research-article

N-version Obfuscation

Authors:
Hui Xu

The Chinese University of Hong Kong, Hong Kong, Hong Kong

The Chinese University of Hong Kong, Hong Kong, Hong Kong
View Profile

,
Yangfan Zhou

Fudan University, Shanghai, China

Fudan University, Shanghai, China
View Profile

,
Michael Lyu

The Chinese University of Hong Kong, Hong Kong, Hong Kong

The Chinese University of Hong Kong, Hong Kong, Hong Kong
View Profile

CPSS '16: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System SecurityMay 2016Pages 22–33https://doi.org/10.1145/2899015.2899026

Published:30 May 2016Publication History

CPSS '16: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security

Pages 22–33

ABSTRACT

Although existing for decades, software tampering attack is still a main threat to systems, such as Android, and cyber physical systems. Many approaches have been proposed to thwart specific procedures of tampering, e.g., obfuscation and self-checksumming. However, none of them can achieve theoretically tamper-proof without the protection of hardware circuit. Rather than proposing new tricks against tampering attacks, we focus on impeding the replication of software tampering via program diversification, and thus pose a scalability barrier against the attacks. Our idea, namely N-version obfuscation (NVO), is to automatically generate and deliver same featured, but functionally nonequivalent software copies to different machines or users.

In this paper, we investigate such an idea on Android platform. We carefully design a candidate NVO solution for networked apps, which leverages a Message Authentication Code (MAC) mechanism to generate the functionally nonequivalent diversities. Our evaluation result shows that the time required for breaking such a software system increases linearly with respect to the number of software versions. In this way, attackers would suffer great scalability issues, considering that an app can have millions of users. With minimal NVO costs, effective tamper-resistant security can therefore be established.

