Semantics-based code obfuscation by abstract interpretation

  title={Semantics-based code obfuscation by abstract interpretation},
  author={Mila Dalla Preda and Roberto Giacobazzi},
  journal={J. Comput. Secur.},
In recent years code obfuscation has attracted research interest as a promising technique for protecting secret properties of programs. The basic idea of code obfuscation is to transform programs in order to hide their sensitive information while preserving their functionality. One of the major drawbacks of code obfuscation is the lack of a rigorous theoretical framework that makes it difficult to formally analyze and certify the effectiveness of obfuscating techniques. We face this problem by… 

Figures and Tables from this paper

Maximal incompleteness as obfuscation potency
This paper proposes a formal model for specifying and understanding the strength of obfuscating transformations with respect to a given attack model and introduces a framework for transforming abstract domains, i.e., analyses, towards incompleteness.
Making Abstract Interpretation Incomplete: Modeling the Potency of Obfuscation
It is shown that, for both the forms of completeness, backward and forward, the authors can uniquely simplify domains towards incompleteness, while in general it is not possible to uniquely refine domains.
Characterizing a property-driven obfuscation strategy
This work studies the existence and the characterization of function transformers that minimally or maximally modify a program in order to reveal or conceal a certain property, and provides a characterization of the maximal obfuscating strategy for transformations concealing a given property while revealing the desired observational behavior.
Obfuscation by partial evaluation of distorted interpreters
This work presents a novel approach to automatically generating obfuscated code P2 from any program P whose source code is given, and is applied to: code flattening, data-type obfuscation, and opaque predicate insertion.
Quantitative measures for code obfuscation security
The notion of unintelligibility, an intuitive way to define code obfuscation, is introduced, and it is argued that it is not sufficient to capture the security of codefuscation, and a more powerful security definition is presented that is able to effectively capture code obfuscations security.
Code Obfuscation Against Abstract Model Checking Attacks
A measure of the quality of the obfuscation obtained by model deformation is given together with a corresponding best obfuscation strategy for abstract model checking based on partition refinement.
Code obfuscation against abstraction refinement attacks
The concept of model deformation inducing an effective code obfuscation against attacks performed by abstract model checking is introduced, to make the removal of spurious counterexamples by abstraction refinement maximally inefficient.
The current state of art in program obfuscations: definitions of obfuscation security
A survey of various definitions of obfuscation security and basic results that establish possibility or impossibility of secure program obfuscation under certain cryptographic assumptions are given.
Flexible Software Protection


Control code obfuscation by abstract interpretation
  • M. Preda, R. Giacobazzi
  • Computer Science
    Third IEEE International Conference on Software Engineering and Formal Methods (SEFM'05)
  • 2005
It is proved that abstract interpretation provides the adequate setting to measure the potency of an obfuscation algorithm by comparing the degree of abstraction of the most abstract domains which are able to disclose opaque predicates.
Semantic-Based Code Obfuscation by Abstract Interpretation
A general theory based on abstract interpretation is derived, where the potency of code obfuscation can be measured by comparing hidden properties in the lattice of abstract interpretations.
A Taxonomy of Obfuscating Transformations
It is argued that automatic code obfuscation is currently the most viable method for preventing reverse engineering and the design of a code obfuscator is described, a tool which converts a program into an equivalent one that is more diicult to understand and reverse engineer.
On the (im)possibility of obfuscating programs : (Extended abstract)
Informally, an obfuscator O is an (efficient, probabilistic) compiler that takes as input a program (or circuit) P and produces a new program O(P) that has the same functionality as P yet is
Manufacturing cheap, resilient, and stealthy opaque constructs
The design of a Java code obfuscator is described, a tool which - through the application of code transformations - converts a Java program into an equivalent one that is more difficult to reverse engineer.
Opaque Predicates Detection by Abstract Interpretation
Code obfuscation and software watermarking are well known techniques designed to prevent the illegal reuse of software. Code obfuscation prevents malicious reverse engineering, while software
Deobfuscation: reverse engineering obfuscated code
This paper examines techniques for automatic deobfuscation of obfuscated programs, as a step towards reverse engineering such programs, and indicates that much of the effects of code obfuscation can be defeated using simple combinations of straightforward static and dynamic analyses.
Manufacturing opaque predicates in distributed systems for code obfuscation
A novel method of combining the open problems of distributed global state detection with a well-known hard combinatorial problem to manufacture opaque predicates is proposed, capable of withstanding most known forms of automated static analysis attacks and a restricted class of dynamic analysis attack that could be mounted by adversaries.
Breaking abstractions and unstructuring data structures
This paper shows how to obfuscate classes, arrays, procedural abstractions and built-in data types like strings, integers and booleans in a control flow obfuscator for Java.
The Obfuscation Executive
This paper examines the problems that arise when constructing an Obfuscation Executive and the main loop in charge of selecting the part of the application to be obfuscated next, and evaluating how much confusion and overhead has been added to the application.