ROPfuscator: Robust Obfuscation with ROP
Giulio De Pasquale, Fukutomo Nakanishi, Daniele Ferla, Lorenzo, Cavallaro
TL;DR
ROPfuscator leverages return-oriented programming to create a robust, compiler-driven software obfuscation method that withstands sophisticated man-at-the-end attacks, balancing security, overhead, and practicality.
Contribution
It introduces ROPfuscator, a novel LLVM-based ROP obfuscation technique with opaque predicates and instruction hiding, and provides a comprehensive threat model and evaluation framework.
Findings
Effective against advanced MATE attacks
Balances obfuscation strength with performance overhead
Provides a unified framework for evaluating ROP-based obfuscation
Abstract
Software obfuscation plays a crucial role in protecting intellectual property in software from reverse engineering attempts. While some obfuscation techniques originate from the obfuscation-reverse engineering arms race, others stem from different research areas, such as binary software exploitation. Return-oriented programming (ROP) gained popularity as one of the most effective exploitation techniques for memory error vulnerabilities. ROP interferes with our natural perception of a process control flow, inspiring us to repurpose ROP as a robust and effective form of software obfuscation. Although previous work already explores ROP's effectiveness as an obfuscation technique, evolving reverse engineering research raises the need for principled reasoning to understand the strengths and limitations of ROP-based mechanisms against man-at-the-end (MATE) attacks. To this end, we present…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Security and Verification in Computing · Adversarial Robustness in Machine Learning