Model of Execution Trace Obfuscation Between Threads

被引:3
|
作者
Sha, Zihan [1 ]
Shu, Hui [1 ]
Xiong, Xiaobing [1 ]
Kang, Fei [1 ]
机构
[1] State Key Lab Math Engn & Adv Comp, Zhengzhou 450001, Henan, Peoples R China
关键词
Codes; Heuristic algorithms; Software algorithms; Message systems; Encryption; Software; Instruction sets; Anti-reverse; code transformation; graph theory; cascade encryption; multithreading;
D O I
10.1109/TDSC.2021.3123159
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Advanced reverse analysis tools have significantly improved the ability of attackers to crack software via dynamic analysis techniques, such as symbol execution and taint analysis. These techniques are widely used in malicious fields such as vulnerability exploitation or theft of intellectual property. In this paper, we present an obfuscation strategy called "execution trace obfuscation," wherein the program execution trace repeatedly switches between multiple threads. Our technique realizes equivalent code transformation by abstracting the obfuscation problems into pruning, cloning, and coloring problems in graph theory. Based on this, we further propose the cascade encryption of a function that depends on execution trace information with a key derived from the function address calculation process, followed by removing this key from the program. We have implemented a compiler-level system that inputs a source program and automatically generates an obfuscated file. Finally, random test proves the universality of obfuscation algorithm and verify the system's performance. Results shows that our system can effectively interfere advanced reverse analysis tools.
引用
收藏
页码:4156 / 4171
页数:16
相关论文
共 50 条
  • [1] Bouncing threads: Merging a new execution model into a nanotechnology memory
    Frost, SE
    Rodrigues, AF
    Giefer, CA
    Kogge, PM
    ISVLSI 2003: IEEE COMPUTER SOCIETY ANNUAL SYMPOSIUM ON VLSI, PROCEEDINGS: NEW TRENDS AND TECHNOLOGIES FOR VLSI SYSTEMS DESIGN, 2003, : 19 - 25
  • [2] Branch obfuscation to combat symbolic execution
    Wang, Zhi
    Jia, Chun-Fu
    Liu, Wei-Jie
    Wang, Xiao-Chu
    Zhang, Hai-Ning
    Yu, Xiao-Xu
    Chen, Zhe
    Tien Tzu Hsueh Pao/Acta Electronica Sinica, 2015, 43 (05): : 870 - 878
  • [3] Linear Obfuscation to Combat Symbolic Execution
    Wang, Zhi
    Ming, Jiang
    Jia, Chunfu
    Gao, Debin
    COMPUTER SECURITY - ESORICS 2011, 2011, 6879 : 210 - +
  • [4] New execution model for CAPE using multiple threads on multicore clusters
    Do, Xuan Huyen
    Ha, Viet Hai
    Tran, Van Long
    Renault, Eric
    ETRI JOURNAL, 2021, 43 (05) : 825 - 834
  • [5] Code Obfuscation Against Symbolic Execution Attacks
    Banescu, Sebastian
    Collberg, Christian
    Ganesh, Vijay
    Newsham, Zack
    Pretschner, Alexander
    32ND ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2016), 2016, : 189 - 200
  • [6] On Preventing Symbolic Execution Attacks by Low Cost Obfuscation
    Seto, Toshiki
    Monden, Akito
    Yucel, Zeynep
    Kanzaki, Yuichiro
    2019 20TH IEEE/ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCE, NETWORKING AND PARALLEL/DISTRIBUTED COMPUTING (SNPD), 2019, : 495 - 500
  • [7] Formal model of IEC 61499 execution trace in FBME IDE
    Liakh, Tatiana
    Sorokin, Radimir
    Akifev, Daniil
    Patil, Sandeep
    Vyatkin, Valeriy
    2022 IEEE 20TH INTERNATIONAL CONFERENCE ON INDUSTRIAL INFORMATICS (INDIN), 2022, : 588 - 593
  • [8] Dynamically Dispatching Speculative Threads to Improve Sequential Execution
    Luo, Yangchun
    Zhai, Antonia
    ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION, 2012, 9 (03)
  • [9] A Data Structure Centric Method and Execution Model for Partitioning Sequential Programs into Multiple Speculative Threads
    Du, Yanning
    Zhao, Yinliang
    Han, Bo
    Li, Yuancheng
    2012 IEEE 14TH INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS & 2012 IEEE 9TH INTERNATIONAL CONFERENCE ON EMBEDDED SOFTWARE AND SYSTEMS (HPCC-ICESS), 2012, : 556 - 563
  • [10] Adapting application execution in CMPs using helper threads
    Ding, Yang
    Kandemir, Mahmut
    Raghavan, Padma
    Irwin, Mary Jane
    JOURNAL OF PARALLEL AND DISTRIBUTED COMPUTING, 2009, 69 (09) : 790 - 806