Dissertation > Excellent graduate degree dissertation topics show

Research on Binary Code Path Obfuscation

Author: WangZhi
Tutor: JiaChunFu
School: Nankai University
Course: Operational Research and Cybernetics
Keywords: information security software intellectual property protection code obfuscation software path information leakage reverse engineering
CLC: TP309
Type: PhD thesis
Year: 2012
Downloads: 0
Quote: 1
Read: Download Dissertation

Abstract


Software will leak path information at runtime. In recent years, concolicexecution, dynamic taint analysis and theorem proving are widely used in softwarereverse engineering, that attackers can collect path constraints from software’s binaryexecution trace and reason about software internal logic, posing a serious threat tosoftware intellectual property protection.This article analyzed the software’s path information leakage problem, andproposed path obfuscation technique, which used unsolved conjectures, instruction’sside effects and prefix-preserving algorithm to protect software’s path informationwithout changing software’s functionality. The research results are as follows:1. Path obfuscation using unsolved mathematical conjectures. The Collatzconjecture also known as the3x+1problem has not been proved, but in the checkedinteger range, there is no counter-example, and the checked range is much larger thansoftware’s commonly used integer range. Therefore, the Collatz conjecture andsimilar unsolved mathematical conjectures can be used to obfuscate software’s pathinformation, without changing software’s functionality,and the difficulty of reverseengineering using leaked path information will be equivalent to the difficulty ofproving these unresolved mathematical conjectures. Path obfuscation using unsolvedmathematical conjectures is a linear obfuscation, and the experiments show that theadded space and time cost is very small, and the obfuscated codes resemble theoriginal code.2. Path obfuscation using side effects of CPU instruction. Conditional jumpinstructions disclose software’s path information in the execution trace. In order toprevent path information leakage, this work uses conditional exception codes toreplace the conditional jump instructions, that the branch information is hid in theimplicit instruction’s side effects, and uses OS exception handling mechanism tocarry out control transfer. Most instructions in the x86complex instruction set haveimplicit side effects, and there are a variety of context which can affect instruction’s execution. Therefore, the difficulty of collecting software’s path information fromexecution trace is equivalent to the difficulty of reasoning about the possible sideeffects of all CPU instructions in a variety of execution environments, and the reverseengineering’s efficiency is similar to random guessing. The experimental results showthat this obfuscation strategy can effectively hide the software’s path information, andhas an excellent obfuscation strength and resilience.3. Path obfuscation using one-way prefix-preserving algorithm. Hash functionshave good one-way property, so it is difficult for attackers to calculate the input fromhash value, but the hash function is not order-preserving, that its application range islimited to the protection of equal conditions. This work extends one-way hashfunction’s application by introducing prefix-preserving algorithm. Becauseprefix-preserving algorithm could convert a data range to a prefix set, an unequalcondition could be changed to equal conditions based on prefix matching. Therefore,prefix-preserving algorithm increased the application of one-way hash function in thesoftware protection. The difficulty of reverse engineering using leaked pathinformation is equivalent to the difficulty of calculating hash function’s inputaccording to the hash value.4. Design and implementation of path obfuscation system. This work analyzedthe application range, strength, resilience, cost and stealth of different pathobfuscation strategies, and proposed an optimized obfuscation strategy. After that,this work designed and implemented an automated path obfuscation system to reducethe workload of programmers, which is based on the open source LLVM compilerinfrastructure. The results show that this path obfuscation system can effectivelyprotect software’s path information, and the increased overhead in the time and spaceis limited.

Related Dissertations

  1. The Research of Vector CAD Electronic Drawing Protection System,TP391.72
  2. Research on Setting Innovation Problems of Mathematics in College Entrance Examination,G633.6
  3. Study on Strategy of Our National Confidential E-government Nets’ Information Security Construction,D630
  4. Researches on Digital Signature Scheme Based on Bilinear Map,TN918.1
  5. Based on Chaotic Secure instant messaging technology research,TN918.82
  6. Research and Design on Asymmetric Encryption and Decryption Algorithm Based on FFTT,TP309.7
  7. Study on Information Security of C Company,F270.7
  8. Study on Information Management Security and Countermeasures of A Power Supply Company,F426.61
  9. Study on the Network Information Security Management of Jiangxi Mobile,TP309
  10. United States since the late 20th century Cyberspace Security Strategy,E712
  11. Police Problems in Information Technology and Countermeasures,D631.1
  12. 3D Reconstruction of Artificial Teeth and Software Development Based on Reverse Engineering,TP391.72
  13. Reverse Engineering and Finite Element Analysis of Turbocharger Comperssor Impeller,TK403
  14. Research and Application on Security Authentication Technologies in Internet of Things,TN929.5
  15. UCON-Based Access Control Model and Application in IoT Environment,TP393.08
  16. PKI Based Authentication System and Its Application on Power Grid,TM727
  17. Research and Implementation of Information Security Strategy in Electric Enterprises,TP393.08
  18. Research on Code Obfuscation Method Based on Compression Encryption and Polymorphism,TP393.08
  19. Research and Implementation of the Code Obfuscation Technology Based on Binary Executable Program,TP311.52
  20. Research on Intellectual Property Protection of Computer Software,F49
  21. Behavior-based cross-site scripting attack detection technology research and implementation,TP393.08

CLC: > Industrial Technology > Automation technology,computer technology > Computing technology,computer technology > General issues > Security and confidentiality
© 2012 www.DissertationTopic.Net  Mobile