- Sponsor:
- sigsac
It is our great pleasure to welcome you to the 3rd International Workshop on Software PROtection - SPRO-2019. For the third year, this one-day workshop hopes to bring researchers and practitioners from academia and from industry together in Europe to focus on all matters relevant to the protection of software against man-at-the-end attacks.
For this third edition, we received eight papers from Europe and the United States, of which six were selected for presentation and publication. The papers cover the research areas of reverse engineering protected code, de-obfuscation with machine learning, malware mutation, virtualization obfuscation, code guards, and runtime verification. We are sure the six presentations, spread over two research paper sessions, will help you in acquiring new insights and will spark interesting discussions.
We also encourage attendees to attend the two keynote presentations: one keynote from industry titled "Modern Static Analysis of Obfuscated Code" by Rusty Wagner (BinaryNinja - Vector35), and another keynote from academia titled "Cheat Protection in Online Games" by Stijn Volckaert (KU Leuven). Furthermore, we look forward to the tutorial on the Ghidra open source reverse engineering tool that will be presented by Roman Rohleder (Thales Group).
This valuable and insightful talk, discussion, and hands-on demonstration will guide us to a better understanding of the current state-of-the-art and of the challenges our community should focus and collaborate on in the near future.
Proceeding Downloads
Modern Static Analysis of Obfuscated Code
Static analysis tools have improved significantly in recent years with advances in intermediate representations, symbolic execution, constraint solving, control flow recovery, and static data flow analysis. Scripting of static analysis has improved at ...
Defeating Opaque Predicates Statically through Machine Learning and Binary Analysis
We present a new approach that bridges binary analysis techniques with machine learning classification for the purpose of providing a static and generic evaluation technique for opaque predicates, regardless of their constructions. We use this technique ...
MetaHunt: Towards Taming Malware Mutation via Studying the Evolution of Metamorphic Virus
As the underground industry of malware prospers, malware developers consistently attempt to camouflage malicious code and undermine malware detection with various obfuscation schemes. Among them, metamorphism is known to have the potential to defeat the ...
SATURN - Software Deobfuscation Framework Based On LLVM
The strength of obfuscated software has increased over the recent years. Compiler based obfuscation has become the de facto standard in the industry and recent papers also show that injection of obfuscation techniques is done at the compiler level. In ...
Cheat Protection in Online Games
Competitive online video gaming (or eSports for short) is a booming industry. Current estimates predict global revenues of well over 1 billion dollars by the end of this year, Twitch.tv the largest eSports streaming network is now one of the biggest ...
Epona and the Obfuscation Paradox: Transparent for Users and Developers, a Pain for Reversers
Code obfuscation aims at protecting the intellectual property of applications delivered in an unmanaged environment. The process usually involves selecting and successively applying various transformation techniques, for instance at compile time, with ...
VirtSC: Combining Virtualization Obfuscation with Self-Checksumming
Self-checksumming (SC) is a tamper-proofing technique that ensures certain program segments (code) in memory hash to known values at runtime. SC has few restrictions on application and hence can protect a vast majority of programs. The code verification ...
Detecting Fault Injection Attacks with Runtime Verification
Fault injections are increasingly used to attack/test secure applications. In this paper, we define formal models of runtime monitors that can detect fault injections that result in test inversion attacks and arbitrary jumps in the control flow. Runtime ...
Hands-On Ghidra - A Tutorial about the Software Reverse Engineering Framework
In this tutorial, the Ghidra software reverse engineering framework will be presented, its characteristics highlighted and its features to the hitherto industry standard in reverse engineering tools, IDA Pro - the interactive disassembler, compared ...
Recommendations
Acceptance Rates
Year | Submitted | Accepted | Rate |
---|---|---|---|
SPRO '16 | 14 | 8 | 57% |
Overall | 14 | 8 | 57% |