Skip to main content
SpringerLink
Log in

Capturing the Essence of Practical Obfuscation

  • Conference paper
Information Systems, Technology and Management (ICISTM 2012)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 285))

Abstract

In the realm of protecting programs from illegitimate use, obfuscation offers a modicum of defense against malicious reverse engineering and tampering. As a field of study, obfuscation would benefit from a unifying framework that has solid theoretical foundation yet provides value in empirical study and implementation. The essence of obfuscation (in practice) is best described as a measurable loss of abstraction. We argue that mathematical frameworks such as abstract interpretation and Boolean algebras may provide an ideal marriage of theory and practice, providing focused direction for future research.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (im)possibility of obfuscating programs. Electronic Colloquium on Computational Complexity 8 (2001)

    Google Scholar 

  2. Goldwasser, S., Kalai, Y.T.: On the impossibility of obfuscation with auxiliary input. In: Proc. of the 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS 2005), Washington, DC, USA, pp. 553–562. IEEE Computer Society (2005)

    Google Scholar 

  3. Goldwasser, S., Rothblum, G.N.: On Best-Possible Obfuscation. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 194–213. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  4. Yasinsac, A., McDonald, J.T.: Tamper resistant software through intent protection. Intl. Journal Network Security 7, 370–382 (2008)

    Google Scholar 

  5. Lynn, B.Y.S., Prabhakaran, M., Sahai, A.: Positive Results and Techniques for Obfuscation. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 20–39. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Wee, H.: On obfuscating point functions. In: Proc.of the 37th Annual ACM Symposium on Theory of Computing (STOC 2005), pp. 523–532. ACM, New York (2005)

    Chapter  Google Scholar 

  7. Hohenberger, S., Rothblum, G.N., Shelat, A., Vaikuntanathan, V.: Securely Obfuscating Re-encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 233–252. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  8. Chandran, N., Chase, M., Vaikuntanathan, V.: Collusion resistant obfuscation and functional re-encryption. IACR Cryptology ePrint Archive 2011, 337 (2011)

    Google Scholar 

  9. Hofheinz, D., Malone-Lee, J., Stam, M.: Obfuscation for cryptographic purposes. Journal of Cryptology 23, 121–168 (2010), doi:10.1007/s00145-009-9046-1

    Article  MathSciNet  MATH  Google Scholar 

  10. Hada, S., Sakurai, K.: A Note on the (Im)possibility of Using Obfuscators to Transform Private-Key Encryption into Public-Key Encryption. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 1–12. Springer, Heidelberg (2007), doi:10.1007/978-3-540-75651-4

    Chapter  Google Scholar 

  11. Narayanan, S., Raghunathan, A., Venkatesan, R.: Obfuscating straight line arithmetic programs. In: Proceedings of the Nineth ACM Workshop on Digital Rights Management. DRM 2009, pp. 47–58. ACM, New York (2009)

    Chapter  Google Scholar 

  12. Goldwasser, S., Kalai, Y.T., Rothblum, G.N.: One-Time Programs. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 39–56. Springer, Heidelberg (2008)

    Google Scholar 

  13. Beaucamps, P., Filiol, E.: On the possibility of practically obfuscating programs towards a unified perspective of code protection. Journal in Computer Virology 3, 3–21 (2007)

    Article  Google Scholar 

  14. Walenstein, A., Mathur, R., Chouchane, M.R., Lakhotia, A.: Normalizing metamorphic malware using term rewriting. In: SCAM 2006: Proceedings of the Sixth IEEE, pp. 75–84. IEEE Computer Society, Washington, DC (2006)

    Google Scholar 

  15. Dalla Preda, M., Giacobazzi, R., Debray, S., Coogan, K., Townsend, G.M.: Modelling Metamorphism by Abstract Interpretation. In: Cousot, R., Martel, M. (eds.) SAS 2010. LNCS, vol. 6337, pp. 218–235. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  16. Dalla Preda, M., Giacobazzi, R.: Semantic-Based Code Obfuscation by Abstract Interpretation. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 1325–1336. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  17. Majumdar, A., Thomborson, C.: Manufacturing opaque predicates in distributed systems for code obfuscation. In: ACSC 2006: Proceedings of the 29th Australasian Computer Science Conference, pp. 187–196. Australian Computer Society, Inc., Darlinghurst (2006)

    Google Scholar 

  18. Collberg, C., Thomborson, C.: Watermarking, tamper-proofing, and obfuscation - tools for software protection. IEEE Transactions on Software Engineering 28, 735–746 (2002)

    Article  Google Scholar 

  19. Madou, M., Anckaert, B., Moseley, P., Debray, S., De Sutter, B., De Bosschere, K.: Software Protection Through Dynamic Code Mutation. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 194–206. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  20. Chikofsky, E., Cross I, J.H.: Reverse engineering and design recovery: a taxonomy. IEEE Software 7, 13–17 (1990)

    Google Scholar 

  21. Lakhotia, A., Kumar, E.U., Venable, M.: A method for detecting obfuscated calls in malicious binaries. IEEE Transactions on Software Engineering 31, 955–968 (2005)

    Article  Google Scholar 

  22. Christodorescu, M., Jha, S., Seshia, S.A., Song, D., Bryant, R.E.: Semantics-aware malware detection. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 32–46. IEEE Computer Society, Washington, DC (2005)

