Probabilistic Obfuscation through Covert Channels

被引:4
|
作者
Stephens, Jon [1 ]
Yadegari, Babak [1 ]
Collberg, Christian [1 ]
Debray, Saumya [1 ]
Scheidegger, Carlos [1 ]
机构
[1] Univ Arizona, Dept Comp Sci, Tucson, AZ 85721 USA
来源
2018 3RD IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY (EUROS&P 2018) | 2018年
基金
美国国家科学基金会;
关键词
SOFTWARE; EXECUTION;
D O I
10.1109/EuroSP.2018.00025
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper presents a program obfuscation framework that uses covert channels through the program's execution environment to obfuscate information flow through the program. Unlike prior works on obfuscation, the use of covert channels removes visible information flows from the computation of the program and reroutes them through the program's runtime system and/or the operating system. This renders these information flows, and the corresponding control and data dependencies, invisible to program analysis tools such as symbolic execution engines. Additionally, we present the idea of probabilistic obfuscation which uses imperfect covert channels to leak information with some probabilistic guarantees. Experimental evaluation of our approach against state of the art detection and analysis techniques show the engines are not well-equipped to handle these obfuscations, particularly those of the probabilistic variety.
引用
收藏
页码:243 / 257
页数:15
相关论文
共 50 条
  • [1] Probabilistic timing covert channels: to close or not to close?
    Alessandra Di Pierro
    Chris Hankin
    Herbert Wiklicky
    International Journal of Information Security, 2011, 10 : 83 - 106
  • [2] Simulation Analysis of Probabilistic Timing Covert Channels
    Guo Yunchuan
    Yin Lihua
    Zhou Yuan
    Li Chao
    Guo Li
    NAS: 2009 IEEE INTERNATIONAL CONFERENCE ON NETWORKING, ARCHITECTURE, AND STORAGE, 2009, : 325 - +
  • [3] Probabilistic timing covert channels: to close or not to close?
    Di Pierro, Alessandra
    Hankin, Chris
    Wiklicky, Herbert
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2011, 10 (02) : 83 - 106
  • [4] Covert Computation Hiding code in code through compile-time obfuscation
    Schrittwieser, Sebastian
    Katzenbeisser, Stefan
    Kieseberg, Peter
    Huber, Markus
    Leithner, Manuel
    Mulazzani, Martin
    Weippl, Edgar
    COMPUTERS & SECURITY, 2014, 42 : 13 - 26
  • [5] Statistical covert channels through PROXY server
    Galatenko, A
    Grusho, A
    Kniazev, A
    Timonina, E
    COMPUTER NETWORK SECURITY, PROCEEDINGS, 2005, 3685 : 424 - 429
  • [6] Covert communications through mobile voice channels
    Kazemi, Reza
    Rezaei, Roohollah
    Akhaee, Mohammad A.
    Behnia, Fereidoon
    IET INFORMATION SECURITY, 2016, 10 (03) : 156 - 164
  • [7] OBELIX: Mitigating Side-Channels Through Dynamic Obfuscation
    Wichelmann, Jan
    Rabich, Anja
    Paetschke, Anna
    Eisenbarth, Thomas
    45TH IEEE SYMPOSIUM ON SECURITY AND PRIVACY, SP 2024, 2024, : 4182 - 4199
  • [8] Enhancing Integrity of Modbus TCP Through Covert Channels
    Taylor, James M., Jr.
    Sharif, Hamid R.
    2017 11TH INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING AND COMMUNICATION SYSTEMS (ICSPCS), 2017,
  • [9] Understanding and Mitigating Covert Channels Through Branch Predictors
    Evtyushkin, Dmitry
    Ponomarev, Dmitry
    Abu-Ghazaleh, Nael
    ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION, 2016, 13 (01)
  • [10] Investigating HTTP Covert Channels Through Fuzz Testing
    Holk, Kai
    Mazurczyk, Wojciech
    Zuppelli, Marco
    Caviglione, Luca
    19TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY, ARES 2024, 2024,
12345