# How to Kill Symbolic Deobfuscation for Free; or Unleashing the Potential   of Path-Oriented Protections

**Authors:** Mathilde Ollivier, S\'ebastien Bardin, Richard Bonichon, Jean-Yves, Marion

arXiv: 1908.01549 · 2019-08-08

## TL;DR

This paper introduces a new class of lightweight, efficient, and analytically proven path-oriented obfuscation techniques that effectively counter Dynamic Symbolic Execution (DSE) attacks with minimal performance impact.

## Contribution

The paper proposes a novel class of path-oriented protections specifically designed to hinder DSE-based deobfuscation, addressing limitations of existing defenses.

## Key findings

- Effectively counters DSE-based deobfuscation attacks
- Maintains low runtime overhead
- Provides analytical proof of resistance

## Abstract

Code obfuscation is a major tool for protecting software intellectual property from attacks such as reverse engineering or code tampering. Yet, recently proposed (automated) attacks based on Dynamic Symbolic Execution (DSE) shows very promising results, hence threatening software integrity. Current defenses are not fully satisfactory, being either not efficient against symbolic reasoning, or affecting runtime performance too much, or being too easy to spot. We present and study a new class of anti-DSE protections coined as path-oriented protections targeting the weakest spot of DSE, namely path exploration. We propose a lightweight, efficient, resistant and analytically proved class of obfuscation algorithms designed to hinder DSE-based attacks. Extensive evaluation demonstrates that these approaches critically counter symbolic deobfuscation while yielding only a very slight overhead.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1908.01549/full.md

## Figures

31 figures with captions in the complete paper: https://tomesphere.com/paper/1908.01549/full.md

## References

50 references — full list in the complete paper: https://tomesphere.com/paper/1908.01549/full.md

---
Source: https://tomesphere.com/paper/1908.01549