TL;DR
This paper investigates using return-oriented programming (ROP) techniques for program obfuscation, demonstrating that ROP chains can resist deobfuscation efforts with manageable overheads, thus enhancing software security.
Contribution
It introduces a novel approach to embed ROP chains within programs for obfuscation, showing how to withstand static and dynamic deobfuscation methods.
Findings
ROP-based obfuscation significantly increases attack complexity.
The approach maintains acceptable performance overhead.
Deobfuscation requires substantial computational resources.
Abstract
Largely known for attack scenarios, code reuse techniques at a closer look reveal properties that are appealing also for program obfuscation. We explore the popular return-oriented programming paradigm under this light, transforming program functions into ROP chains that coexist seamlessly with the surrounding software stack. We show how to build chains that can withstand popular static and dynamic deobfuscation approaches, evaluating the robustness and overheads of the design over common programs. The results suggest a significant amount of computational resources would be required to carry a deobfuscation attack for secret finding and code coverage goals.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