References

Android Auto. https://www.android.com/auto/.Google Scholar
DexGuard. https://www.guardsquare.com/dexguard.Google Scholar
FIPS Pub 180-4: Secure Hash Standard (SHS). http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf.Google Scholar
IDA. https://www.hex-rays.com/products/ida/.Google Scholar
ProGuard. http://developer.android.com/tools/help/proguard.html.Google Scholar
A. Appel. Deobfuscation is in np. Princeton University, Aug, 21:2, 2002.Google Scholar
B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan, and K. Yang. On the (im) possibility of obfuscating programs. In CRYPTO, pages 1--18. Springer, 2001. Google ScholarDigital Library
H. Chang and M. J. Atallah. Protecting software code by guards. In Security and Privacy in Digital Rights Management, pages 160--175. Springer, 2002. Google ScholarDigital Library
L. Chen and A. Avizienis. N-version programming: a fault-tolerance approach to reliability of software operation. In Proc. the 8th IEEE International Symposium on Fault-Tolerant Computing, pages 3--9, 1978.Google Scholar
Y. Chen, R. Venkatesan, et al. Oblivious hashing: A stealthy software integrity verification primitive. In Information Hiding, pages 400--414. Springer, 2003. Google ScholarDigital Library
S. Chow, P. Eisen, H. Johnson, and P. C. V. Oorschot. White-box cryptography and an aes implementation. In Selected Areas in Cryptography, pages 250--270. Springer, 2003. Google ScholarCross Ref
F. B. Cohen. Operating system protection through program evolution. Computers & Security, 12(6):565--584, 1993. Google ScholarDigital Library
C. Collberg, C. Thomborson, and D. Low. A taxonomy of obfuscating transformations. Technical report, Department of Computer Science, The University of Auckland, 1997.Google Scholar
C. S. Collberg and C. Thomborson. Watermarking, tamper-proofing, and obfuscation-tools for software protection. IEEE Trans. on Software Engineering, 28(8):735--746, 2002. Google ScholarDigital Library
S. Crane, C. Liebchen, et al. Readactor: Practical code randomization resilient to memory disclosure. In Proc. of the 36th IEEE Symposium on Security and Privacy, volume 15, 2015. Google ScholarDigital Library
D. Dunaev and L. Lengyel. Complexity of a special deobfuscation problem. In Proc. of the 19th IEEE International Conference and Workshops on Engineering of Computer Based Systems, pages 1--4, 2012. Google ScholarDigital Library
E. Eilam. Reversing: secrets of reverse engineering. John Wiley & Sons, 2011.Google Scholar
P. Faruki, V. Laxmi, V. Ganmoor, M. S. Gaur, and A. Bharmal. Droidolytics: robust feature signature for repackaged android apps on official and third party android markets. In Proc. of the 2nd IEEE International Conference on Advanced Computing, Networking and Security, pages 247--252, 2013. Google ScholarDigital Library
S. Forrest, A. Somayaji, and D. H. Ackley. Building diverse computer systems. In Proc. of the 6th IEEE Workshop on Hot Topics in Operating Systems, pages 67--72, 1997. Google ScholarDigital Library
M. N. Gagnon, S. Taylor, and A. K. Ghosh. Software protection through anti-debugging. 2007.Google Scholar
B. Horne, L. Matheson, C. Sheehan, and R. E. Tarjan. Dynamic self-checking techniques for improved tamper resistance. In Security and Privacy in Digital Rights Management, pages 141--159. Springer, 2002. Google ScholarDigital Library
P. Junod, J. Rinaldini, J. Wehrli, and J. Michielin. Obfuscator-llvm-software protection for the masses. 2015.Google Scholar
C. Kil, J. Jim, C. Bookholt, J. Xu, and P. Ning. Address space layout permutation (aslp): Towards fine-grained randomization of commodity software. In Proc. of the 22nd IEEE Annual Computer Security Applications Conference, pages 339--348, 2006. Google ScholarDigital Library
W. Landi and B. G. Ryder. Pointer-induced aliasing: A problem classification. In Proc. of the 18th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 93--103, 1991. Google ScholarDigital Library
P. Larsen, S. Brunthaler, and M. Franz. Automatic software diversity. 2015.Google Scholar
L. Lei, Y. Wang, J. Zhou, D. Zha, and Z. Zhang. A threat to mobile cyber-physical systems: Sensor-based privacy theft attacks on android smartphones. In Proc. of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pages 126--133, 2013. Google ScholarDigital Library
C. Linn and S. Debray. Obfuscation of executable code to improve resistance to static disassembly. In Proc. of the 10th ACM Conference on Computer and Communications Security, pages 290--299, 2003. Google ScholarDigital Library
M. R. Lyu et al. Handbook of software reliability engineering. IEEE Computer Society Press, 1996. Google ScholarDigital Library
M. R. Lyu and Y.-T. He. Improving the n-version programming process through the evolution of a design paradigm. IEEE Transactions on Reliability, 42(2):179--189, 1993.Google ScholarCross Ref
J. Ming, D. Xu, L. Wang, and D. Wu. Loop: Logic-oriented opaque predicate detection in obfuscated binary code. In Proc. of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 757--768, 2015. Google ScholarDigital Library
A. Moser, C. Kruegel, and E. Kirda. Limits of static analysis for malware detection. In Proc. of the 23rd IEEE Annual Computer Security Applications Conference, pages 421--430, 2007.Google ScholarCross Ref
T. Ogiso, Y. Sakabe, M. Soshi, and A. Miyaji. Software obfuscation on a theoretical basis and its implementation. IEICE Trans. on Fundamentals of Electronics, Communications and Computer Sciences, 86(1):176--186, 2003.Google Scholar
P. O'Kane, S. Sezer, and K. McLaughlin. Obfuscation: The hidden malware. 2011.Google Scholar
V. Pappas, M. Polychronakis, and A. D. Keromytis. Smashing the gadgets: Hindering return-oriented programming using in-place code randomization. In Proc. of the 33rd IEEE Symposium on Security and Privacy, 2012. Google ScholarDigital Library
J. Qiu, B. Yadegari, B. Johannesmeyer, S. Debray, and X. Su. Identifying and understanding self-checksumming defenses in software. 2015.Google Scholar
J. Qiu, B. Yadegari, B. Johannesmeyer, et al. A framework for understanding dynamic anti-analysis defenses. In Proc. of the 4th ACM Program Protection and Reverse Engineering Workshop, 2014. Google ScholarDigital Library
C. Ren, K. Chen, and P. Liu. Droidmarking: Resilient software watermarking for impeding android application repackaging. In Proc. of the 29th ACM/IEEE International Conference on Automated Software Engineering, pages 635--646, 2014. Google ScholarDigital Library
T. Sander and C. F. Tschudin. Protecting mobile agents against malicious hosts. In Mobile Agents and Security, pages 44--60. Springer, 1998. Google ScholarDigital Library
Y. Shao, X. Luo, C. Qian, P. Zhu, and L. Zhang. Towards a scalable resource-driven approach fordetecting repackaged android applications. In Proc. of the 30th ACM Annual Computer Security Applications Conference, pages 56--65, 2014. Google ScholarDigital Library
M. I. Sharif, A. Lanzi, J. T. Giffin, and W. Lee. Impeding malware analysis using conditional code obfuscation. In Proc. of the 15th Annual Network & Distributed System Security Conference (NDSS), 2008.Google Scholar
T. Shields. Anti-debugging: a developers view, 2010.Google Scholar
J. Shu, J. Li, Y. Zhang, and D. Gu. Android app protection via interpretation obfuscation. In Proc. of the 12th IEEE International Conference on Dependable, Autonomic and Secure Computing, 2014. Google ScholarDigital Library
M. Sun, M. Li, and J. Lui. Droideagle: seamless detection of visually similar android apps. In Proc. of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, page 9, 2015. Google ScholarDigital Library
H. Wang, Y. Guo, Z. Ma, and X. Chen. Wukong: a scalable and accurate two-phase approach to androidapp clone detection. In Proc. of the ACM International Symposium on Software Testing and Analysis, pages 71--82, 2015. Google ScholarDigital Library
Z. Wang, J. Ming, C. Jia, and D. Gao. Linear obfuscation to combat symbolic execution. In Proc. of the 16th European Symposium on Research in Computer Security (ESORICS). Springer, 2011. Google ScholarDigital Library
G. Wurster, P. V. Oorschot, and A. Somayaji. A generic attack on checksumming-based software tamper resistance. In Proc. of the 26th IEEE Symposium on Security and Privacy, 2005. Google ScholarDigital Library
H. Xu, Y. Zhou, C. Gao, Y. Kang, and M. R. Lyu. Spyaware: Investigating the privacy leakage signatures in app execution traces. In Proc. of the 26th IEEE International Symposium on Software Reliability Engineering (ISSRE), 2015. Google ScholarDigital Library
B. Yadegari and S. Debray. Symbolic execution of obfuscated code. In Proc. of the 22nd ACM SIGSAC Conference on Computer and Communications Security, volume 15, pages 732--744, 2015. Google ScholarDigital Library
B. Yadegari, B. Johannesmeyer, et al. A generic approach to automatic deobfuscation of executable code. Technical report, 2015.Google Scholar
F. Zhang, D. Wu, P. Liu, and S. Zhu. Program logic based software plagiarism detection. In Proc. of the 25th IEEE International Symposium on Software Reliability Engineering (ISSRE), 2014. Google ScholarDigital Library
W. Zhou, Z. Wang, Y. Zhou, and X. Jiang. Divilar: Diversifying intermediate language for anti-repackaging on android platform. In Proc. of the 4th ACM Conference on Data and Application Security and Privacy, pages 199--210, 2014. Google ScholarDigital Library
W. Zhou, X. Zhang, and X. Jiang. Appink: watermarking android apps for repackaging deterrence. In Proc. of the 8th ACM Symposium on Information, Computer and Communications Security, pages 1--12, 2013. Google ScholarDigital Library
W. Zhou, Y. Zhou, X. Jiang, and P. Ning. Detecting repackaged smartphone applications in third-party android marketplaces. In Proc. of the 2nd ACM Conference on Data and Application Security and Privacy, pages 317--326, 2012. Google ScholarDigital Library
Y. Zhou and X. Jiang. Dissecting android malware: Characterization and evolution. In Proc. of the 33th IEEE Symposium on Security and Privacy, 2012. Google ScholarDigital Library

