Extended Report on the Obfuscated Integration of Software Protections
Jens Van den Broeck, Bart Coppens, Bjorn De Sutter

TL;DR
This paper introduces a novel obfuscation method combining multiple techniques to protect software from reverse engineering and tampering, demonstrating its effectiveness through extensive experiments.
Contribution
It presents a new combined obfuscation approach that significantly enhances resistance to disassembly and code analysis attacks.
Findings
Effective thwarting of disassembly and code reconstruction
High resilience demonstrated against advanced reverse engineering tools
Publicly available code facilitates reproducibility and further research
Abstract
To counter man-at-the-end attacks such as reverse engineering and tampering, software is often protected with techniques that require support modules to be linked into the application. It is well-known, however, that attackers can exploit the modular nature of applications and their protections to speed up the identification and comprehension process of the relevant code, the assets, and the applied protections. To counter that exploitation of modularity at different levels of granularity, the boundaries between the modules in the program need to be obfuscated. We propose to do so by combining three cross-boundary protection techniques that thwart the disassembly process and in particular the reconstruction of functions: code layout randomization, interprocedurally coupled opaque predicates, and code factoring with intraprocedural control flow idioms. By means of an elaborate…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Security and Verification in Computing · Digital and Cyber Forensics