    Google Scholar 

  23. Kim, Y.C., McDonald, J.T.: Considering software proteciton for embedded systems. Crosstalk: The Journal of Defense Software Engineering 22, 4–8 (2009)

    Google Scholar 

  24. Chandran, N., Goyal, V., Sahai, A.: New Constructions for UC Secure Computation Using Tamper-Proof Hardware. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 545–562. Springer, Heidelberg (2008), doi:10.1007/978-3-540-78967-3

    Chapter  Google Scholar 

  25. Ding, N., Gu, D.: A General and Efficient Obfuscation for Programs with Tamper-Proof Hardware. In: Bao, F., Weng, J. (eds.) ISPEC 2011. LNCS, vol. 6672, pp. 401–416. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  26. Bitansky, N., Canetti, R., Goldwasser, S., Halevi, S., Kalai, Y.T., Rothblum, G.N.: Program obfuscation with leaky hardware. Cryptology ePrint Archive, Report 2011/660 (2011), http://eprint.iacr.org/

  27. Castillo, E., Meyer-Baese, U., García, A., Parrilla, L., Lloris, A.: Ipp@hdl: Efficient intellectual property protection scheme for ip cores. IEEE Trans. Very Large Scale Integr. Syst. 15, 578–591 (2007)

    Article  Google Scholar 

  28. Charbon, E., Torunoglu, I.: Watermarking Techniques for Electronic Circuit Design. In: Petitcolas, F.A.P., Kim, H.-J. (eds.) IWDW 2002. LNCS, vol. 2613, pp. 147–169. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  29. Chakraborty, R.S., Bhunia, S.: Hardware protection and authentication through netlist level obfuscation. In: Proc. of the IEEE/ACM Int”l Conference on Computer-Aided Design, ICCAD 2008, pp. 674–677. IEEE Press, Piscataway (2008)

    Google Scholar 

  30. McDonald, J.T., Trias, E.D., Kim, Y.C., Grimaila, M.R.: Using logic-based reduction for adversarial component recovery. In: Proc. of the 25th ACM Symposium on Applied Computing, SAC (2010)

    Google Scholar 

  31. Sander, T., Tschudin, C.: On Software Protection via Function Hiding. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 111–123. Springer, Heidelberg (1998), doi:10.1007/3-540-49380-8

    Chapter  Google Scholar 

  32. McDonald, J.T., Kim, Y.C., Yasinsac, A.: Software issues in digital forensics. ACM Operating Systems Review 42 (2008)

    Google Scholar 

  33. Anckaert, B., Sutter, B.D., Bosschere, K.D.: Software piracy prevention through diversity. In: DRM 2004: Proceedings of the 4th ACM Workshop on Digital Rights Management, pp. 63–71. ACM, New York (2004)

    Chapter  Google Scholar 

  34. Cousot, P.: Constructive design of a hierarchy of semantics of a transition system by abstract interpretation. Theor. Comput. Sci. 277, 47–103 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  35. Dalla Preda, M., Giacobazzi, R., Visentini, E.: Hiding Software Watermarks in Loop Structures. In: Alpuente, M., Vidal, G. (eds.) SAS 2008. LNCS, vol. 5079, pp. 174–188. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  36. Dalla Preda, M., Madou, M., De Bosschere, K., Giacobazzi, R.: Opaque Predicates Detection by Abstract Interpretation. In: Johnson, M., Vene, V. (eds.) AMAST 2006. LNCS, vol. 4019, pp. 81–95. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  37. Dalla Preda, M., Christodorescu, M., Jha, S., Debray, S.: A semantics-based approach to malware detection. SIGPLAN Not. 42, 377–388 (2007)

    Article  Google Scholar 

  38. McDonald, J.T., Kim, Y.C., Grimaila, M.R.: Protecting reprogrammable hardware with polymorphic circuit variation. In: Proc. of the 2nd Cyberspace Research Workshop 2009 (2009)

    Google Scholar 

  39. Cohen, F.B.: Operating system protection through program evolution. Comput. Secur. 12, 565–584 (1993)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer and Information Sciences, University of South Alabama, Mobile, AL, USA

    J. Todd McDonald

Authors
  1. J. Todd McDonald
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science, College of Engineering and Science, Louisiana Tech University, 71272, Ruston, LA, USA

    Sumeet Dua

  2. Department of Information Systems, College of Engineering and Information, Technology, UMBC, 1000 Hilltop Circle, 2125, Baltimore, MD, USA

    Aryya Gangopadhyay

  3. Department of Computer Science, The University of Manitoba, Winnipeg, MB, Canada

    Parimala Thulasiraman

  4. ISTI - CNR, Pisa, Italy

    Umberto Straccia

  5. Faculty of Computer Science, Dalhousie University Halifax, B3H 1W5, Nova Scotia, Canada

    Michael Shepherd

  6. Faculty of Media: Media Systems, Bauhaus University Weimar, 99421, Weimar, Germany

    Benno Stein

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

McDonald, J.T. (2012). Capturing the Essence of Practical Obfuscation. In: Dua, S., Gangopadhyay, A., Thulasiraman, P., Straccia, U., Shepherd, M., Stein, B. (eds) Information Systems, Technology and Management. ICISTM 2012. Communications in Computer and Information Science, vol 285. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29166-1_44

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29166-1_44

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29165-4

  • Online ISBN: 978-3-642-29166-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation