assume complexity of a program be E(P) (based on metrics)  Potency of a transformation is the level of complexity it introduces.  E(P`)/E(P) – 1  Resilience of a transformation measures how well it can deal with a deobfuscation ‘attack’  On a scale of trivial to one-way  Execution cost  Free, cheap, costly, dear  Quality of an obfuscation  A combination of potency, resilience, and execution cost

11 Control transformations  Opaque predicates  S1; S2;  S1; if (Pred) S1; S2; if (Pred) S2;  Opaque constructs – always evaluate one way (known to obfuscator), unknown to deobfuscator.  Trivial and weak opaque constructs.

12 Control transformations  Insert dead or irrelevant code  Extend loop conditions  Convert a reducible to a non-reducible flow graph  Redundant operands  Parallelize code  Replacing standard library routines by custom routines

13 Aggregation transformations  Inline and outline methods  Interleave methods  Clone methods  Loop transformations  Loop blocking  Loop unrolling  Loop fission  Ordering transformations

14 Data transformations  Change encoding  Pack variables into bigger variables  Pack variables into arrays  Convert static to procedural data  Restructure arrays  Altering inheritance hierarchies

15 Opaque constructs  The pointer aliasing problem  Shown to be NP-hard or even undecidable  Dynamic structures for producing opaque constructs.  Opaque constructs using threads.

16 Deobfuscation  Almost all obfuscating transforms have a deobfuscating transform  Essentially boils down to evaluating opaque constructs  Program slicing  Pattern matching  Statistical analysis  Data flow analysis  Theorem proving

Download ppt "Preventing Reverse Engineering by Obfuscating Bharath Kumar."

Similar presentations

Saumya Debray The University of Arizona Tucson, AZ 85721.

Saumya Debray The University of Arizona Tucson, AZ
School of EECS, Peking University “Advanced Compiler Techniques” (Fall 2011) Parallelism & Locality Optimization.

School of EECS, Peking University “Advanced Compiler Techniques” (Fall 2011) Parallelism & Locality Optimization.
7. Optimization Prof. O. Nierstrasz Lecture notes by Marcus Denker.

7. Optimization Prof. O. Nierstrasz Lecture notes by Marcus Denker.
1 CS 201 Compiler Construction Lecture 3 Data Flow Analysis.

1 CS 201 Compiler Construction Lecture 3 Data Flow Analysis.
Programming Languages and Paradigms

Programming Languages and Paradigms
Architecture-dependent optimizations Functional units, delay slots and dependency analysis.

Architecture-dependent optimizations Functional units, delay slots and dependency analysis.
Pointer Analysis – Part I Mayur Naik Intel Research, Berkeley CS294 Lecture March 17, 2009.

Pointer Analysis – Part I Mayur Naik Intel Research, Berkeley CS294 Lecture March 17, 2009.
Bernstein’s Conditions. Techniques to Exploit Parallelism in Sequential Programming Hierarchy of levels of parallelism: Procedure or Methods Statements.

Bernstein’s Conditions. Techniques to Exploit Parallelism in Sequential Programming Hierarchy of levels of parallelism: Procedure or Methods Statements.
Lecture 10: Part 1: OO Issues CS 540 George Mason University.

Lecture 10: Part 1: OO Issues CS 540 George Mason University.
You want me to do what??? Refactoring legacy applications aka : fixing someone else’s “bad” code Niel Zeeman Team Foundation Consulting

You want me to do what??? Refactoring legacy applications aka : fixing someone else’s “bad” code Niel Zeeman Team Foundation Consulting
JavaScript Obfuscation Facts and Fiction Pedro Fortuna, Co-Founder and CTO AuditMark.

JavaScript Obfuscation Facts and Fiction Pedro Fortuna, Co-Founder and CTO AuditMark.
Wmobf.1 1/5/00 Clark Thomborson Watermarking, Tamper-Proofing and Obfuscation – Tools for Software Protection Christian Collberg & Clark Thomborson Computer.

Wmobf.1 1/5/00 Clark Thomborson Watermarking, Tamper-Proofing and Obfuscation – Tools for Software Protection Christian Collberg & Clark Thomborson Computer.
1 Program Slicing Purvi Patel. 2 Contents Introduction What is program slicing? Principle of dependences Variants of program slicing Slicing classifications.

1 Program Slicing Purvi Patel. 2 Contents Introduction What is program slicing? Principle of dependences Variants of program slicing Slicing classifications.
Chair of Software Engineering Constants, once routines, and helper functions these slides contain advanced material and are optional.

Chair of Software Engineering Constants, once routines, and helper functions these slides contain advanced material and are optional.
Topics to be discussed Problem Definition Project Purpose – Building Obfuscator Obfuscation Using Opaque Predicates Implementation details Obfuscation.

Topics to be discussed Problem Definition Project Purpose – Building Obfuscator Obfuscation Using Opaque Predicates Implementation details Obfuscation.
Códigos y Criptografía Francisco Rodríguez Henríquez Software Security Through Code Obfuscation.

Códigos y Criptografía Francisco Rodríguez Henríquez Software Security Through Code Obfuscation.
DR. MIGUEL ÁNGEL OROS HERNÁNDEZ 9. Técnicas anti-ingeniería inversa.

DR. MIGUEL ÁNGEL OROS HERNÁNDEZ 9. Técnicas anti-ingeniería inversa.
Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.

Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.
Software-based Code Attestation for Wireless Sensors.

Software-based Code Attestation for Wireless Sensors.
Software Obfuscation Anirban Majumdar University of Trento

Software Obfuscation Anirban Majumdar University of Trento

Similar presentations

Ads by Google