Index Terms

N-version Obfuscation
1. Security and privacy
  1. Formal methods and theory of security
    1. Security requirements

Recommendations

A Novel Software Protection Approach for Code Obfuscation to Enhance Software Security

Over the past few decades ago, software developers analyzed robustly several forms of software protection against illegal copying or piracy. With the expansion in digital technology, the risk of illegal copying of software also amplifies. The increasing ...
Read More
Hybrid static-dynamic attacks against software protection mechanisms
DRM '05: Proceedings of the 5th ACM workshop on Digital rights management

Advances in reverse engineering and program analyses have made software extremely vulnerable to malicious host attacks. These attacks typically take the form of intellectual property violations, against which the software needs to be protected. The ...
Read More
Teaching Cyber Security Using Competitive Software Obfuscation and Reverse Engineering Activities
SIGCSE '18: Proceedings of the 49th ACM Technical Symposium on Computer Science Education

Teaching cyber security techniques can be challenging due to the complexity associated with building secure systems. The major issue is these systems could easily be broken if proper protection techniques are not employed. This requires students to ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CPSS '16: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security
May 2016
102 pages
ISBN:9781450342889
DOI:10.1145/2899015
Program Chairs:
Jianying Zhou
I2R, Singapore
,
Javier Lopez
University of Malaga, Spain
Copyright © 2016 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 30 May 2016
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
obfuscation
reverse engineering
software security
tamper-resistance
Qualifiers
- research-article
Conference

Acceptance Rates
CPSS '16 Paper Acceptance Rate8of28submissions,29%Overall Acceptance Rate33of113submissions,29%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 4
  Total Citations
  View Citations
- 258
  Total Downloads
- Downloads (Last 12 months)6
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

N-version Obfuscation

CPSS '16: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security

ABSTRACT

References

Cited By

Index Terms

Recommendations

A Novel Software Protection Approach for Code Obfuscation to Enhance Software Security

Hybrid static-dynamic attacks against software protection mechanisms

Teaching Cyber Security Using Competitive Software Obfuscation and Reverse Engineering Activities