Environmental Authentication in Malware

Abstract

Malware needs to execute on a target machine while simultaneously keeping its payload confidential from a malware analyst. Standard encryption can be used to ensure the confidentiality, but it does not address the problem of hiding the key. Any analyst can find the decryption key if it is stored in the malware or derived in plain view.

One approach is to derive the key from a part of the environment which changes when the analyst is present. Such malware derives a key from the environment and encrypts its true functionality under this key.

In this paper, we present a formal framework for environmental authentication. We formalize the interaction between malware and analyst in three settings: (1) blind: in which the analyst does not have access to the target environment, (2) basic: where the analyst can load a single analysis toolkit on an effected target, and (3) resettable: where the analyst can create multiple copies of an infected environment. We show necessary and sufficient conditions for malware security in the blind and basic games and show that even under mild conditions, the analyst can always win in the resettable scenario.

A Proofs

1.1 A.1 Proof of Theorem 2

Proof

(of Theorem 2). We show a stronger statement, we show a single algorithm \(A \) that works for any \((\beta , \gamma )\)-environmentally authenticating malware. Let \(t = 2^\beta \ln \left( \frac{n}{1-\epsilon }\right) \). Define \(A \) as follows for decision procedure i:

1. 1.

   Input \(\mathcal {D} _i, S_i, \mathcal {D} _{i-1},S_{i-1},..., \mathcal {D} _1, S_1\).

2. 2.

   For \(j=1\) to t

   1. (a)

      Sample \(E _j\leftarrow \mathtt {Sam} _\mathcal {E} \).

   2. (b)

      If \(D_i(E _{j, S_i})=1\) output \(\mathtt {Guess} _i = E _j\).

3. 3.

   Output \(\perp \).

This procedure is repeated for each decision procedure. \(A\) wins if all decision procedures output 1. We first note that the probability that some decision procedure is incorrect is bounded by at most \(\delta \). We now bound the probability that \(A\) outputs \(\perp \) for any iteration conditioned on the malware being correct. We first consider a single iteration. By Definition 4 and Assumption 1, \(\mathbb {E}_{E _j\in \mathcal {E}} (\Pr [D_i(E _{j, S_i})= 1])\ge 2^{-\beta }\). That means that

$$\begin{aligned} \Pr [A \text { outputs }\perp \text { on }D_i]&=\forall j, \Pr [D_i(E _{j, S_i})=0]\nonumber \\&=\left( \mathbb {E}_{E \in \mathcal {E}} \Pr [D_i(E _{S_i})=0]\right) ^t\nonumber \\&=\left( 1-\mathtt {Accept} (M, i, \mathcal {E}) \right) ^t\nonumber \\&\le \left( 1-2^{-\beta }\right) ^t\nonumber \\&\le \left( \left( 1-2^{-\beta }\right) ^{2^\beta }\right) ^{\left( t/2^{\beta }\right) }\nonumber \\&\le \left( \frac{1}{e}\right) ^{\left( \frac{t}{2^\beta }\right) } \le e^{-t/2^\beta }. \end{aligned}$$

(1)

Then across all iterations by union bound and Eq. 1: \(\Pr [A \text { outputs }\perp \text {on any }\mathcal {D} _i] \le ne^{-t/2^\beta }\). That is,

$$ \Pr [\mathbf {Exp}^{\mathrm {bli-sou}}_{M, \mathcal {E}, A}(\cdot )=1]\ge 1-ne^{-t/2^{\beta }} = 1- ne^{-\ln (n/(1-\epsilon ))} = 1-n\left( \frac{1-\epsilon }{n}\right) = \epsilon . $$

Note that the overall running time of \(A\) is at most \(t_A = n(t_E + t_{oracle}) \cdot t \) as required. The statement of the theorem is achieved by adding the probability \(\delta \) that the malware is incorrect.

1.2 A.2 Proof of Theorem 3

Proof

(of Theorem 3). Let \(A \) be a black box algorithm that only provide inputs to the current decision algorithm. Since the entire decision procedure is revealed once a “true” input is found there is no reason to query a previous decision algorithm. Consider some decision algorithm \(i^*\) that minimizes the probability in Definition 3. We bound the probability that \(A \) can make \(\mathcal {D} _{i^*}\) output 1 as this bounds the probability of all algorithms outputting 1 (it may be that only a single decision algorithm outputs 0 on some inputs). The only information about values \(E \) that cause \(\mathcal {D} _i\) to output 1 are contained in the query responses. Since the adversary wins if they get a single 1 response we can assume that A makes t deterministic queries and if none of those responses is 1 their guess will also be a deterministic value. Denote by \(g_1,..., g_{t+1}\) these values. Then we bound:

$$\begin{aligned}&\sum _{j=1}^{t+1}\mathop {\Pr }\limits _{D_i, S_i \leftarrow M}[D_{i^*}(g_j)=1]\le \Pr [D_{i^*}(g_1) =1] + \Pr [D_{i^*}(g_2) = 1 | g_1 = 0] + ....\\&+ \Pr [D_{i^*}(g_{t+1}) = 1 | D_{i^*}(g_1)=0\wedge ...\wedge D_{i^*}(g_t) = 0]\\&\le 2^{-\gamma } + \frac{\Pr [D_{i^*}(g_2) = 1\wedge D_{i^*}(g_1) = 0]]}{\Pr [ D_{i^*}(g_1) = 0]} + ....\\&+ \frac{\Pr [D_{i^*}(g_{t+1}) = 1 \wedge D_{i^*}(g_1)=0\wedge ...\wedge D_{i^*}(g_t) = 0]}{\Pr [D_{i^*}(g_1)=0\wedge ...\wedge D_{i^*}(g_t) = 0]}\\&\le 2^{-\gamma } + \frac{\Pr [D_{i^*}(g_2) = 1]}{\Pr [ D_{i^*}(g_1) = 0]} + ....+ \frac{\Pr [D_{i^*}(g_{t+1}) = 1]}{\Pr [D_{i^*}(g_1)=0\wedge ...\wedge D_{i^*}(g_t) = 0]}\\&\le 2^{-\gamma } + \frac{\Pr [D_{i^*}(g_2) = 1]}{1-2^{-\gamma }} + ....+ \frac{\Pr [D_{i^*}(g_{t+1}) = 1]}{1-t2^{-\gamma }}\\&\le (t+1)\frac{2^{-\gamma }}{1-t2^{-\gamma }} \end{aligned}$$

1.3 A.3 Proof of Theorem 4

Proof

(of Theorem 4). The adversary \(A\) does not know where in \(E\) that the malware \(M\) exists, \(A\) runs the risk of overwriting the sensors positions \(S_i\). As stated above, we assume that \(M\) is operable after \(A \) has been loaded. The total size of \(M\) ’s reads from \(E\) are of size at most \(n \cdot \alpha \). We define a single \(A \) that works for all \(M \). Let \(A \) overwrite a random set of \(\nu \) locations. However, rather than considering this \(A \) we instead consider some \(A '\) that overwrites each element of \(E _M \) with probability \(2\nu /\ell \). Note that,

$$ \Pr [||A '|< \nu ] =\Pr \left[ |A '| <(1-\frac{1}{2})\mathbb {E}|A '|\right] = e^{-1/8 \mathbb {E}|A '|} = e^{-1/4 \nu } = e^{-1/4 \ell ^{1-c}} $$

using the multiplicative version of the Chernoff bound. Assume that \(A '\) simply outputs \(\perp \) in this setting. Thus, all of \(A '\) success occurs when it overwrites at least \(\nu \) positions and the job of \(A '\) to provide inputs to \(\mathcal {D} _i\) is at least as difficult as \(A \). For the reminder of the proof we consider \(A '\).

We now bound the size of the intersection between the locations read by \(M\) and the locations overwritten by \(\mathtt {Load} (A ', E _{M})\). Denote by \(E _{bad}\) the locations overwritten by \(\mathtt {Load} (A ', E _{M})\) conditioned on the event that \(A '\) overwrites at least \(\nu \) locations.

To bound the success probability of \(A '\), we care about the size of the intersection between the locations read by \(M\) and overwritten by \(E _{bad}\). Since \(E _{bad}\) represents \(\nu \) random locations the intersection between \((\cup _i S_i) \cap E _{bad}\) is distributed as a Binomial distribution, which we denote as X, with parameters \(B(n \alpha ,2\nu /\ell )\). Then one has that,

$$ \mathbb {E}[X] = \frac{2\nu n \alpha }{\ell } = \frac{2\ell ^c \ell ^{1-c}}{\ell } = 2. $$

Let \(c' >0\) be a constant. By a second application of the Chernoff bound one has that:

$$ \Pr [X > 2+c'] = e^{-2/3c'^2}. $$

For an intersection of size \(\kappa \) the correct \(E _M \) can be found using \(2^\kappa \) oracle queries. Note that this is an upper bound, in the setting where a decision algorithm takes a smaller number of corrupted bits, these bits can be recovered in parts. Here we assume that all corrupted bits are necessary for a single decision algorithm. The statement of the theorem follows by using an \(A '\) that exhaustively searches over corrupted bits when the size of the corrupted bits is at most \(c' +2 \) and aborts otherwise.

1.4 A.4 Proof of Theorem 5

Proof

(of Theorem 5). Consider some \(A \) with artifact size at least \(\mu \). Let \(A \) be a black box algorithm that only provide inputs to the current decision algorithm. Since the entire decision procedure is revealed once a “true” input is found there is no reason to query a previous decision algorithm. Denote by \(E_{sub}\) the subset of size at least \(\mu \) that is overwritten by \(\mathtt {Load} (A, E _M)\), Then by Definition 9. There exists some \(i^*\) such that

$$\begin{aligned}\begin{gathered} \left( \max _{E ' \in \mathcal {E}} \left( \mathop {\Pr }\limits _{E \leftarrow \mathcal {E} \wedge \mathcal {D} _i, S_i \leftarrow M(E)}[\mathcal {D} _i(E'_{S_{i^*}}) = 1 | \mathcal {D} _{1},..., \mathcal {D} _{i^*-1}, S_1,..., S_{i^*-1}, E{\setminus } E_{sub}]\right) \right) \\= \mathtt {negl} (\lambda ). \end{gathered}\end{aligned}$$

We bound the probability that \(A \) can make \(\mathcal {D} _{i^*}\) output 1 as this bounds the probability of all algorithms outputting 1 (it may be that only a single decision algorithm outputs 0 some fraction of the time). The only information about values \(E \) that cause \(\mathcal {D} _{i^*}\) to output 1 are contained in the query responses. Since the adversary wins if they get a single 1 response we can assume that A makes \(t = \mathtt {poly} (\lambda )\) deterministic queries and if none of those responses is 1 their guess will also be a deterministic value. Denote by \(g_1,..., g_{t+1}\) these values. Then we bound:

$$\begin{aligned}&\sum _{j=1}^{t+1}\mathop {\Pr }\limits _{D_i, S_i \leftarrow M}[D_{i^*}(g_j)=1]\le \Pr [D_{i^*}(g_1) =1] + \Pr [D_{i^*}(g_2) = 1 | g_1 = 0] + ....\\ {}&+ \Pr [D_{i^*}(g_{t+1}) = 1 | D_{i^*}(g_1)=0\wedge ...\wedge D_{i^*}(g_t) = 0]\\&\le \mathtt {negl} (\lambda ) + \frac{\Pr [D_{i^*}(g_2) = 1\wedge D_{i^*}(g_1) = 0]]}{\Pr [ D_{i^*}(g_1) = 0]} + ....\\ {}&+ \frac{\Pr [D_{i^*}(g_{t+1}) = 1 \wedge D_{i^*}(g_1)=0\wedge ...\wedge D_{i^*}(g_t) = 0]}{\Pr [D_{i^*}(g_1)=0\wedge ...\wedge D_{i^*}(g_t) = 0]}\\&\le \mathtt {negl} (\lambda ) + \frac{\Pr [D_{i^*}(g_2) = 1]}{\Pr [ D_{i^*}(g_1) = 0]} + ....+ \frac{\Pr [D_{i^*}(g_{t+1}) = 1]}{\Pr [D_{i^*}(g_1)=0\wedge ...\wedge D_{i^*}(g_t) = 0]}\\&\le \mathtt {negl} (\lambda ) + \frac{\Pr [D_{i^*}(g_2) = 1]}{1-\mathtt {negl} (\lambda )} + ....+ \frac{\Pr [D_{i^*}(g_{t+1}) = 1]}{1-t\mathtt {negl} (\lambda )}\\&\le (t+1)\frac{\mathtt {negl} (\lambda )}{1-t\mathtt {negl} (\lambda )} = \mathtt {negl} (\lambda ) \end{aligned}$$